Course Outline

Day 1 Introduction to ISO 27005, concepts and implementation of a risk management program

  • Section 01: Course objectives and structure
  • Section 02: Standard and regulatory framework
  • Section 03: Concepts and definitions of risk
  • Section 04: Implementing a risk management programme
  • Section 05: Context establishment

Day 2 Risk identification, evaluation, and treatment as specified in ISO 27005

  • Section 06: Risk Identification
  • Section 07: Risk Analysis
  • Section 08: Risk Evaluation
  • Section 09: Risk Assessment with a quantitative method
  • Section 10: Risk Treatment

Day 3 Information Security Risk Acceptance, Communication, Consultation, Monitoring and Review

  • Section 11: Information security risk acceptance
  • Section 12: Information security risk communication and consultation
  • Section 13: Information security risk monitoring and review

Day 4 Risk Assessment Methodologies

  • Section 14: OCTAVE Method
  • Section 15: MEHARI Method
  • Section 16: EBIOS Method
  • Section 17: Harmonized Threat and Risk Assessment (TRA) Method
  • Section 18: Applying for certification and closing the training

Day 5 Certification Exam

Requirements

A fundamental understanding of ISO/IEC 27005 and comprehensive knowledge of Risk Assessment and Information Security.

 35 Hours

Number of participants


Price per participant

Open Training Courses require 5+ participants.

Testimonials (4)

The fact that there were practical examples with the content

Smita Hanuman - Standard Bank of SA Ltd
Course - Basel III – Certified Basel Professional

The trainer was extremely clear and concise. Very easy to understand and absorb the information.

Paul Clancy - Rowan Dartington
Course - CGEIT – Certified in the Governance of Enterprise IT

The trainer was very motivated and knowledgeable. The trainer was not only capable of information transfer, she also brought it with humor to lighten the dry theoretical training subject.

Marco van den Berg - ZiuZ Medical B.V.
Course - HIPAA Compliance for Developers

I genuinely enjoyed the real examples of the trainer.

Joana Gomes
Course - Compliance and the Management of Compliance Risk

Upcoming Courses (Minimal 5 peserta)

ISO/IEC 27005 Lead Risk Manager

2025-06-16 09:30
35 hours
Centennial Tower
100750000 IDR (Online)
100763635 IDR (Classroom)

ISO/IEC 27005 Lead Risk Manager

2025-06-30 09:30
35 hours
Grand Slipi Tower
100750000 IDR (Online)
100763635 IDR (Classroom)

ISO/IEC 27005 Lead Risk Manager

2025-07-14 09:30
35 hours
The City Tower
100750000 IDR (Online)
100763635 IDR (Classroom)

ISO/IEC 27005 Lead Risk Manager

2025-07-28 09:30
35 hours
Centennial Tower
100750000 IDR (Online)
100763635 IDR (Classroom)

Related Courses

Introduction to ISO27001

 7 Hours

Pelatihan langsung yang dipimpin instruktur di Indonesia (online atau di tempat) ini ditujukan untuk profesional tingkat pemula yang ingin memperoleh pemahaman tentang ISO 27001 dan perannya dalam meningkatkan keamanan informasi dalam suatu organisasi.

Pada akhir pelatihan ini, peserta akan dapat:

  • Memahami tujuan dan manfaat ISMS.
  • Membiasakan diri dengan konsep, istilah, dan prinsip utama ISO 27001.
  • Mengenali peran auditor dalam memastikan kepatuhan.
  • Dapatkan wawasan tentang proses audit dan perbaikan berkelanjutan dalam ISO 27001.
Read more...

Basel III – Certified Basel Professional

 21 Hours

Keterangan:

Basel III adalah standar regulasi global mengenai kecukupan modal bank, uji ketahanan, dan risiko likuiditas pasar. Setelah awalnya disetujui oleh Komite Basel untuk Pengawasan Perbankan pada tahun 2010–11, perubahan pada The Accord telah memperpanjang penerapannya hingga 31 Maret 2019. Basel III memperkuat persyaratan modal bank dengan meningkatkan likuiditas bank dan mengurangi leverage bank.
Basel III berbeda dari Basel I & II karena ia mensyaratkan tingkat cadangan yang berbeda untuk berbagai bentuk simpanan dan jenis pinjaman lainnya, sehingga ia tidak begitu menggantikan keduanya melainkan berfungsi berdampingan dengan Basel I dan Basel II.
Lanskap yang kompleks dan terus berubah ini bisa jadi sulit untuk diikuti, kursus dan pelatihan kami akan membantu Anda mengelola kemungkinan perubahan dan dampaknya terhadap institusi Anda. Kami terakreditasi dan menjadi mitra pelatihan Basel Certification Institute dan dengan demikian kualitas dan kesesuaian pelatihan dan materi kami dijamin mutakhir dan efektif.

Tujuan:

  • Persiapan untuk Ujian Profesional Basel Bersertifikat.
  • Menentukan strategi dan teknik langsung untuk definisi, pengukuran, analisis, peningkatan, dan pengendalian risiko operasional dalam organisasi perbankan.

Sasaran Pemirsa:

  • Anggota dewan dengan tanggung jawab risiko
  • CRO dan Kepala Risiko Management
  • Anggota Tim Risiko Management
  • Staf kepatuhan, hukum, dan dukungan TI
  • Analis Ekuitas dan Kredit
  • Manajer Portofolio
  • Analis Lembaga Pemeringkat

Ringkasan:

  • Pengantar norma-norma Basel dan amandemen terhadap Kesepakatan Basel (III)
  • Peraturan mengenai risiko pasar, kredit, rekanan dan likuiditas
  • Pengujian stres untuk berbagai ukuran risiko termasuk cara merumuskan dan memberikan pengujian stres
  • Dampak yang mungkin terjadi dari Basel III terhadap industri perbankan internasional, termasuk demonstrasi penerapan praktisnya
  • Perlunya Norma Basel Baru
  • Norma Basel III
  • Tujuan Norma Basel III
  • Basel III – Garis Waktu
Read more...

Certified Fraud Examiner (CFE) Preparation

 70 Hours

Pelatihan langsung yang dipimpin instruktur di Indonesia (online atau di lokasi) ini ditujukan untuk profesional tingkat lanjut yang ingin mendapatkan pemahaman komprehensif tentang konsep pemeriksaan penipuan dan mempersiapkan diri untuk ujian Certified Fraud Examiner (CFE).

Pada akhir pelatihan ini, peserta akan mampu:

  • Dapatkan pengetahuan komprehensif tentang prinsip pemeriksaan penipuan dan proses pemeriksaan penipuan.
  • Belajar mengidentifikasi, menyelidiki, dan mencegah berbagai jenis skema penipuan keuangan.
  • Memahami lingkungan hukum terkait penipuan, termasuk unsur hukum penipuan, undang-undang, dan peraturan terkait.
  • Dapatkan keterampilan praktis dalam melakukan investigasi penipuan, termasuk pengumpulan bukti, teknik wawancara, dan analisis data.
  • Belajar merancang dan menerapkan program pencegahan dan pencegahan penipuan yang efektif dalam organisasi.
  • Dapatkan kepercayaan diri dan pengetahuan agar berhasil lulus ujian Certified Fraud Examiner (CFE).
Read more...

CGEIT – Certified in the Governance of Enterprise IT

 28 Hours

Description:

This four day event (CGEIT training) is the ultimate preparation for exam time and is designed to ensure that you pass the challenging CGEIT exam on your first attempt.
The CGEIT qualification is an internationally recognised symbol of excellence in IT governance awarded by ISACA. It is designed for professionals responsible for managing IT governance or with significant advisory or assurance responsibility for IT governance.
Achieving CGEIT status will provide you with wider recognition in the marketplace, as well as increased influence at executive level.

Objectives:

This seminar has been designed to prepare Delegates for the CGEIT examination by enabling them to supplement their existing knowledge and understanding to be better prepared to pass the exam, as defined by ISACA.

Target Audience:

Our training course is for IT and business professionals, with significant IT governance experience who are undertaking the CGEIT exam.

Read more...

Compliance for Payment Services in Japan

 7 Hours

This instructor-led, live training in Indonesia (online or onsite) is aimed at payment services compliance professionals who wish to create, implement, and enforce a compliance program within an organization.

By the end of this training, participants will be able to:

  • Understand the rules set forth by government regulators for payment service providers.
  • Create the internal policies and procedures needed to satisfy government regulations.
  • Implement a compliance program that adheres to relevant laws.
  • Ensures that all corporate processes and procedures comply with the compliance program.
  • Uphold the business's reputation while protecting it from lawsuits.
Read more...

Cybersecurity Governance, Risk & Compliance (GRC)

 14 Hours

Pelatihan langsung yang dipandu instruktur di Indonesia (online atau di tempat) ini ditujukan untuk profesional keamanan siber tingkat menengah yang ingin meningkatkan pemahaman mereka tentang kerangka kerja GRC dan menerapkannya pada operasi bisnis yang aman dan patuh.

Pada akhir pelatihan ini, peserta akan dapat:

  • Memahami komponen utama tata kelola, risiko, dan kepatuhan keamanan siber.
  • Melakukan penilaian risiko dan mengembangkan strategi mitigasi risiko.
  • Menerapkan langkah-langkah kepatuhan dan mengelola persyaratan peraturan.
  • Mengembangkan dan menegakkan kebijakan dan prosedur keamanan.
Read more...

Governance, Risk Management & Compliance (GRC) Fundamentals

 21 Hours

Course goal:

To ensure that an individual has the core understanding of GRC processes and capabilities, and the skills to integrate governance, performance management, risk management, internal control, and compliance activities.

Overview:

  • GRC Basic terms and definitions
  • Principles of GRC
  • Core components, practices and activities
  • Relationship of GRC to other disciplines
Read more...

HIPAA Compliance for Developers

 7 Hours

HIPAA (Health Insurance Portability and Accountability Act of 1996) is a legislation in the United States that provides provisions for data privacy and security for handling and storing medical information. These guidelines are a good standard to follow in developing health applications, regardless of territory. HIPAA compliant applications are recognized and more trusted globally.

In this instructor-led, live training (remote), participants will learn the fundamentals of HIPAA as they step through a series of hands-on live-lab exercises.

By the end of this training, participants will be able to:

  • Understand the basics of HIPAA
  • Develop health applications that are compliant with HIPAA
  • Use developer tools for HIPAA compliance

Audience

  • Developers
  • Product Managers
  • Data Privacy Officers

Format of the Course

  • Part lecture, part discussion, exercises and heavy hands-on practice.

Note

  • To request a customized training for this course, please contact us to arrange.
Read more...

HiTrust Common Security Framework Compliance

 14 Hours

This instructor-led, live training in Indonesia (online or onsite) is aimed at developers and administrators who wish to produce software and products that are HiTRUST compliant.

By the end of this training, participants will be able to:

  • Understand the key concepts of the HiTrust CSF (Common Security Framework).
  • Identify the HITRUST CSF administrative and security control domains.
  • Learn about the different types of HiTrust assessments and scoring.
  • Understand the certification process and requirements for HiTrust compliance.
  • Know the best practices and tips for adopting the HiTrust approach.
Read more...

ISO 27001:2023 Internal Auditor of the Information Security Management System

 35 Hours

Objectives

  • Gaining knowledge of ISO 27001:2023
  • Gaining knowledge on how to audit in accordance with the standard
  • Getting to know good practices
Read more...

ISO 27001:2023 Lead Auditor of the Information Security Management System

 35 Hours

Objectives

  • Gaining knowledge of ISO 27001:2023
  • Gaining knowledge on how to audit in accordance with the standard
  • Getting to know good practices
Read more...

ISO 27001:2023 Requirements

 14 Hours

Objectives

  • Gaining knowledge about changes to ISO 27001 2023 edition
  • Gaining knowledge on how to audit in accordance with the standard
  • Getting to know good practices
Read more...

Compliance and the Management of Compliance Risk

 21 Hours

Audiance

All staff who need a working knowledge of Compliance and the Management of Risk

Format of the course

A combination of:

  • Facilitated Discussions
  • Slide Presentations
  • Case Studies
  • Examples

Course Objectives

By the end of this course, delegates will be able to:

  • Understand the major facets of Compliance and the national and international efforts being made to manage the risk related to it
  • Define the ways in which a company and its staff might set up a Compliance Risk Management Framework
  • Detail the roles of Compliance Officer and Money Laundering Reporting Officer and how they should be integrated into a business
  • Understand some other “hot spots” in Financial Crime – especially as they relate to International Business, Offshore Centres and High-Net-Worth Clients
Read more...

PCI-DSS Practitioner

 14 Hours

Pelatihan Profesional Industri Kartu Pembayaran langsung yang dipandu instruktur di Indonesia (online atau di tempat) ini memberikan kualifikasi individual bagi praktisi industri yang ingin menunjukkan keahlian profesional dan pemahaman mereka tentang Standar Keamanan Data PCI (PCI DSS).

Pada akhir pelatihan ini, peserta akan dapat:

  • Pahami proses pembayaran dan standar PCI yang dirancang untuk melindunginya.
  • Memahami peran dan tanggung jawab entitas yang terlibat dalam industri pembayaran.
  • Memiliki wawasan dan pemahaman mendalam tentang 12 persyaratan PCI DSS.
  • Menunjukkan pengetahuan tentang PCI DSS dan bagaimana penerapannya pada organisasi yang terlibat dalam proses transaksi.
Read more...

PECB ISO 27001:2022 Transition

 14 Hours

This instructor-led, live training in Indonesia (online or onsite) is aimed at intermediate to expert-level IT professionals who wish to enhance their skills and qualifications in information security or related fields.

By the end of this training, participants will be able to:

  • Understand the differences between ISO/IEC 27001:2013 and ISO/IEC 27001:2022.
  • Gain the knowledge and skills to plan and implement the transition from the 2013 to the 2022 version of the standard efficiently.
  • Apply the knowledge in real-world scenarios, facilitating a smooth transition in their respective organizations.
Read more...

Related Categories

Security Management
Security Management
ISO Standards
ISO Standards
PECB
PECB