top of page

ISO 27005 Risk Management - Information Security Management

3 Days

Class - at yours or ours 


ISO 27005 Certified ISMS Risk Management Course (CIS RM). 

This advanced-level training course develops your competence in the key areas of information risk management; covering risk assessment, analysis, treatment and review. 

Learn how to implement an information risk management programme based on ISO 27005 that conforms to ISO 27001.  The course includes:

  • The importance of information security risk management in ISO 27001 and its role within an organisation. 

  • A full overview of the ISO 27005 information risk management standard and an understanding of key risk management terminology. 

  • How ISO 27005 is related to the ISO 31000:2009 risk management standard. 

  • The key information security risk assessment processes include context establishment, risk assessment, risk treatment and monitoring/review. 

  • How to assess, analyse and treat identified information security risks in accordance with ISO 27005 guidance.

  • How to communicate, monitor and review risk management activities.  

  • How to use risk management to achieve certification and maintain compliance with the ISO 27001 information security management standard. 

Plus, you’ll have the option to sit the Certified ISO 27005 Risk Management (CIS RM) exam at the end of your course. The exam is covered by your Certification Guarantee.

This course is aimed at those who seek a better understanding of information security risk management, who have attended the CISMP,  or Certified ISO 27001 ISMS Lead Implementer courses and who want to develop their practical risk management skills.

This course is also beneficial for the following:

  • Members of an information security team or subject matter experts.

  • Anyone involved in Information Security Management or operations related to an ISMS.

  • Those who want to learn about the risk management processes of Information Security Management.


This Risk Management course is designed and delivered by experts who have undertaken risk management processes including risk assessment and treatment!


ISO 27005 supports the general concepts specified in ISO 27001 and is designed to assist the satisfactory implementation of information security based on a risk management approach


This course supports the requirements stated in ISO 27001 Clause 6.1 and Clause 8.

Gain a globally recognised and accepted qualification.

Six reasons why you should sit your course with ISO Security Training Academy

  1. Two options for training. We come to you, or you come to us.  

  2. You'll be certified fast. With us, you’ll be trained in record time.

  3. Our course is all-inclusive. A one-off fee covers all course materials, and exams. No hidden extras.

  4. Pass the first time or train again for free. This is our guarantee. We’re confident you’ll pass your course the first time. But if not, come back within a year and only pay for exams and incidental costs

  5. You’ll learn more with quality learning and small class size.

  6. Smaller class sizes mean you’ll learn faster. Chances are, you’ll have a different learning style from those around you. We combine different styles to deliver the material in a way that ensures you will learn faster and more easily.  That's why it's face-to-face!

What's Included

Your immersive course includes:

  • Unlimited snacks, beverages, tea and coffee. 

  • On-site exams.

  • Practice tests.

  • Certification Guarantee.

  • Courseware.

  • Up-to 10 hours of instructor-led training each day.

Pass the first time or train again for free (just pay for accommodation, exams and incidental costs).


  • You'll sit the exam at the end of the course, either at the ISO Security Training Academy or at your training location.

  • Certified ISO 27005 Risk Management exam is covered by your Certification Guarantee.

  • Online exam for 90 minutes of multiple-choice questions.

  • The Certified ISO 27005 Risk Management exam fully meets the requirements set by IBITGQ.

  • This course is an essential component for ISO 27001 and Information Security roles.


  • Successful completion of the ISO 27001 Foundation course is a prerequisite for this course plus involvement in ISO 27001.

  • Feel free to call us to discuss whether this course is right for you.

bottom of page