Managing the risks of an IT department

Training for Information Security Officers

Core processes of a comprehensive risk management system

See also:
Modelling IT-Grundschutz
Overview of all awareness and IT training courses.

Beschreibung

Learning objectives

After the training, you will be able to implement a risk management system for the IT department. You will be able to define the responsibilities, tasks, roles and competences and you will know how to systematically identify, survey, assess and appropriately deal with threats and risks arising from the organisation, processes and technology. The practical examples and exercises are based on ISO27005, but can also be based on other models if desired.
You will be able to prepare risk catalogues and risk treatment plans and develop and communicate risk strategies to decision-makers, taking into account the costs and risk appetite of the organisation. Practical tips and methodologies for monitoring the effectiveness of risk management round off the training.

Intended audiences

General information

Training details

Training content (customisable).

Control systems and basic terms

Building up risk management

Operate risk management system