Back to category

CYB-303
Regulations, methodologies and approval of information security systems - 2019

Security in project management - Risk analysis - Security reports - Ebios method

OBJECTIVE :

This training, intended for the RSSI, Risk Managers or Operational Managers, aims to enable learners to understand a risk analysis method, EBIOS in this case, in order to carry out relevant risk analysis or security reports.

COURSE DURATION AND TIMETABLE :

The course lasts 4 days (28 hours).

GENERAL APPROACH :

Risk analysis is the building block of the security governance industry. EBIOS, recommended by the National Agency for the Security of Information Systems, is a toolbox for risk management that must be adapted to the environment in question. This is why an understanding of the principles is important.

This training aims first of all to outline all the principles before more closely studying the EBIOS method and its use in the improvement of security.

Learners will study a practical case to illustrate the different uses of the 2010 EBIOS method.

PREREQUISITE :

Course level: Basic

General understanding of the principles of security of information systems.

COURSE DIRECTOR(S) :

Thomas BOUSSON:

Consultant Manager, ON-X, more than ten years of experience, member of the EBIOS club.

CONTENT :

  • Topics covered during this training:
    • Definitions and basics
    • The Safety Management System (27001)
    • The risk management process
    • A risk management standard: ISO/IEC/27005
    • Some risk analysis methods: MEHARI, OCTAVE, EBIOS
    • Overview of the risk analysis method: EBIOS
    • Positioning of ISO 27001/ISO 27005/EBIOS
  • Risk management processes:
    • Defining a risk assessment approach
      • Identifying a suitable method
      • Defining risk acceptance criteria
    • Identifying risks
      • Identifying assets
      • Identifying threats
      • Identifying vulnerabilities
      • Identifying impacts (CDIT)
    • Risk analysis
      • Evaluating the impact on business
      • Evaluating the probability of an incident (threats, vulnerabilities, impacts)
      • Estimation of the level of risk
      • Determining risk acceptance
  • Study of the 5 modules of the EBIOS method
    • Recap
    • Study of dreaded events
    • Study of threat scenarios
    • Study of the risks
    • Study of security measures (link with ISO 15408 and ISO 27002)

WHEN AND WHERE :

Scheduled in French:

PARIS: Cancelled - Upcoming date, please consult us

 

For the English realization, please, consult us.

COURSE FEES :

€1,890 excluding tax (20% VAT)

See general terms

Dowload pdf
Print
Download registration form
Contact us