About the certification


The ISO/IEC 27005 Information Security Risk Management standard provides guidelines for information security risk management in an organization. The ISO/IEC 27005 Lead Risk Manager is a certification intended for individuals seeking to validate their advanced knowledge of Informtion Security Risk Management in accordance with the ISO/IEC 27005 standard. The ISO/IEC 27005 Lead Risk Manager certification exam is based on the ISO/IEC 27005 Information Security Risk Management standard.

This exam includes topics such as terms and definitions commonly used in the ISO/IEC 27005 standard, Scope, Overview of the information security risk management process, Context establishment, Information security risk assessment (Risk identification, Risk analysis, and Risk evaluation), Information security risk treatment (Risk modification, Risk retention, Risk avoidance, and Risk sharing), Information security risk acceptance, Information security risk communication and consultation, Information security risk monitoring and review, Defining the scope and boundaries of the information security risk management process, Identification and valuation of assets and impact assessment, Examples of typical threats, Vulnerabilities and methods for vulnerability assessment, and Information security risk assessment approaches.

The ISO/IEC 27005 Lead Risk Manager certification exam is an online, closed-book, and remotely-proctored exam. This exam consists of 40 multiple-choice questions. The passing score is 70%. Candidates will have 60 minutes to complete the exam. The exam is available in English and Portuguese (Brazilian). Validate your advanced knowledge of the ISO/IEC 27005 standard and advance your career in Information Security. Register for your online exam now!





Information Security Risk Management Foundation n

Exam details


Exam code

ITC-071

Launch date

March 12, 2022

Exam description

The ISO/IEC 27005 Lead Risk Manager exam tests the candidate's advanced knowledge of the ISO/IEC 27005.

Current version

v1 (March 12, 2022)

Exam format

Multiple choice; computer-based; closed book (online proctored exam)

Number of questions

40 questions

Passing score

70% (28 out of 40)

Exam duration

60 minutes

Level

Advanced

Languages

English and Portuguese (Brazilian)

Exam description

This exam includes topics such as Terms and definitions commonly used in the ISO/IEC 27005 standard, Scope, Overview of the information security risk management process, Context establishment, Information security risk assessment (Risk identification, Risk analysis, and Risk evaluation), Information security risk treatment (Risk modification, Risk retention, Risk avoidance, and Risk sharing), Information security risk acceptance, Information security risk communication and consultation, Information security risk monitoring and review, Defining the scope and boundaries of the information security risk management process, Identification and valuation of assets and impact assessment, Examples of typical threats, Vulnerabilities and methods for vulnerability assessment, and Information security risk assessment approaches.

RECOMMENDED HOURS OF STUDY

32 hours

Bloom's Taxonomy

Level 2 (Understanding), Level 3 (Applying), Level 4 (Analyzing), and Level 5 (Evaluating)

Recommended reading

• ISO/IEC 27005:2018 Information technology - Security techniques - Information security risk management

Prerequisites

Pass the ITC-012: Information Security Risk Management Foundation exam.

Recommended experience

Six months of work experience in Information Security Risk Management

Validity period

Lifetime

How to get certified


1

Browse our certification programs and choose your certification.

2

Discover the exam objectives and prepare for your exam.

3

Register for your online proctored exam.

4

Take your online proctored exam in the comfort of your home or office.

5

Congratulations! You are certified!

Frequently Asked Questions


  • How much does an Itcerts certification exam cost?

    All exams are available for $120 USD each. Prices may vary slightly by region and currency exchange rates.

  • Are there any prerequisites to take the exams?

    There are no prerequisites to take the exams. Itcerts recommends that candidates have at least six months of work experience in the area that the certification covers.

  • What is the exam retake policy?

    If a candidate does not achieve a passing score on the first attempt, there is no waiting period between the first and the second attempt. If a candidate does not achieve a passing score on the second attempt, the candidate must wait at least 7 days before retaking the exam for a third time. A candidate may not take a given exam any more than three times per year (12 months).

  • How do I register for an Online Proctored Exam?

    Visit the Online Proctored Exam registration page to find complete instructions.

  • Are there any mandatory training to take an exam?

    Training is recommended as part of your certification preparation, but it is not mandatory.

  • Which languages are the exams available in?

    Our exams are currently available in English and Portuguese (Brazilian).

  • Where can I take the exams?

    Exams are delivered online (Online Proctored Exams) and can be taken from anywhere in the world.

  • Do the Itcerts certifications expire?

    Itcerts certifications are considered good-for-life and do not expire.

  • How can a potential employer verify my certifications?

    Your employer can verify your certification on our certification verification page. Your certification number will be needed in order to process the verification.

Subscribe

Subscribe


Subscribe to our newsletter