fr
en
Risk Assessment Methods – EBIOS
The EBIOS method, which stands for “Expression des Besoins et Identification des Objectifs de Sécurité” (Expression of Needs and Identification of Security Objectives), brings together a set of approaches and practices to assess and manage risks related to information systems. It is a major asset for organizations wishing to ensure optimal management of their IT security.
Our EBIOS training will provide you, through practical exercises, with the essential knowledge and skills for in-depth risk management using the EBIOS approaches. At the end of this training, you will take the PECB Certified EBIOS Risk Manager exam, which will assess your new professional skills and enable you to obtain your PECB qualification.
Targets
By the end of this EBIOS training, you will be able to:
- Understand the approaches and fundamentals of the EBIOS method
- Learn the different stages of completing EBIOS studies (pilot, control, reframe) as a project lead
- Understand and detail the results of an EBIOS study and its key objectives
- Develop the skills required to conduct an EBIOS study
- Manage information system security risks within an organization
- Analyze, report, and communicate the results of an EBIOS study
- Successfully pass the exam and obtain the PECB Certified EBIOS Risk Manager certification
Program
Introduction Round
- Individual introductions
- Exploration of participants’ expectations and objectives
- Introduction to the training framework
- Alignment with specific goals and challenges
- Identification of participants’ expectations and perspectives
--------------------------------------------------------------------------------------------------------------------
Day 1: Training Overview
- Group introductions
- Review of key elements of the training
- Explanation of the objectives and structure of the training
- Presentation of the teaching methods used
- Clarification of the elements assessed in the PECB EBIOS Risk Manager exam
Day 2: Introduction to the EBIOS Method
- General overview of the EBIOS methodology
- Main characteristics of EBIOS
- The 5 steps for implementing EBIOS
- The 4 pillars of the EBIOS method
Day 3: Risk Assessment Using EBIOS
- Designing the risk assessment study process
- Defining the reference scenario
- Setting the study scope
- Identifying the key elements to be considered
- Targeting threats and their origins
- Implementing security standards
- Developing requirement levels
- Creating a severity scale
- Creating a probability scale
- Designing risk management rules
- Identifying critical assets, their connections, and their owners
- Identifying support assets, their connections, and their owners
- Determining correlations between critical and support assets
- Listing existing security measures in place
- Assessing incidents to be addressed
- Evaluating threat scenarios
- Analyzing and assessing risks
- Identifying security objectives
- Formalizing security measures to be applied
- Exam preparation
- Preparation for the PECB Certified EBIOS Risk Manager exam through case study analysis
Prerequisites
No prerequisites are required to attend the EBIOS Risk Assessment Methods training.
Public
This training is intended for the following audiences:
- Anyone wishing to acquire the fundamentals of risk management
- Any professional involved in a risk assessment using the EBIOS method
- Any manager wishing to acquire techniques for analyzing and communicating risk assessment results according to EBIOS
Strong points
- Practical exercises based on real case studies with 350 pages of documentation
- 21 CPD credits
- Certification exam included in the training fee
- Free retake within 12 months in case of failure
Certification
During the training, you will receive a coupon code allowing you to take the exam. It is conducted in person only and is an essay-type exam, where you must provide written answers to questions based on a practical case study. The PECB Certified EBIOS Risk Manager exam meets the requirements of the PECB Examination and Certification Program. It covers the following areas of competence:
- Fundamental principles and concepts of information security risk management according to the EBIOS method
- Information security risk management program based on EBIOS
- Information security risk assessment based on EBIOS
You will have 3 hours to complete the PECB Certified EBIOS Risk Manager exam. Upon successful completion of the exam, and provided you meet the following requirements, you can obtain one of the two certifications:
- PECB Certified EBIOS Provisional Risk Manager: No professional experience required; signing the PECB Code of Ethics
- PECB Certified EBIOS Risk Manager: 2 years of professional experience, including 1 year in risk management; 200 hours of risk assessment activities; signing the PECB Code of Ethics
For more details on the conditions, please refer to the PECB Examination Rules and the PECB Certification Rules.
Targets
By the end of this EBIOS training, you will be able to:
- Understand the approaches and fundamentals of the EBIOS method
- Learn the different stages of completing EBIOS studies (pilot, control, reframe) as a project lead
- Understand and detail the results of an EBIOS study and its key objectives
- Develop the skills required to conduct an EBIOS study
- Manage information system security risks within an organization
- Analyze, report, and communicate the results of an EBIOS study
- Successfully pass the exam and obtain the PECB Certified EBIOS Risk Manager certification
Program
Introduction Round
- Individual introductions
- Exploration of participants’ expectations and objectives
- Introduction to the training framework
- Alignment with specific goals and challenges
- Identification of participants’ expectations and perspectives
--------------------------------------------------------------------------------------------------------------------
Day 1: Training Overview
- Group introductions
- Review of key elements of the training
- Explanation of the objectives and structure of the training
- Presentation of the teaching methods used
- Clarification of the elements assessed in the PECB EBIOS Risk Manager exam
Day 2: Introduction to the EBIOS Method
- General overview of the EBIOS methodology
- Main characteristics of EBIOS
- The 5 steps for implementing EBIOS
- The 4 pillars of the EBIOS method
Day 3: Risk Assessment Using EBIOS
- Designing the risk assessment study process
- Defining the reference scenario
- Setting the study scope
- Identifying the key elements to be considered
- Targeting threats and their origins
- Implementing security standards
- Developing requirement levels
- Creating a severity scale
- Creating a probability scale
- Designing risk management rules
- Identifying critical assets, their connections, and their owners
- Identifying support assets, their connections, and their owners
- Determining correlations between critical and support assets
- Listing existing security measures in place
- Assessing incidents to be addressed
- Evaluating threat scenarios
- Analyzing and assessing risks
- Identifying security objectives
- Formalizing security measures to be applied
- Exam preparation
- Preparation for the PECB Certified EBIOS Risk Manager exam through case study analysis
Prerequisites
No prerequisites are required to attend the EBIOS Risk Assessment Methods training.
Public
This training is intended for the following audiences:
- Anyone wishing to acquire the fundamentals of risk management
- Any professional involved in a risk assessment using the EBIOS method
- Any manager wishing to acquire techniques for analyzing and communicating risk assessment results according to EBIOS
Strong points
- Practical exercises based on real case studies with 350 pages of documentation
- 21 CPD credits
- Certification exam included in the training fee
- Free retake within 12 months in case of failure
Certification
During the training, you will receive a coupon code allowing you to take the exam. It is conducted in person only and is an essay-type exam, where you must provide written answers to questions based on a practical case study. The PECB Certified EBIOS Risk Manager exam meets the requirements of the PECB Examination and Certification Program. It covers the following areas of competence:
- Fundamental principles and concepts of information security risk management according to the EBIOS method
- Information security risk management program based on EBIOS
- Information security risk assessment based on EBIOS
You will have 3 hours to complete the PECB Certified EBIOS Risk Manager exam. Upon successful completion of the exam, and provided you meet the following requirements, you can obtain one of the two certifications:
- PECB Certified EBIOS Provisional Risk Manager: No professional experience required; signing the PECB Code of Ethics
- PECB Certified EBIOS Risk Manager: 2 years of professional experience, including 1 year in risk management; 200 hours of risk assessment activities; signing the PECB Code of Ethics
For more details on the conditions, please refer to the PECB Examination Rules and the PECB Certification Rules.
Training content provided in partnership with PECB.