ISO 27005 Risk Manager

The course consists of 20% of theory with 80% of practical scenarios and examples in the field of risk management. You will not be surprised by any risk. The case studies contain a number of exercises in different roles and the most common situations. Graduates will be well prepared for the exam and will receive the international certification ISO 27005 Risk Manager.

Would you like to compare to other courses?

Virtual Training or e-Learning?

We offer flexibility. You can choose from our selection of in-class courses as well as online courses.

Try a live virtual course

Target Audience

ISO 27005 will help you process the risk management system in relation to all assets that are relevant to information security according to the international standard ISO / IEC 27005. You will gain the knowledge necessary to implement security measures that help eliminate any risk.

In this course you will get tips of “best practice” for risk management with the help of methodological guidelines such as M_o_R (Management of Risk). You will also learn about a number of other best practices.

As an ISO 27005 Risk Manager, you will learn to identify, evaluate, analyze and work with the various risks that your organization faces. In addition, you will learn to proactively eliminate risks through appropriate measures.

Target group

  • Risk managers
  • ISMS Lead auditors
  • Members of risk management teams
  • Graduates of ISO 27000 Foundation
  • Data Protection Officers
  • Management non the role of IT, Project, CIO and others...
Target Audience

Aims of the course

  • Risk and incident analysis
  • Competences for information risk management
  • Build the relationship between information security and controls
  • Prepare organizations in the field of risks for ISMS ISO 27001 certification
  • Interpret risk management techniques according to ISO / IEC 27005
  • How to turn risk into opportunity and manage not only negative but also positive risks

Risk management

Information security risk management, or risk management system is an integral part of the information security management system.

It defines the process of risk management and analyzes what could happen, what the consequences would be, and helps organizations plan what should be done to eliminate risks to the required level.

Continuous risk management helps:

  • proactively eliminate risk
  • identify, classify and assess risks
  • set priorities for dealing with risk-based incidents
  • correctly determine the likelihood of risk and impact on the organization
  • involve all stakeholders in risk management decisions
  • raise awareness of the risks among employees and take preventive measures
riziko a jeho 6 fází


Why ISO 27005 with TAYLLORCOX

The ISO 27005 Risk Manager training from TAYLLORCOX will help you align your ISMS according to ISO 27001 with your processes and you will not be surprised by any risk. Managers will be a valuable help wherever the organization wants to declare certification according to ISO 27001, but also to improve its processes with regard to risk management and meeting the set goals.


ISO 27005 provides the guidance needed to implement a systematic approach to risk management, which is key to identifying organizational requirements for information security and establishing Information Security Management Systems (ISMS).

ISO 27005 riziko

Marek Mitáček

Accredited trainer, Workshop Leader, Coach, co-author of methodologies and TAYLLORCOX Toolkits (sets of templates and sample forms) for IT Service Management ITSM, Project Management PRINCE2 and cyber security according to ISMS ISO / IEC 27001 and ZoKB.

One of the very first IT auditors in the Czech Republic. His rich practice began in 1996 in the company. GiTyFurtherly spent almost 10 years as an ITIL implementer at Český Telekom and since 2007 he has been a key auditor, accredited trainer at the TAYLLORCOX certification body

  • Český Telekom
  • GiTy - Interní Auditor / Consultant


Jan Cuřín

Graduate of ČVUT FEL, subsequently a consultant with an international dimension in the field of implementation and optimization of the information management system (ITSM) and cyber (ISMS) security. He applies the acquired experience from the position of an accredited Lead Auditor in the areas of IT Service Management, ISMS and GDPR.

  • Cyber Security standard author
  • Lead Auditor ITSM ISO 20000, ISMS ISO/IEC 27001
  • Approved Trainer & Lead Auditor GDPR (EU 2016/679) dle ISO/IEC 17067


ISO 27005 Risk Manager | ISO 17024 Accredited


ISO 27005 Risk Manager (ISO 17024)

Course participants will learn all the necessary principles, procedures and concepts of setting up a risk management system based on ISO 27005. Graduates will be prepared for the final exam ISO / IEC 27005 Risk Manager.

The exam usually takes place on the 2nd day of the course. You will be perfectly prepared for the final test, thanks to our official practice tests, which will be taken throughout the course. Thanks to a thorough preparation, graduates at TAYLLORCOX have an above-average (elite) success score at the final certification.

Exam format:

  • Duration: 60min.
  • Multiple-choice, closed-book
  • Pass mark: 55% , i.e. 33 correct answers out of 60 questions
  • Certificate validity: lifetime (no expiration date)
certifikace ISO 27005


The ISO/IEC 27005 Risk Manager course is fully compatible with other risk management courses intended for ISMS implementation, i.e.:

  • M_o_R® Foundation
  • M_o_R® Practitioner
  • ISO 27000 Foundation and ISO 27001 Lead Auditor
ISO 17024 personal certification accredited training ISO 27005

Graduate ratings

Excellent review from 699 reviewers

What makes our references exceptional? They are not one-off events. Clients come back to us regularly.

  • Michal S.
  • 26.05.23

Kurz splnil moje očekávání. Je kladen veliký důraz na praktickou stránku věci, je očekáváná interakce s účastníky kurzu, kteří si tak zároveň ověřují své znalosti a dovednosti. Kvalitativně tak velké + a doporučuji!

  • Tomáš V.
  • 23.05.23
  • CGI IT Czech Republic

Přínosný kurz podaný záživnou formou. Pomohl mi zkonsolidovat znalosti.

  • GDPR Anonymizováno
  • 23.05.23

Prakticky zaměřený kurz s mnoha příklady.

  • Klára P.
  • 08.09.21
  • F.S.C Bezpečnostní poradenství a.s.

Kurz byl přínosný, ale mohl by být delší. Přístup lektora perfektní.

  • Jan K.
  • 08.09.21

Kurz velmi dobrý jak po stránce teoretické, tak praktické.

  • GDPR Anonymizováno
  • 26.05.20
  • ČEZ

S kurzem jsem byl velmi spokojen, splnil očekávání.

  • GDPR Anonymizováno
  • 26.05.20
  • Elat

Výměna praktických zkušeností s přednášejícím, který je velmi znalý formy ISO 27001 a ISO 31000.

  • GDPR Anonymizováno
  • 25.05.20
  • Elat

Výměna praktických zkušeností s přednášejícím, který je velmi znalý normy ISO 27001 a ISO 31000.

  • GDPR Anonymizováno
  • 25.05.20
  • ČEZ

S kurzem jsem byl velmi spokojen, splnil očekávání.

  • GDPR Anonymizováno
  • 20.12.19
  • České Radiokomunikace


View the next 10 reviews of our graduates

View the full list of reference clients.

Your rating

Not sure if this is the right courese for you? Get in touch!

For assistance please give us a call.

We are available at +420 222 553 101 Always Monday to Friday: 9am - 5pm.

*items marked with an asterisk are mandatory

Would you like a gift for your birtday?