COURSE OVERVIEW

 

This practical and highly-interactive course includes real-life case studies and exercises where participants will be engaged in a series of interactive small groups and class workshops. 

This course is designed to provide participants with a detailed and up-to-date overview of risk professional in accordance with ISO 31000:2018, ISO 27001:2013 and ISO 22301:2019 standards. It covers the relationship between risk management (ISO 31000), information security management (ISO 27001) and the business continuity (ISO 22301); the design of framework for managing risk; the risk management, monitoring, reviewing and continual improvement of the framework; the process communication and consultation; monitoring and reviewing risk assessment; and treatment and recording the risk management process. 

 

Further, the course will also discuss the scope and procedure of the information security management system; the leadership, commitment, policy, organizational roles, responsibilities and authorities; the planning actions to address risks and opportunities and the information security objectives and planning to achieve them. 

During this interactive course, participants will learn the support, resources, competence, awareness, communication and documented information; the operational planning and control; the information security risk assessment and treatment; the performance monitoring, measurement, analysis and evaluation; the internal audit, management review, nonconformity, corrective action and continual improvement; the concept of business continuity and its policy; the needs and expectations of interested parties; the action to address risks and opportunities; the business continuity objectives and planning to achieve them; the business continuity management system and the business impact analysis (BIA); the business continuity strategies and solutions; the incident response structure; and the business continuity plans and procedures.