For those planning training sessions or candidates intending to take an online exam during this period, we will be offering online exam sessions on December 27 and 29, as well as January 5, 2024. You can check the link to online exam events here.


Why should you attend?

EBIOS Risk Manager training enables you to gain the necessary knowledge and develop the necessary competence to master risk management concepts and components related to all assets of relevance for Information Security based on the EBIOS method.

Based on practical exercises and case studies, you will have the opportunity to acquire the necessary skills to perform an optimal Information Security risk assessment and timely risk management by being familiar with its life cycle. This training fits perfectly in the framework of the ISO/IEC 27001 standard implementation process.

After mastering all the necessary concepts of risk assessment using the EBIOS method, you can sit for the exam and apply for a “PECB Certificate Holder in EBIOS Risk Manager” certificate. By holding a PECB Risk Manager Certificate, you will be able to demonstrate that you have the practical knowledge and professional capabilities to support an organization in performing risk assessment based on the EBIOS method.

Who should attend?

  • Individuals seeking to learn and understand the basic concepts of Risk Management
  • Individuals participating in risk assessment activities using the EBIOS method
  • Managers seeking to understand the techniques for performing risk assessment based on the EBIOS method
  • Managers seeking to master the techniques for analyzing and communicating the results of a risk assessment based on the EBIOS method

Learning objectives

  • Understand the concepts and basic principles of risk management associated with the use of the EBIOS method
  • Understand the activities of the EBIOS method in order to follow the completion of studies (pilot, control, reframe) as a work master
  • Understand and explain the findings of an EBIOS study and its key deliverables
  • Acquire the necessary skills to carry out an EBIOS study
  • Acquire the necessary skills to manage security risks of an organization's information systems
  • Develop the necessary skills to analyze and communicate the results of an EBIOS study

Educational approach

  • This training is based on both theory and best practices of risk assessment using the EBIOS method
  • Lecture sessions are illustrated with examples based on case studies
  • Practical exercises are based on case studies which include role playing and discussions
  • Practical exercises and examples are similar to the Certificate Exam


A fundamental knowledge of risk management.

More Details

  • Day 1

    • Training course objectives and structure
    • Introduction to EBIOS RM method
    • Workshop 1 Scope and security baseline
    • Workshop 2 Risk origins

    Day 2

    • Workshop 3 Strategic scenarios
    • Workshop 4 Operational scenarios 
    • Workshop 5 Risk treatment
    • Closing of the training course

    Day 3

    • Certificate exam
  • The “PECB EBIOS Risk Manager” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competency domains:

    Domain 1: Fundamental principles and concepts of Information Security risk management process based on the EBIOS method

    Domain 2: Information Security risk management framework based on the EBIOS method

    Domain 3: Information Security risk assessment using the EBIOS method

    For specific information about exam type, languages available, and other details, please visit the List of PECB Exams and the Examination Rules and Policies.

  • After successfully completing the exam, you can apply for the credential shown on the table below. 

    The certificate requirements for the EBIOS Risk Manager are:

    Credential Exam Risk Management experience Other requirements
    PECB Certified EBIOS Provisional Risk Manager PECB Certified EBIOS Risk Manager exam or equivalent None Signing the PECB Code of Ethics
    PECB Certified EBIOS Risk Manager Confirmed PECB Certified EBIOS Risk Manager exam or equivalent • Follow an EBIOS Risk Manager training or have relevant professional experience of at least 2 years; and • Have followed a significant part of the EBIOS method in real conditions at least one in the three years preceding the certification request Signing the PECB Code of Ethics

    To be considered valid, these risk assessment activities should follow best implementation practices and include the following:

    1. Defining a risk management approach
    2. Designing and implementing an overall risk management process for an organization
    3. Defining risk evaluation criteria
    4. Performing risk assessment
    5. Identifying assets, threats, existing controls, vulnerabilities and consequences (impacts)
    6. Assessing consequences and incident likelihood
    7. Evaluating risk treatment options
    8. Performing a risk management review
    • Certificate and examination fees are included in the price of the training course
    • Training material containing over 200 pages of information and practical examples will be distributed
    • An attestation of course completion worth 21 CPD (Continuing Professional Development) credits will be issued to the participants who have attended the training course.
    • In case of exam failure, you can retake the exam within 12 months for free