Ebios Risk Manager
Details:
Admission
• This certification applies to all information security professionals
• Admission after interview.
Knowledge validation
• All our courses include a multiple-choice test to validate the level of learning achieved.
Recommended prerequisites
• Knowledge of risk management is required, for example having completed ISO27005 Risk Manager training.
Mandatory prerequisites
• A basic understanding of information systems security is required (network security, systems security, etc.).
Our objectives
• EBIOS RM is a risk management method designed by ANSSI. This new method combines a compliance-based approach to focus on a reduced set of risks while examining them in greater depth, and places emphasis on risks related to stakeholders and outsourcing. It is recommended by ANSSI for project- and ISMS-oriented risk assessments.
• Access to a tool supporting the EBIOS Risk Manager methodology — Arimes — certified by ANSSI.
Content:
01
The basics of the EBIOS Risk Manager method
•Some high-level definitions (risk, severity, likelihood)
•Cyber risk management pyramid, strategic and operational cycles
•Presentation of the EBIOS Risk Manager method, divided into five workshops
02
Scoping and security baseline
•Defining the scope of the analysis: identifying the business elements relevant to the analysis
•Compliance-based approach through the security baseline of the subject under study
03
Risk sources
•Identifying risk sources and their targeted objectives
•Assessing the relevance of each risk source/targeted objective pairing
04
Exercises
•Identifying and assessing the threat level posed by stakeholders (ecosystem)
•Developing strategic scenarios: identifying attack paths
05
Operational scenarios
•Developing operational scenarios to assess the likelihood of attack paths
•The different modes of operation allow for a likelihood assessment tailored to cyber risk
06
Summary and risk treatment
•Summary of risk scenarios with their associated risk levels
•Risk treatment
•Setting up an action plan (Continuous Security Improvement Plan)
•Risk monitoring
Additional information

€1,700 excl. VAT / 21 hours of training
This training can be scheduled based on demand.
You can contact the training organization to learn more: formation@adacis.net or +33 5 47 33 51 79
