IT risk assessment training
This training will introduce you to information security risk management and teach you about terms such as enterprise risk management, ISO 31000 & ISO 27005, risk leadership and governance. You will also get hands-on with a risk register and risk scenarios.
- SURF office Utrecht
About the training
All institutions affiliated with SURF use the SURFaudit Assessment Framework for Information Security in the SURFaudit benchmark. One of the components of this framework concerns risk assessment. This training delves deeper into that topic.
Training set-up
The training day takes place at SURF’s office in Utrecht. Theory and exercises alternate throughout the day. There is ample opportunity to consult the trainer individually about the learning objectives or any challenges at work.
Programme
- Introduction to risk management for information security
With concepts such as enterprise risk management, risk capacity & risk appetite, ISO 31000 & ISO 27005, risk leadership and governance - Dealing with uncertainties
- Risk identification
- Risk assessment
- Risk response and mitigation
- Measuring and reporting on risks and controls
- Risk assessment techniques in information security
- SURF risk assessment toolkit
- Learning from practical risk analyses at Fontys
- Hands-on exercises
- Completing a risk register
- Risk assessment using a heatmap
- Risk-based working with risk scenarios
Target audience
The training is intended for anyone working with risk management for information security.
Prerequisites
To participate in this training, it is required that you have attended the masterclass Assessment Framework for Information Security or that you have some knowledge of information security principles.
Costs
The cost for this training course is 250 euros excluding VAT.
Registration and cancellation
Registration is not optional; please read the cancellation conditions for SURFacademy meetings.
Sign up now IT risk assessment training
- SURF office Utrecht