The Practitioner Certified in Information Risk Management PCIRM training course is designed to provide foundation knowledge of the terminology and principles of information risk management. This available PCIRM training course is intended for individual candidates from IT security backgrounds who are beginning on information risk management responsibilities and those who already fulfill information risk management roles now they wish to formalize their accumulate experience. It is equally suitable for business managers and organization that need to gain a formal insight into information risk management in support for wider business risk decision- making.
An ISO/IEC 27001 information security management system gives us a best practice framework to improve data protection, helping us to remove the threat of security breach. The Practitioner Certificate in Information Risk Management (PCIRM) is designed by the BCS Profession Certifications (formerly ISEB), especially for IT security professionals. It provides guidance based on ISO/IEC 27001 for delivering information security risk management specific to our business.
Our business relies on information and the PCIRM is designed to help us protect this information. This course gives us the knowledge to deliver a robust system in line with the approaches recommended in ISO/IEC 27001 and ISO/IEC 27005 standards. And it gives us the skills to keep our company up-to-date with UK legislation and international best practice frameworks – reducing or removing threats specific to our company and customer data.
If we understand the scope of the ISO/IEC 27001 standard, we will also understand how it can impact the way we manage our company and customer data – for the better. An information security management system allows us to demonstrate that we have robust data protection policies and processes in place. And this system will be tailored to our business, building customer trust and empowering us to grow and innovate.
This course will prepare IT and information risk management practitioners for a formal qualification in information risk management. It provides all basic training in IT services and information risk management principles that will assist us both in technical and business management to gain a deeper knowledge into information risk management in support of broader business or infrastructure risk management.
What will you learn?
This five-day programme will introduce individuals the concept of information security management and reaffirm its importance. Through this course, we will become familiar with the different stages of an ISO/IEC 27001 management system and become confident in assessing the specific risks to our business and their impact. This course helps you to put in place effective security controls, analyze business impact, produce risk reports and plan internal information security audits. By the end of the course, we will have a detailed understanding of all the key components of risk management and be able to make a significant contribution to the risk management process.
After completion of this course, the candidates will be able to:
- Develop an information risk management strategy
- Explain the principles of controls and risk treatment
- Explain and produce information classification schemes
- Explain how the management of information risk will bring about significant business benefits
- Explain and make full use of information risk management terminology