Information Risk Management according to ISO 27005

• Master the concepts related to information security risk management.
• Analyze the vulnerabilities of information systems in the context of risk identification.
• Discuss risk analysis, assessment, and evaluation.
• Gain knowledge on risk treatment plans.
• Understand the essence of risk management within an organization.
• Learn about the factors that contribute to success in risk management.
• Become familiar with practical methods for risk assessment and management strategies.

The training on risk management in compliance with ISO 27001 is addressed to board members, management staff, risk department employees, internal auditors, and anyone interested in risk analysis within the context of information security in an organization.

The training is conducted in Polish.

There is also the possibility of organizing the training in English.

Training Methodology

Achieving the right training outcomes is possible by selecting the appropriate topic and the methods of delivering the training tailored to the specific needs of the participants and the issues at hand. Below are the methods and techniques we use:

LECTURE

We provide knowledge to participants using dedicated teaching aids such as multimedia presentations. This forms the foundational content of the training, where we introduce the topic, discuss key concepts, describe roles, processes, procedures, etc.

PRACTICAL EXAMPLES

As practitioners, we base our training programs on real-life events presented for a specific problem. We help participants independently reach conclusions or solutions. Our training is strongly focused on practice and skill development.

DISCUSSION

Participants express their opinions and share experiences. A well-formed discussion topic, when at least two perspectives clash, usually evokes significant emotional engagement. The discussion allows for the development of a common solution or prepares arguments regarding a particular topic.

BRAINSTORMING

In a short amount of time, we generate many ideas and solutions for specific problems and situations. We engage participants and stimulate thinking and creativity development.

EXERCISES

Practical tasks related to the subject of the training, such as creating a process, conducting a case study analysis, etc. These exercises effectively complement lectures and practical examples.

TESTS

We verify the participant’s knowledge and skills. We identify competency gaps and appropriately plan the education process to improve the participant’s abilities. Depending on the training’s nature, this may involve various tools, such as knowledge tests or practical exercises.

SIMULATIONS

These provide an excellent trial of reality where participants act and experience the consequences of their actions.

SUMMARY

After completing each topic, we summarize the material discussed. This process is carried out by the trainer and allows for the review of the key points related to the subject matter, while giving participants the opportunity to verify how well they have understood it.

Emanuel Krzysztoń

A graduate of three renowned universities: the University of Lisbon, the University of Aveiro, and Kazimierz Wielki University in Bydgoszcz. An outstanding student with an impressive academic record, a ten-time recipient of scientific scholarships, and the title of the best student of the Faculty of Mathematics, Physics, and Engineering at UKW.

He holds a Master of Science degree in Engineering with specializations in mechatronics, automation/cybersecurity, and safety engineering with a technical specialization. Professionally, he is passionate about information security, cybersecurity for IT and OT systems, and ensuring business continuity within organizations.

He has extensive operational and research experience in these fields, gained, among other things, while creating a startup.