Information Security Risk Analyst

    This is a course that will make you stand out from the crowd!

    Information Security Risk Analyst

    (ISO/IEC 27005, ISO 27004,FAIR, NIST)

    Course description

    This training enables you to develop a full set of skills needed to become a cybersecurity risk analyst. The reference frameworks for this course are ISO/IEC 27005 (Risk Management), ISO/IEC 27004 (monitoring, measurement, analysis, and evaluation), FAIR (risk taxonomy) standards and NIST Cybersecurity Framework.

    During the course, you will gain a thorough understanding of best practices related to risk assessment, risk treatment and the measurement of results which are the most challenging and important parts of information security management. Business decisions are taken based on risk assessment results, therefore they must be as accurate as possible.  You will learn about available methodologies, how to derive the level of risk with a high accuracy rate, how to monitor and measure the effectiveness and the efficiency of the implemented controls and programs.  

    By the end of this course you will be able to:

    • Work with ISO 27005, 27004, FAIR and NIST frameworks,
    • Identify and classify information assets,
    • Identify threats and vulnerabilities,
    • Identify and give value to the elements needed to calculate the risk level,
    • Calculate the level of risk against identified threats,
    • Risk evaluation and prioritization; the choice of risk treatment options,
    • Apply controls, measure the efficiency,
    • Translating the cyber risks into financial indicators easy to understand for non-tech management. Prepare a comprehensive report for your management.


    An examination is held on the day after the course completion and the successful delegates will receive the Information Security Risk Analyst certificate, issued by  ISO Cyber Academy

    Who should attend?

    • Information Security risk managers
    • Information Security team members
    • Individuals responsible for Information Security, compliance, and risk within an organization
    • Individuals implementing ISO/IEC 27001, seeking to comply with ISO/IEC 27001 or involved in a risk management program
    • IT consultants
    • IT professionals
    • Information Security officers
    • Privacy officers

    Training length

    4 days

    Training method

    Online instructor-led

    At your office




    Course material: English

    Teaching langauges: English, Russian,  Romanian 


    Quality & Expertise

    All our trainers are holders of internationally recognized certificates and possess a solid experience in information security field.

    Highly practical

    This training is based on both theory and best practices used in risk assessment and treatment. You will master risk assessment methods used by global companies.

    Free support

    After the successful course completion you will be entitled for 1 month of free support  

    Ad to this course any other course by ISO Cyber Academy and you will get a 10% discount on the total purchase amount.

    How to book the course?


    Click on the Book this course button

    You will be riderected to the contact form.

    Choose your course from the list

    In the message box, indicate the number of participants, the desired learning method (online/at your office) and, choose the course of your interest from the provided list.

    We will get back to you in no time

    We will contact you to set the training week that suits you best.

    Explore other Information Security Courses

    Information Security Risk Management

    Risk taxonomy with FAIR framework (coming soon)

    Security Awareness

    Cybersecurity Fundamentals

    (coming soon)

    Cybersecurity for executives

    (coming soon)

    ISAP implementer

    (coming soon)

    Not sure which is the right course for you?

    Let us help you chose a course that best suits your career needs.