The training course covers the theoretical background of the principles and the terms and definitions that are connected to the area of Risk management.
As a basis for the training course is used the standard ISO 31000 which describes an organized approach to risk management. The process is generic and can be applied to any type of business and any type of risk. Having ISO 31000 as a starting point, the training course syllabus continues on with the more detailed analysis of the risk management methodologies that have been specifically created for the area of IT and information security
This training course is intended to provide comprehended definitions of Risk, Uncertainty and Risk Management. Also identifications of the steps of the risk management process.
The training course contains the following chapters
1. Introduction to Risk Management
2. Context Establishment
3. Risk Identification
4. Risk Estimation
5. Risk Evaluation
6. Risk Treatment
7. Risk Acceptance