About INTEGRA Solution
INTEGRA Solution provides ICT based
solutions, consultancies and systems in
regulated environments for industries that
require digital risk management
INTEGRA Solution is the first company in
the wider region (SEE) which has
successfully made a business entity in the
banking sector compliant and certified for
information security (compliant with ISO
27001:2005).
We are equipped with 10+, 15+ senior level
staff and hands-on experience and
credentials of CISA, ISO 27001:2005 Lead
Auditors (IRCA) and CISSP certifications.
Profiled this way we guarantee successful
implementation of compliance based
solutions for regulated industries, such as
Basel II and overcoming the operational risk
in the banking sector, PCI for card
processing operators and merchandisers,
SOX Section 404 concerning IT controls of
information systems for financial reports and
Data Privacy and Intellectual Property
safeguarding regulations.
Exam and Certification
The “ISO/IEC 27005:2008 Certified
RISK Manager” exam is certified by
RABQSA and meets the criteria of the
"RABQSA Training Provider
Examination Certification Scheme"
(TPECS) and covers the following
competency unit:
ü RABQSA – IS (Information
Security Management System)
Duration of the exam: 2 hours.
A certificate will be issued to
participants who successfully
complete the exam.
An attendance confirmation
document will be issued to all other
participants.
About VERIDON
Veridion's mission is to provide businesses
with training and services in audit, Certified ISO 27005:2008 RISK Manager
compliance and information security,
thereby enabling them to evaluate, manage
and reduce their information security risks.
To maximize and safeguard the
investments of our clients, we guarantee
the topmost quality training adapted to their
needs, together with courteous and
unsurpassed customer service.
In everything we do, we emphasize
partnership, entrepreneurship, integrity and
team spirit because we know that they are
the key ingredients for a world-class
Security RISK Manager
Become Information
business.
This mission statement describes not only
our company's reason for being, but also
our goals and values. We trust these few
words will lead you to understand the
fundamental characteristics of Veridion
Site point of contact INFORMATION SECURITY MANAGEMENT SYSTEM (ISMS)
For any questions about registration,
accommodation, travel or any other Risk Manager (ISO 27005:2008 Standard)
logistical aspect of your attendance
th th
on Certified Risk Manager training Course: Monday 13 to Wednesday 15 of December 2010
course please contact us at: Registration: from 1st to 30th of November 2010 (Available 10 seats only)
INTEGRA Solution office:
contact@integrasolution.com.mk Unique offer to the ISMS based training market based on the professional certification
Tel/Fax: +389 (0)2 3177 177 schema of RAB QSA recognized all over the world.
A student manual containing over 200 pages of information and practical examples
will be distributed to the participants
A 14 CPE (Continuing Professional Education) participation certificate
Location of the Certified RISK
will be issued to all participants.
Manager training course:
Hotel TCC Plaza - Skopje
!000 Skopje
Macedonia
BENEFITS PEOPLE AND PROCESSES MORE IMPORTANT THAN

Price (training materials, coffee, lunch): 990 €* + VAT

* For second participant from same organization 10% discount
This three-day intensive training course enables the participants to master the TECHNOLOGY IN SECURING THE ENTERPRISE
basic risk management elements related to information using the ISO/IEC
27005:2008 standard as a reference framework.
ACCORDING TO GLOBAL SURVEY OF 4,000 INFORMATION
On successfully completing the course, students will have: SECURITY PROFESSIONALS
w Understand the main methodologies in Risk Management
w Understanding the application of an Risk Management in the ISO/IEC Results of the third annual Global Information Security Workforce Study, conducted by
27005:2008 context; global analyst firm IDC and sponsored by (ISC)². According to more than 4,000 information
w Acquire the knowledge necessary for the implementation, management and security professionals from more than 100 countries in the largest study of its kind, the most
maintenance of an ongoing risk management program; important elements in effectively securing their organization's infrastructure are (in order of
importance):
w To introduce the concepts, approaches, standards, methods and
· Management support of security policies
techniques allowing an effective management of risk;
· Users following security policy
w Understand the relationship between the information security management
· Qualified security staff
system including risk management), the security measures and the
compliance with the requirements of different stakeholders of an · Software solutions
organization; · Hardware solutions
w Acquire the skills necessary to effectively advise organizations on the best
According to the study, the top three success factors highlight the need for public and private
practices in Risk Management;
entities to focus more time and attention on policies, processes and people, all areas which
w Interpret the requirements of ISO/IEC 27001:2005 on risk management. have been traditionally overlooked in favor of trusting hardware and software to solve security
The ISO 27005 “Certified Risk Manager” participants will also develop personal problems. Survey respondents say organizations are now beginning to recognize that
skills and knowledge required to advise organizations on best practices in Risk technology is an enabler, not the solution, for implementing and executing a sound security
management in Information Security context. strategy.

WHY YOU SHOULD PARTICIPATE WHY ORGANIZATIONS SHOULD

CONTENT Increasing regulatory compliance within the HAVE PARTICIPANTS
The intensive three days training course provides:
public and private sectors requires strong
Ÿ Day 1: Introduction to risk management according to ISO 27005:2008 There are several key processes that should
security policies, processes, and controls,
Ø Understanding main methodologies in Risk Management be established within the organization with
which force organizations to adopt security
Ø Risk management according to ISO 27005 Information Security context, and they should
standards and frameworks for a long-term be driven by empowered professionals. We
Ø Concepts and definitions related to risk management approach to mitigating risk. mark them as:
Ø Standards, frameworks and methodologies in risk management Those requirements are reflected in the Ÿ Establishment of policies in compliance with
Ÿ Day 2: Risk management and risk treatment according to ISO 27005:2008 organizational charts and responsibilities of: regulatory requirements as a responsibility
Ø Implement a risk management program Ÿ Person responsible for Risk Management of Compliance officers.
Ø Risk analysis (identification and estimation) within an organization Ÿ Risk management process through
Ø Risk Assessment Ÿ Person responsible for information security systematic risk measurement of threats and
Ø Risk Treatment or conformity within an organization vulnerabilities as a main responsibility of
Ÿ Day 3: Disseminating risk management practices Ÿ Member of the information security team Risk officers and Top Management
Ø Acceptance of risk and management of residual risks Ÿ Expert advisor in IT Ÿ Processes of proper identification and
Ø Risk communication Ÿ Staff of organizations implementing or classification of assets and selection of
Ø Monitoring and controlling risk seeking to comply with ISO/IEC 27001:2005 appropriate controls to manage risks as a
Ø Exam “ISO/IEC 27005:2008 Certified Risk Manager” or involved in a risk management program responsibility of Information Security
They are responsible as a team to demonstrate officers
Based on practical exercises and case studies, the participant will be able to perform an Ÿ Mitigate risks and proactive elimination of
that organization is mitigating risk to clients,
optimal risk evaluation and manage risks in time by being familiar with their life cycle. threats and vulnerabilities as a responsibility
consumers, shareholders, authorities and
Note that this training fits perfectly in the framework of an ISO 27001 standard society at large. of an Information Technology Officers.
implementation process. This course through people delivers value to all
of these processes.
REGISTER TODAY