Risk Management Course

course overview

Click to View dates & book now


This course will provide a basic awareness of the principles of technical risk assessment, risk treatment and risk management. The course emphasises that information risk management is part of overall business risk management. It explains the benefits of a common methodology and language for risk management but stresses that a rigid adoption of a process model is often not appropriate and that each aspect of risk management must be considered in the context of the business requirements and its appetite for risk.

The course objectives are:

  • To explain the principles of risk assessment, risk treatment and risk management
  • To describe the available methods for completing a basic risk assessment
  • To enable delegates to understand the application of security controls to risks and the importance of adequate assurance.
  • To explain how risk management can be conducted in the context of the business.



This course is aimed at delegates with a basic knowledge of Information Assurance.

The course will benefit:

  • Those who are tasked with conducting risk management in their organisation.
  • Those who are involved in projects delivering information systems and who review or contribute to risk assessments and risk management.
  • Senior staff who want to understand the process and terminology in order to maintain an effective information risk management culture.
  • Operational staff who want to understand the process and terminology in order to manage day to day risks in the delivery of the organisation's objectives.
  • Project manager's delivering IT projects to government either directly or as a member of a supply chain company delivering against a contract.

IISP Skills Alignment

This course is aligned to the following Institute of Information Security Professionals (IISP) Skills. More details on the IISP skills framework can be found here.

  • A1, A2, A6, B1, B2, D1

Continuous Professional Development (CPD)

CPD points can be claimed for GCT accredited courses at the rate of 1 point per hour of training for GCHQ accredited courses (up to a maximum of 15 points).

Skills Gained

At the end of this course you will be able to:

  • Assess the role of risk assessment, risk treatment and risk management in their own organisation.
  • Assess what risk assessment methodology may be appropriate in their own organisation.
  • Appreciate the role of effective risk management in their organisation.
  • Understand the need to balance the business requirements of their own organization with its risk management process.


There are no prerequisites for this course.


This course is delivered in 1 day

This is a high level overview of the principles of risk management that can be applied to any business context - HMG or commercial. It explains what the principles are and how they can be applied generically. This part of the course identifies how risk assessment, risk treatment and risk management can be conducted but doesn't specify any particular methodologies or provide working examples of any methodology.

  • Information Assurance Risk Management

Module 1:

Module 2:

Module 3:

Module 4:

Talk to an expert

Thinking about Onsite?

If you need training for 3 or more people, you should ask us about onsite training. Putting aside the obvious location benefit, content can be customised to better meet your business objectives and more can be covered than in a public classroom. Its a cost effective option. One on one training can be delivered too, at reasonable rates.

Submit an enquiry from any page on this site, and let us know you are interested in the requirements box, or simply mention it when we contact you.

All $ prices are in USD unless it’s a NZ or AU date

SPVC = Self Paced Virtual Class

LVC = Live Virtual Class

Please Note: All courses are availaible as Live Virtual Classes

Trusted by over 1/2 million students in 15 countries

Our clients have included prestigious national organisations such as Oxford University Press, multi-national private corporations such as JP Morgan and HSBC, as well as public sector institutions such as the Department of Defence and the Department of Health.