2 Day Risk Management Training


Our Risk Management course is designed to train delegates in the principles and practices for undertaking risk management. These are in line with the generic guidelines laid down in various standards including Quality Management, Environment Management, Safety Management & Information risk management in line with Enterprise risk management framework. Participants will also learn the skills and techniques of monitoring and auditing. On completion of the course, delegates should also understand the principles of risk management system, other requirements and implementation issues faced by the organization.

Risk Management

Course Description

This course is designed to provide delegates with the knowledge needed to implement and improve risk management systems. The course comprises a mix of lectures and practical exercises and case studies to provide the delegates with a full understanding of the requirements.


Course Content

Day 1

  • Introduction
  • Process Approach – SIPOC/ETVX
  • Work Shop - Identification of key telecom processes
  • Principles of Risk Management
  • BIA & Workshop : Development of Business Impact Framework
  • Understanding key Quality/Service Issues – Discussion Forum

Day 2

  • Risk Framework Development
  • Threat & Vulnerability Identification – Quality/Environment/Safety/Security and linkage to business issues etc.
  • Workshop – Risk Assessment
  • Risk Treatment and Mitigation Strategy
  • System Linkage – Incident management & Change management to Risk Management
  • Q&A Session



Our approach towards ISMS helps the organization in:

  • Recognition of Information Security Needs in a growing e-commerce environment
  • Audit focus on risk management – SIPOC Approach
  • Demand for a consistent Implementing & Auditing Methodology and Process in the Organization.
  • Enhance Implementing & Auditing Competency based on Organizational & Business Requirements
  • Growing demand for a recognized and accepted Information Security Management standard


The objective of this program is to provide knowledge on the risk management approach including framework, risk techniques, risk analysis, risk evaluation, risk treatment, risk strategy and the overall understanding of the requirements of ISO 27001 and other allied standards e.g. ISO 22301/ ISO 31000 / other risk based standards.



  1. Fundamentals of Risk Management
  2. Process Approach to Risk Management
  3. Risk Models / Risk Framework and BIA – Business Impact Assessment
  4. Risk Assessment/ Risk Analysis/ Risk Evaluation
  5. Risk Treatment
  6. Pro Active or Reactive Strategy
  7. Integrated Approach to Risk Management- Quality/ Service/ Information Security/ Service Continuity etc.
  8. ISO 27001 – Standard requirements
  9. Management Responsibility