Course : EBIOS RM: Certification Prep.

EBIOS RM: Certification Prep.

Download in PDF format Share this course by email 2

Average of customer reviews Average of customer reviews Average of customer reviews
3,8 / 5
Download in PDF format Share this course by email 2

The EBIOS method is used to assess and handle information system security risks based on proven experience in information system consulting and business analysis. This training will provide you with all the skills needed to implement it in a real-world situation.


Inter
In-house
Custom

Practical course in person or remote class

Ref. EBU
Price : 1570 € E.T.
  2d - 14h00
Contact us




The EBIOS method is used to assess and handle information system security risks based on proven experience in information system consulting and business analysis. This training will provide you with all the skills needed to implement it in a real-world situation.

Teaching objectives
At the end of the training, the participant will be able to:
  • Understand the EBIOS method
  • Map risks
  • Know the basic aspects of risk management for information security, using the EBIOS method
  • Conduct risk management with the EBIOS Risk Manager method
  • Analyze and communicate the results of an EBIOS study

Intended audience
CISOs or security contacts, security architects, IT directors or officers, engineers, and project managers (owner, lead contractor) who need to incorporate security requirements

Prerequisites
Good knowledge of IS security and the 27005 standard.

Course schedule

The EBIOS Risk Manager method

  • Risk management fundamentals.
  • Spotlight on cybersecurity (priority threats).
  • Overview of EBIOS.
  • Main definitions of an EBIOS Risk Manager.

Framing and security base

  • Identifying the technical and business scope.
  • Identifying the feared events and assessing their severity levels.
  • Determining the security base.
Hands-on work
Identifying the feared events.

Sources of risk.

  • Identifying risk origins (ROs) and their target objectives (TOs)
  • Assessing the relevance of these pairs.
  • Assessing the RO/TO pairs and selecting the ones deemed a priority for the analysis.
  • Assessing the severity of the strategic scenarios.
Hands-on work
Identifying risk origins (ROs) and their target objectives (TOs) Assessing the RO/TO pairs.

Strategic scenarios

  • Assessing the threat levels associated with stakeholders.
  • Building a digital threat map of the ecosystem and critical stakeholders.
  • Writing strategic scenarios.
  • Defining security threats to the ecosystem.
Hands-on work
Assessing the threat levels associated with stakeholders. Writing strategic scenarios.

Operational scenarios

  • Writing operational scenarios.
  • Assessing likelihoods.
  • Threat modeling, ATT&CK.
  • Common Attack Pattern Enumeration and Classification (CAPEC).
Hands-on work
Writing operational scenarios. Assessing likelihoods.

Handling risk

  • Conducting a summary of risk scenarios.
  • Defining the treatment strategy.
  • Defining security measures in a SCIP.
  • Evaluating and documenting residual risks.
  • Setting up a risk monitoring framework.
Hands-on work
Defining the security measures in a Security Continuous Improvement Plan (SCIP). Setting up a risk monitoring framework.


Certification
This course, combined with course EBX (EBIOS RM: Certification Exam), on exam day, makes it possible to prepare for and take the PECB-certified EBIOS Risk Manager certification exam.

Practical details
Teaching methods;
The materials and instruction are in French.

Customer reviews
3,8 / 5
Customer reviews are based on end-of-course evaluations. The score is calculated from all evaluations within the past year. Only reviews with a textual comment are displayed.


Dates and locations
Select your location or opt for the remote class then choose your date.
Remote class