IT risk assessment training
This training will introduce you to information security risk management and teach you about terms such as enterprise risk management, ISO 31000 & ISO 27005, risk leadership and governance. You will also get hands-on with a risk register and risk scenarios.
- SURF office Utrecht
About the training
All SURF member institutions use the SURFaudit Information Security Assessment Framework for the SURFaudit benchmark. One of the components of the assessment framework concerns risk assessment. This training zooms in on this.
Training set-up
The training day is at SURF's office in Utrecht. Theory and exercises alternate. During the day, there is ample opportunity for individual sparring with the trainer about learning goals or possible challenges at work.
Programme
- Introduction to information security risk management
- With concepts such as enterprise risk management, risk capacity & risk appetite, ISO 31000 & ISO 27005, risk leadership and governance
- Dealing with uncertainties
- Risk identification
- Risk assessment
- Risk response and mitigation
- Measuring and reporting on risks and measures
- Risk assessment techniques in information security
- SURF risk assessment toolkit
- Learning from practical risk assessments at Fontys
Hands-on exercises
- Completing a risk register
- Risk assessment using a heat map
- Risk-based work based on risk scenarios
For whom?
The training course is for anyone getting started with information security risk management. The training will be in Dutch.
Required prior knowledge
For attending this training course, it is a requirement that you have attended the masterclass Toetsingskader informatiebeveiliging or have some knowledge of information security principles.
Costs
The cost for this training course is 250 euros excluding VAT.
Registration and cancellation
- Registration is not optional; please read the cancellation conditions for SURFacademy meetings.
Sign up now IT risk assessment training
- SURF office Utrecht