Certified Risk Assessment Specialist

Upcoming Courses

November 15 - 19, 2010 in Phoenix, AZ ($2,495 tuition)

November 29 - December 3rd, 2010 in Las Vegas, NV ($2,495 tuition)

December 13 - 17, 2010 in Phoenix, AZ ($2,495 tuition)

January 10 - 14, 2011 in Las Vegas, NV ($2,495 tuition)

January 24 - 28, 2011 in Phoenix, AZ ($2,495 tuition)

Please email info@orangeparachute.com or call 1-800-841-9329 extension 1 with questions and/or to enroll in a course.

Course Introduction:
Risk management is arguably one of the most misunderstood concepts around, yet there is growing demand for risk based decision making, both through internationally recognized standards such as ISO 27001 and regulatory/statutory obligations such as HITECH/HIPAA, GLBA, SOX, PCI and others. Many of these regulatory initiatives REQUIRE organizations to conduct a risk assessment, but they provide little direction on how to do so. Although the International Organization for Standardization (ISO) has issued ISO 27005 (Information Security Risk Management) and ISO 31000 (Enterprise Risk Management, or ERM) standards, these documents are not really implementation guides, rather, guides for attributes a risk management implementation should have. Risk Management programs many times identify proper risk arenas, but lack a cohesive risk management structure to ensure that a high risk in one arena is equivalent to a high risk in another arena, or, apples to apples. Risk ownership is many times not fully understood, resulting in assignment of risk responsibilities to entities not empowered to act. Perusing the literature, it is obvious that some risk arenas are very mature, others in their infancy, and risk silos are the norm.

The Orange Parachute Certified Risk Assessment Specialist training course is designed from real world experience gained in building and certifying multiple information risk management systems worldwide. This has resulted in porting of quality based management systems into the world of Risk Management. HOW-TO courses tend to focus on academic arguments, which although conceptually correct, seldom help the individual apply the concept into their unique business environments. Although the focus of this course will be in the risk arena of information risk to confidentiality, integrity and availability, the concepts are applicable for any type of risk that needs to be managed. This is NOT an academic course. These are techniques that WORK and can be immediately applied. This is essential information for anyone contemplating risk management in any arena.

Dates:

  • Call 1-800-841-9329 x1 or Email Us for public course schedule

Schedule (5-days):

  • Monday through Thursday: 8:30 A.M. to 5 P.M.
  • Friday: 8:30 A.M. to 12 Noon (11 A.M. to 12 Noon – Testing)

Learning objectives:

  • Understanding how information risk integrates into enterprise risk management
  • Understanding how to identify and quantify information risk
  • Understanding risk treatment options
  • Understanding how to monitor and measure information risk reduction

Curricula:

  • Effective communication: a huge barrier to success
  • Overview and synergy: ISO 27005, ISO 31000, ISO 27001, ISO 9001, ISO 20000
  • Overview and synergy (Compliance): HITECH/HIPAA, GLBA, SOX, etc.
  • The Risk Management System
  • Enterprise Risk Management: comparing apples to apples
  • Organizational risk strata
  • Risk mandate
  • Risk ownership
  • Risk framework
  • Threats/vulnerabilities
  • Risk scales
  • Risk algorithms
  • Control objectives
  • Risk audit
  • Risk status

Who should attend:

  • Individuals tasked with compliance risk initiatives, such as HITECH/HIPAA, GLBA, SOX, etc.
  • Individuals tasked with ISMS or ISO 27001 certification
  • Individuals tasked with ERM or ISO 31000 implementation
  • Auditors who desire to broaden their understanding of risk based controls and implementation techniques
  • INFOSEC and ERM Program Managers
  • Risk Analysts
  • Students of Management Systems

Prerequisites:

  • A basic understanding of information risk

Course Completion:

  • Certification as a Certified Risk Assessment Specialist will be issued upon successful completion of the exam for the course (score of 80% or better)

Price:

  • Certified Risk Assessment Specialist - please call for pricing.


1 800 841 9329