Risk management with the MONARC Tool at konzeptacht
On the Subject
Many companies that operate an Information Security Management System (ISMS) are familiar with the requirements for a risk management system. After a methodology has been found and defined that meets the requirements of a standard, e.g. B. corresponds to ISO / IEC 27001: 2013, a way must be found to map the risk management.
The use of office products generally does not require a new licensing of tools, but it is often confusing and difficult to use or maintain. Other products on the market have high licensing and maintenance costs.
MONARC (Optimized Risk Analysis Method), which is developed by CASES.lu and distributed under an open source license, offers a methodology for risk analysis based on ISO / IEC 27005 and is therefore a sensible alternative.
This can be used to control information security risks and operational risks for companies. Dashboards offer the possibility of graphically displaying all results from risk management.
The aim of this training is to give you an understanding of how the MONARC tool works. In one day you will be given the procedure in MONARC, the creation of your own specifics and step-by-step instructions on how you can map your risk analysis in MONARC.
Our experienced lecturers respond to your individual questions and show you everything that is necessary for effective and efficient risk management, from the first steps, through risk analyzes to maintaining a statement of applicability (SoA), various evaluation options and creating annual reports. in front. Here, your individual needs, such as existing certifications, legal requirements such. B. from the IT security catalog or the requirements from §8a (3) BSIG.
• Risk Manager
• Information security officer (ISB / ISO / CISO)
• Risk managers
• Manager / managing director
• On request: administrators (for technical support for your own installations)
• Use of experienced lecturers who have been trained in the MONARC tool and have been using it for many months
• Demo environments to try out yourself in the system
• Proposals to implement requirements such as: B. from ISO / IEC 27001: 2013, KritisV and similar
• Constant knowledge transfer
• Effective and efficient training in just one day on site
Information & Contact
Further information on the training can be found here, on the homepage of our partner konzeptacht GmbH.