Policy Workshop: ISO 27001 Risk Management

Get a thorough understanding of ISO 27000 standards for information security governance, and how to leverage the ISO 27000 standards to establish and maintain an information security management system (ISMS) program.

Information Security Governance

CICA 180ISO 27001 specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented Information Security Management System within the context of the organization's overall business risks. It specifies requirements for the implementation of security controls customized to the needs of individual organizations or parts thereof. This ISO standard is designed to ensure the selection of adequate and proportionate security controls that protect information assets and give confidence to interested parties.

This 2-day ISO 27001 training and certification workshop  provides thorough coverage of the ISO 27000 standards, as well as setting out advice on the implementation of an information security initiative. The purpose of the course is to:

  • Describe the principles and processes of information security governance and management;
  • Provide thorough coverage of the requirements of ISO 27001;
  • Give practical guidance on designing a suitable framework;
  • Give practical advice on implementing information security management;
  • Prepare you for your ISO 27001 certification exams required for Certified Internal Controls Architect (CICA) professional credentialing.
  • Establish a firm program starting point by using ISO 27001, ISO 27002, and 27003 to build out the initial Information Security Management core policy.

* ISO Standards are NOT included in IRMCB risk management training, nor provided in class. Students are encouraged to bring their own hard-copies of the standards to the class. ISO standards are available for purchase at www.iso.org.


Who should attend?

Recommended participants by role for this ISO 27001 training include:

  • Policy Approvers / Strategy Decision Makers
  • Chief Information Officer (CIO / CISO)
  • Information security managers
  • Compliance officers
  • IT managers
  • Risk managers
  • Business Continuity Managers
  • Operations department heads (business unit managers)
  • Auditors



Getting IRMCB standardized training and taking certification exams

IRMCB courses are delivered by Authorized Training and Education Centers (ATECs) in standardized live and online formats. Select ATECs are also authorized to proctor exams and issue certificates.

Authorized Training and Education Center


Authorized for Live Instructor-Led Training

Authorized for Web-Based Training

Authorized exam center

Certified Information Security

United States




ISO 31000 Risk Management certification courses

Risk management certification exam training

ISO 31000 Certification Training and exam

Risk management courses and training
online risk management training

professional risk management certification exam

 risk manager certification exam training
 risk manager certification course
 risk manager certification exam training

risk manager certifidation course program

 risk manager certification training program

enterprise risk management training program

 risk manager certification exam training

risk manager management trainingpolicy templates, iso 31000 risk management trainingpolicy workshop,risk management trainingrisk management manager trainingrisk management trainingEnterprise Risk Management Trainingcomplete risk management manager training, risk management trainingiso 31000 certification training

 iso 31000 certification risk management certification risk management courses