After successfully completing the exam, you can apply for the credentials shown on the table below.
PECB Certified ISO/IEC 27005 Provisional Risk Manager
Exam: PECB Certified ISO/IEC 27005 Risk Manager Exam
Professional experience: None
Risk Management experience: None
Other requirements: Signing the PECB Code of Ethics
PECB Certified ISO/IEC 27005 Risk Manager
Exam: PECB Certified ISO/IEC 27005 Risk Manager exam
Professional experience: Two years. One year of work experience in ISRM.
Risk Management experience: Information Security Risk Management activities. A total of 200 hours.
Other requirements: Signing the Pecb Code of Ethics.
The “PECB Certified ISO/IEC 27005 Risk Manager” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competency domains:
Domain 1: Fundamental principles and concepts of Information Security Risk Management
Domain 2: Implementation of an Information Security Risk Management program
Domain 3: Information Security risk management framework and process based on ISO/IEC 27005
Domain 4: Other Information Security risk assessment methods
To be considered valid, the information security activities should follow best implementation and management practices and include the following:
- Defining a risk management approach
- Designing and implementing an overall risk management process for an organization
- Defining risk evaluation criteria
- Performing risk assessment
- Identifying assets, threats, existing controls, vulnerabilities and consequences (impacts)
- Assessing consequences and incident likelihood
- Evaluating risk treatment options
- Selecting and implementing Information Security controls
- Performing risk management reviews