Information Security

ISO 27005 Risk Manager

This training is designed for professionals who must structure, operate, and defend an information security risk management process aligned with ISO/IEC 27005:2022. Participants work through the full risk lifecycle, from context definition to treatment decisions and executive reporting. Unlike generic risk courses, this program focuses on operational decision making, traceability, and alignment with ISO/IEC 27001 requirements. It is particularly valuable for practitioners who need to justify risk choices to auditors, regulators, and senior management while integrating multiple risk assessment methods used in Europe and internationally.

3 days
in person, virtual live, self study, self study private coaching
Certified bypecb logo

What you'll gain

ISO 27005 applied in practice
Risk decisions linked to business impact
Alignment with ISO 27001 controls
Multiple risk methods compared

Next sessions

Upcoming dates you can join soon.

This course runs multiple times per year, onsite and online.

View sessions
Confirmed
EN
08 Jun - 10 Jun
Lausanne & Online
Virtual Live + Onsite
Tentative
EN
23 Mar - 25 Mar
Barcelona & Online
Virtual Live + Onsite
Tentative
FR
23 Mar - 25 Mar
Paris & Online
Virtual Live + Onsite
Tentative
EN
13 Apr - 15 Apr
Lausanne & Online
Virtual Live + Onsite

What You'll Master

  • Structure and operate an ISO 27005 compliant risk management process that stands up to audit and certification scrutiny

  • Translate abstract risk concepts into documented, defensible treatment decisions

  • Select and justify appropriate risk assessment methods depending on organizational context

  • Produce risk registers, reports, and metrics usable by management and auditors

  • Integrate information security risk management into broader governance processes

Course Description

Loading content...

Course Details

  • Loading content...

Professional Testimonials

Henri perfectly filled in the gaps in our knowledge and tailored the course contents to our difficult schedules, many thanks !

Simon Baynes

BCMS manager

MSC MEDITERRANEAN SHIPPING COMPANY SA

Simon Baynes
Henri and Alexis conducted a focused, intensive four-day ISO/IEC 27001 Lead Implementer Course of immediate relevance to The Global Fund. Participants representing both IT and Risk are now better prepared to design and operationise a corporate ISMS.

Andreas Tamberg

Senior advisors enterprise risk management

The Global Fund

Andreas Tamberg
Overall enjoyable training. To the point end trainer kept clear focused.

Stephane Di Bari

Service operations manager

UNICC

Stephane Di Bari

Frequently Asked Questions

Get instant answers to common questions about this course from our expert trainers.

What is the ISO/IEC 27005 Risk Manager certification and what does it qualify you to do?

The ISO/IEC 27005 Risk Manager certification qualifies professionals to design, operate, and maintain an information security risk management process aligned with ISO/IEC 27005:2022. It validates the ability to identify, analyze, evaluate, treat, and communicate information security risks in support of ISO/IEC 27001 compliance.

“ISO 27005 is less about scoring risks and more about making decisions you can defend six months later in front of an auditor or the board.”

Expert Trainer

ISO 27005Information Security RiskRisk AssessmentISMS+3 more

How does ISO/IEC 27005 support ISO/IEC 27001 compliance?

ISO/IEC 27005 provides detailed guidance on performing information security risk assessments and treatments required by ISO/IEC 27001. It explains how to meet Clause 6.1.2 by defining context, evaluating risks, and selecting controls in a structured, auditable way.

“When auditors ask ‘why did you choose this control,’ ISO 27005 gives you a documented answer instead of a guess.”

Expert Trainer

ISO 27001 RiskISO 27005 MethodologyISMS ImplementationISMS+1 more

What are the prerequisites for the ISO/IEC 27005 Risk Manager certification?

There are no formal prerequisites for the ISO/IEC 27005 Risk Manager certification, but participants are expected to have basic knowledge of information security and familiarity with ISO/IEC 27001 concepts. Prior exposure to risk management activities is strongly recommended.

“If you’ve sat in a risk workshop or defended a risk decision once, you’re ready for this course.”

Expert Trainer

ISO 27005Risk AnalysisPrerequisitesISO 27005 Risk Manager

How is ISO/IEC 27005 different from other risk assessment methods like EBIOS or NIST?

ISO/IEC 27005 defines a risk management framework rather than a single assessment method, while EBIOS, NIST, and similar approaches provide specific analysis techniques. ISO 27005 allows organizations to select and justify methods within a standardized lifecycle.

“ISO 27005 doesn’t tell you how to think—it tells you how to prove that you did.”

Expert Trainer

ISO 27005EBIOSNISTRisk Assessment Methods+1 more

All sessions

Browse every upcoming session for this course.

7 sessions
Next session
08 Jun–10 Jun · Lausanne & Online · EN
ISO 27005 Risk Manager
Confirmed

ISO 27005 Risk Manager

Session: EN
Materials: EN / FR
08 Jun-10 Jun
3 jours
Virtual-Live + Onsite
Lausanne & Online
€ Contact us for pricing
pecb logo
ISO 27005 Risk Manager
Tentative

ISO 27005 Risk Manager

Session: EN
Materials: EN / ES
23 Mar-25 Mar
3 jours
Virtual-Live + Onsite
Barcelona & Online
€ Contact us for pricing
pecb logo
ISO 27005 Risk Manager
Tentative

ISO 27005 Risk Manager

Session: FR
Materials: FR / PT
23 Mar-25 Mar
3 jours
Virtual-Live + Onsite
Paris & Online
€ Contact us for pricing
pecb logo
ISO 27005 Risk Manager
Tentative

ISO 27005 Risk Manager

Session: EN
Materials: EN / FR
13 Apr-15 Apr
3 jours
Virtual-Live + Onsite
Lausanne & Online
€ Contact us for pricing
pecb logo
ISO 27005 Risk Manager
Tentative

ISO 27005 Risk Manager

Session: EN
Materials: EN / ES
11 May-13 May
3 jours
Virtual-Live + Onsite
Barcelona & Online
€ Contact us for pricing
pecb logo
ISO 27005 Risk Manager
Tentative

ISO 27005 Risk Manager

Session: FR
Materials: FR
18 May-20 May
3 jours
Virtual-Live + Onsite
Paris & Online
€ Contact us for pricing
pecb logo
ISO 27005 Risk Manager
Tentative

ISO 27005 Risk Manager

Session: EN
Materials: EN / FR / DE / ES
31 Dec-31 Dec
3 jours
Virtual-Live + Onsite
Self-study
€ Contact us for pricing
pecb logo

We use cookies to improve your experience

Necessary cookies are always active. You can accept, reject non-essential cookies, or customize your preferences.