Get trained and certified in ISO 31000 and ISO 27005 Enterprise Risk Management
|CICRA Course Demo|
Risk management is an increasingly important business driver as stakeholders have become much more concerned about risk. Risk may be a driver of strategic decisions, it may be a cause of uncertainty in the organization, or it may simply be embedded in the activities of the organization. An enterprise-wide approach to risk management enables an organization to consider the potential impact of all types of risks on all processes, activities, stakeholders, products and services. Implementing a comprehensive approach will result in an organization benefiting from what is often referred to as the ‘upside of risk’.
A successful enterprise risk management (ERM) initiative can affect the likelihood and consequences of risks materializing, as well as deliver benefits related to better informed strategic decisions, successful delivery of change and increased operational efficiency. Other benefits include reduced cost of capital, more accurate financial reporting, competitive advantage, improved perception of the organization, better marketplace presence and, in the case of public service organizations, enhanced political and community support.
Because all information security analysis, controls, and processes are essentially a product of risk management, ISO/IEC 31000 and 27005 provides the framework for how to apply proper risk management within the ISO/IEC 27001/27002 ISMS, or within the 22301 BCMS. The CICRA credential by Certified Information Security certifies your understanding of how ISO/IEC 31000, 31010, and 27005 can be used to develop a custom enterprise risk management program that fulfills the requirements of both ISO/IEC 27001, and ISO 22301. It also helps fulfil the competence requirements of the certifications themselves. Certified Information Security provides the training and credentialing you need to become recognized as an authority in leading or facilitating risk assessment and management according to the ISO/IEC 31000, 31010, and 27005 standards.