RC131: IT Risk Management in Practice

Training: Security - Governance, Risk & Compliance

Participants receive a practical introduction to building and further developing an IT risk management system. The course covers methods for identifying, assessing, and controlling IT risks, as well as for conducting sound business impact analyses. It also addresses how the economic viability of measures can be analyzed and simulated.

Hybrid training Hybrid training

Start: 2025-11-17 | 09:30 am

End: 2025-11-18 | 04:30 pm

Location: Online

Price: 1.790,00 € plus VAT.

Presence training Presence training

Start: 2026-01-26 | 09:30 am

End: 2026-01-27 | 04:30 pm

Location: Nürnberg

Price: 1.790,00 € plus VAT.

Hybrid training Hybrid training

Start: 2026-04-27 | 09:30 am

End: 2026-04-28 | 04:30 pm

Location: Nürnberg

Price: 1.790,00 € plus VAT.

Hybrid training Hybrid training

Start: 2026-07-20 | 09:30 am

End: 2026-07-21 | 04:30 pm

Location: Nürnberg

Price: 1.790,00 € plus VAT.

Hybrid training Hybrid training

Start: 2026-09-28 | 09:30 am

End: 2026-09-29 | 04:30 pm

Location: Nürnberg

Price: 1.790,00 € plus VAT.

Request prefered appointment period:

* All fields marked with an asterisk are mandatory fields.

Agenda:

  • Regulatory legal foundations of (IT) risk management

  • Risk management as most important element of NIS2

  • Information security vs. IT risk management

  • Why many (IT) risk management systems today are not effective

  • The risk management process in practice

  • Tools in IT risk management

  • Practical exercise: Bow-Tie analysis incl. Business Impact Analysis (BIA)

  • Aggregation of (IT) risks

  • Communication about IT risks in the language of decision makers

  • Guideline for analysis of cyber risks in practice

  • Elements of an effective (IT) risk management in practice

  • Relevance of an effective IT risk management for corporate governance

Objectives:

Learn about practical tools for implementing IT risk management in the RC131 IT Risk Management seminar. The seminar is based on various case studies and offers an efficient, practically proven, and well-structured introduction to the topic. The focus of the training is on practical methods for implementing effective IT risk management.

Accordingly, the training does not include:

  • Compliance-driven implementation according to BSI™ Basic Protection or ISO 2700x/ISMS
  • Checklist-like implementation of a "risk accounting"
  • Qualitative risk maps or comparable subjective methods

Target audience:

IT Risk Manager, CISO, CIO, Managing Director, employees from the fields of Information Security and Security, and Internal Audit.

Prerequisites:

Basic knowledge of information security, familiarity with the daily operations of IT operations are advantageous.

Description:

Very few business processes still function without stable and secure IT systems. Every company must therefore address the impact scenarios of IT risks and deal with questions such as: How are IT risks identified and, above all, assessed? How are IT risks managed proactively or at least reactively? How can a Business Impact Analysis be conducted in a well-founded manner? How can the economic viability of measures be analyzed and simulated? What methods does the risk management toolbox offer you?

The intensive seminar RC131 IT Risk Management provides you with in-depth knowledge on the establishment and further development of an effective and efficient IT Risk Management System.

All participants receive comprehensive documentation in printed and electronic form. In virtual training sessions, participants receive all materials in digital format. Additionally, all participants receive the book "Risk Management" (Frank Romeike, Springer Verlag 2018) as well as a certificate from the Risk Academy.

check-icon

Guaranteed implementation:

from 3 Attendees

Booking information

Price:

1.790,00 € plus VAT.

(including lunch & drinks)

Authorized training partner

NetApp Partner Authorized Learning
Commvault Training Partner
CQI | IRCA Approved Training Partner
Veeam Authorized Education Center
Acronis Authorized Training Center
AWS Partner Select Tier Training
ISACA Accredited Partner
iSAQB
CompTIA Authorized Partner
EC-Council Accredited Training Center

Memberships

Allianz für Cyber-Sicherheit
TeleTrust Pioneers in IT security
Bundesverband der IT-Sachverständigen und Gutachter e.V.
Bundesverband mittelständische Wirtschaft (BVMW)
Allianz für Sicherheit in der Wirtschaft
NIK - Netzwerk der Digitalwirtschaft
BVSW
Bayern Innovativ
KH-iT
CAST
IHK Nürnberg für Mittelfranken
eato e.V.
Sicherheitsnetzwerk München e.V.