MEHARI Risk Manager training enables you to gain the necessary knowledge and expertise to analyze the information security risks appropriate to the different stages of the security lifecycle in an organization. During this training course, you will have the opportunity to acquire the necessary skills to review the security services, detect critical risks and analyze risk scenarios based on the MEHARI risk analysis method.
Based on practical exercises and case studies, you will have the opportunity to acquire the necessary skills to perform stakes analysis and classification, evaluate the security services, conduct risk analysis and define security plans.
After mastering all the necessary concepts of risk analysis using the MEHARI method, you can sit for the exam and apply for a “Certified MEHARI Risk Manager” credential. By holding a Risk Manager Certificate, you will be able to demonstrate that you have the practical knowledge and professional capabilities to support an organization in performing risk assessment based on the MEHARI method.
A fundamental knowledge of risk management.
Day 1: Introduction to concepts and phases of MEHARI risk analysis method
Day 2: Conducting risk analysis using MEHARI method
Day 3: Security planning according to MEHARI method and Certification Exam
The “Certified MEHARI Risk Manager” exam fully meets the requirements of the Examination and Certification Programme (ECP) and is labeled by CLUSIF. The exam covers the following competency domains:
Domain 1: Fundamental principles and concepts of MEHARI risk analysis method
Domain 2: Stakes analysis and classification
Domain 3: Evaluation of security services
Domain 4: Risk analysis
Domain 5: Defining security plans based on the MEHARI method
After successfully completing the exam, you can apply for the credentials shown on the table below. You will receive a certificate once you comply with all the requirements related to the selected credential.
The requirements for Risk Manager Certifications are:
|Credential||Exam||Professional experience||Risk Management experience||Other requirements|
|Certified MEHARI Provisional Risk Manager||Certified MEHARI Risk Manager exam or equivalent||None||None||Signing the Code of Ethics|
|Certified MEHARI Risk Manager||Certified MEHARI Risk Manager exam or equivalent||Two years: One year of work experience in Risk Management||Risk assessment activities: a total of 200 hours||Signing the Code of Ethics|
To be considered valid, these risk assessment activities should follow best implementation practices and include the following: