Udemy
    •  
    •  
    •  
    •  
    •  
    •  
    •  
    •  
Turn what you know into an opportunity and reach millions around the world.
Learn More
Your cart is empty.
Keep shopping
Information Security Risk Assessment Process ISO 27001:2013
Rating: 3.9 out of 5(78 ratings)
312 students

Information Security Risk Assessment Process ISO 27001:2013

Learn the fundamentals of IS Security, IS Security Risk Assessment Process and ISO 270001:2013 requirements
Last updated 6/2025
English

What you'll learn

  • You will learn Informaton Security IS Risk Concepts and Risk Assessment Process as per ISO 27001
  • You will learn the concepts of Information Assets, Information Risks and Categorization of Risks
  • You will learn the Risk Assessment Methodology and Process
  • You will learn levels of Risks as Very High, High, Medium, Low and Very Low Risks and Score Ranges. You will learn application of 5 by 5 Risk Assessment Matrix
  • Understanding Impact and Likelihood Assessment of IS Risks, and Inherent and Residual Risk Assessments and Risk Ratings Calculation
  • You will learn the format and style of preparing Risk Register. You will learn how Inherent and Residual Risk Assessment Risk Scores are calculated
  • Risk Treatment Plans to Mitigate the Information Security Risks - Implementing Preventive, Detective and Corrective Controls
  • ISO 27001 - Risk Mitigation Strategy and Controls

Course content

8 sections31 lectures2h 44m total length
  • ISO 27001 ISMS Risk Assessment Process - Course Overview3:35
  • Who Should Join This Course0:38
  • What is ISO 27001 ISMS - Overview1:40

Requirements

  • Basic Knowledge of Risk Management Practices

Description

  • Do you know why is it critical for companies and institutions to manage "Critical Information" and associated "Information Security Risks"?

  • Do you know what happens when IS Security Risks incident occurs? What are the consequences and risks involved? 

  • Do you know how companies and IS Consultants, practically perform IS risk assessment to manage and maintain Information Security Infrastructure?

  • What ISO/IEC 27001:2013 ISMS standard prescribes for IS Security Risk Assessment and Treatments?

All these questions will be answered through a practical course, where standards' requirements are linked with real-world examples, risk assessment models, and techniques.

ISO 27001 is the internationally recognized specification for Information Security Management System (ISMS) and is the most popular standard for Information Security. It serves as an IT Governance framework for organizations and businesses to enable the development and implementation of ISO 45001-prescribed controls to secure information assets.


COURSE OVERVIEW

In this course, you will get an insight into how companies and institutions perform Information Security IS Risk Assessment and manage or treat IS Risks, Threats, and Vulnerabilities. This course will give you conceptual and practical knowledge about IS Security Risk Assessment and Management as per ISO 27001.


COURSE TOPICS

Understanding ISO 27001 ISMS Risk Assessment

Understanding Information Security, Protection, and ISO 27001 Principles

Key Objectives of Information Security and Protection

Networks, Information, and Data Availability

Information Asset Matrix and CIA Triad

Understanding Risk, Activity or Event, and Adverse Impact or Outcome

Different Categories of Risks Faced by Institutions and Organizations

Understanding Information Security Risks and Possible Adverse Impacts

Understanding Cybersecurity Risk

Information Asset, Data Governance and ISO 27001 Protection Controls

Information Security IS Risk Assessment and Purpose of IS Risk Assessment

Risk Assessment with Quantitative Calculation

Risk Assessment - Assets Based Approach ABA - Risks Threats and Vulnerabilities

Overview of Threat, Vulnerability, Consequences and Mitigation Plan

Risk Assessment - Understanding High, Medium and Low Risk Levels

Risk Matrix /methodology - 5 by 5 Risk Assessment Matrix

Understanding When to Use a Risk Assessment Matrix

Application of Risk Assessment Matrix for Risk Rating Calculation

Rigorous Risk Cases and Risk Assessment Analysis

Example - Preparing Risk Register after Risk Assessment Calculations - Cybersecurity Risk as an Example

Risk Treatment Options

Implementing Controls - Preventive, Detective and Corrective Controls

Information System Defense Controls

ISO 27001 - Risk Mitigation Strategy and Controls

Multiple Choice Questions MCQs are also part of this course


You will be able to "prepare Asset Risk, Impact and Likelihood Matrix", "perform Risk Assessment using Methodology", "prepare Vulnerability and Threat Matrix", "perform Risk and Financial Impact Pyramid Analysis", "apply Treatment Options", "understand Controls Categories" etc. as per ISO 27001 - Information Security Management System.

To test your knowledge, the MCQs test is also part of this course


Other Benefits?

After attending this course you will be able to:

- apply concepts in your IS Security job

- communicate with IS Security and IS Audit professionals

- apply for jobs in organizations where ISO 27001 ISMS is implemented or to be implemented

- pursue a career progression in IS Security domain

- get the certificate of course completion etc.


Who is this course for:

  • Information System IS Security, IS Audit, IT Professionals and Students

  • IS Security Consultants

  • Risk Management Professionals and Students

  • Internal Audit Professionals and Students

  • Finance Professionals and Students

  • CISA, CISM students

  • Compliance professionals

  • Anyone who wants to learn the ISO 27001 standard's requirements for Information Security

Who this course is for:

  • Information Security IS Professionals
  • IS Security Auditors
  • IT Professionals
  • Internal Auditors
  • Risk Management Professionals
  • Information Security Risk Consultants
  • CIA, CISM, CISA Students
  • Finance students and others who want to learn IS Security and Risk Assessment Process