|
Developing the necessary skills to participate in a risk assessment based on the NIST 800-30 method
Summary
This training allows learning the stages of conducting a risk assessment with the NIST 800-30 method. NIST 800-30 method was developed by the National Institute of Standards and Technology (NIST). Based on practical exercises and case studies, the participant will be able to perform an optimal risk evaluation and manage risks in time by being familiar with their life cycle. This training fits perfectly in the framework of an ISO/IEC 27001:2005 standard implementation process.
Who should attend?
-
Risk managers
-
Persons responsible for information security or conformity within an organization
-
Members of the information security team
-
Staff participating in the activities of risk assessment with the NIST 800-30 method
-
IT consultants
Learning objectives
-
To develop the necessary skills to participate in a risk assessment with the NIST 800-30 method
-
To learn the stages of conducting a risk assessment with the NIST 800-30 method
-
To understand the relationship between the information security management system (including risk management), the security measures and the compliance with the requirements of different stakeholders of an organization
Course Agenda
-
Presentation of NIST 800-30
-
Risk management processes
-
Risk assessment
-
Risk mitigation
-
Tools to support the implementation of NIST 800-30
Prerequisites
None
Examination and Certification
Not applicable
General information
-
A student manual containing over 100 pages of information and practical examples are given to the participants
-
A participation certificate of 7 CPD (Continuing Professional Development) credits is awarded to the participants
|
|
|