HomeCoursesInformation Security › ISO/IEC 27005 Risk Manager
Information Security Risk Manager FR · ES · EN

ISO/IEC 27005 Risk Manager

Build the skill to manage information security risk in line with ISO/IEC 27005. The methodology underpinning every ISMS and the foundation of the risk assessment required by ISO 27001, NIS2 and DORA.

3 daysof training
Risk Managerintermediate level
FR · ES · ENlanguages
OfficialPECB exam incl.

Who is this course for?

  • Consultants and analysts who carry out security risk assessments
  • Security managers who need to justify their decisions on a risk basis
  • Auditors and compliance professionals (NIS2, DORA, ISO 27001)
  • Anyone who wants to master the risk assessment methodology underpinning every ISMS

What you'll gain

  • The PECB Certified ISO/IEC 27005 Risk Manager credential, recognised internationally
  • Command of the full risk management process: identify, analyse, evaluate and treat
  • The ability to apply the methodology in ISO 27001, NIS2 and DORA projects
  • The criteria to justify security decisions before management and auditors

Course programme

Day 1 · Fundamentals and framework of risk management
  • Information security risk concepts; ISO/IEC 27005 and ISO 31000
  • Establishing the context and risk criteria
  • Relationship with the ISO/IEC 27001 ISMS
Day 2 · Risk identification, analysis and evaluation
  • Identifying assets, threats and vulnerabilities
  • Risk analysis and estimation; qualitative and quantitative approaches
  • Risk evaluation and prioritisation
Day 3 · Treatment, acceptance and examination
  • Risk treatment options and the treatment plan
  • Risk acceptance, communication and monitoring
  • Review and official "PECB Certified ISO/IEC 27005 Risk Manager" exam

Exam, credits & certification

2 h
Duration of the official PECB exam
21 CPD
Continuing Professional Development credits granted by the course
Included
Exam, marking and first issue of the certification, included in the price

Once you pass the exam, you can apply for the "PECB Certified ISO/IEC 27005 Risk Manager" credential. The exam includes 2 attempts: the first plus a free retake, usable within the following 12 months. Passing first time is no longer a source of pressure. CPD credits correspond to the course level according to PECB. The exam duration is indicative; ask me for the exact details when you enrol.

Your trainer

Ricardo Coronel Lemus, PECB trainer

Ricardo Coronel Lemus

Practising GRC / vCISO consultant · PECB Certified Trainer (CT6496)

More than 20 years in cybersecurity and compliance, today a vCISO and GRC consultant with real clients in France, Spain and Mexico. This is a standard I teach as a PECB Certified Trainer, and I don't approach it theoretically: I apply it day to day with real clients — that's what I bring to my coaching and exam preparation.

ISO 27001 Lead Auditor / Lead Implementer CISSPCISMCRISCCCISODORA Lead ManagerPCI DSS - PCIP

Frequently asked questions

Do I need any prerequisites?
There are no formal prerequisites. Knowing the fundamentals of ISO 27001 helps, but it is not required.
What language is the exam in?
The official PECB exam for this course is available in French, Spanish and English. Coaching is delivered in English to prepare you as well as possible.
What is the difference between Self-Study and Self-Study + Coaching?
Self-Study gives you the official material, the exam and the certification to progress at your own pace. The coaching option adds one-to-one sessions with me, real-world case studies and guided exam preparation: I support you until you feel ready to get certified.
What if I don't pass the exam?
The PECB exam includes 2 attempts: the first plus a free retake usable within the following 12 months. So a failure doesn't leave you stranded. What's more, with the coaching option we prepare for the exam together with mock exams so that you arrive with confidence.
What is this certification for?
Risk assessment is at the heart of ISO 27001, NIS2 and DORA. Mastering ISO 27005 lets you carry out solid, defensible risk assessments — a skill in high demand in consulting and audit.

Ready to get certified in ISO 27005?

Choose your option above and enrol online. A question or need some advice? Write to me or book a call.