For Information Security According to ISO/IEC 27005

On the Subject

The task of information security risk management – embedded in the larger context of corporate governance and enterprise risk management – is to identify and assess the risks relevant to information security. Strategies for dealing with these risks are to be developed on this basis. The ISO/IEC 27005:2018 standard is a supplement to ISO/IEC 27001 and describes the process of risk management for information security. This training course provides participants with precise instructions for implementing the individual steps of risk management and risk analysis. It is designed to ensure that all potential sources of danger are identified. Risk assessment enables managers to quantify risks and to prioritise measures according to established criteria.


  • The information security risk management process
  • Risk analysis:
    • Identification and evaluation of risks, in particular with regard to threats, threatened values and vulnerabilities
  • Risk assessment:
    • Identification and evaluation of appropriate risk management measures
    • Making decisions and reconciling them with the organisational goals
  • Risk treatment:
    • Reduction, prevention, transfer and acceptance of risks
  • Risk communication:
    • Controlling information and making arrangements
  • Risk monitoring and post-processing
  • Integration of the risk management process into an ISMS in accordance with ISO/IEC 27001


The Training will be held in German.

Target Group

  • Business leaders
  • Information security and risk managers
    IT executives, administrators and technicians
  • IT security and privacy officers
  • People who are responsible for information security and want to deepen their know-how




Written fi nal exam with a certifi cate from TÜV TRUST IT GmbH TÜV AUSTRIA Group


Unternehmensgruppe TÜV AUSTRIA
LESKANPark – Haus 1
Waltherstraße 49-51
D-51069 Köln

Participation Fee

975,- € per person plus VAT for the training as well as 100,- € per person plus VAT examination and certificate fee. The participation fee includes course materials, coffee breaks and lunches as well as seminar drinks.

Information & Contact

For more information, please contact Mariana Dohmen at +49 (0) 151 / 61 33 32 15 or

Conditions of Participation

You will receive an invoice for the participation fee one week prior to the respective training date. Cancellations from 14 days before the event must be charged with 50% of the fees, cancellations from the day before the event for a full fee. If the minimum number of participants for the respective training is not achieved, TÜV TRUST IT reserves the right to cancel the training up to 14 days before the start of the course.