Frequently Asked Questions

What is PCIRM?

PCIRM is a BCS qualification which stands for Practitioner Certificate in Information Risk Management. It is a practitioner-level qualification which demonstrates that you have a hands-on level of understanding of information risk management.

Who is PCIRM aimed at?

PCIRM is aimed at anyone who is involved in information security that needs to understand and implement information risk management processes. The qualification and training course is ideal if you are involved or going to be involved in risk management activities as part of an ISO 27001 implementation project. Equally, if you want to gain a greater understanding of risk and how to quantify and analyse it, attending a PCIRM course will be of real value to you.  We will also help you to articulate information security risk in business language to ensure that it is considered in the same way as other business risks such as operational or financial risk.

URM’s PCIRM training course is based upon the best practice risk management guidelines as presented in ISO 31000 and ISO 27005.  So you can be confident in applying what you learn within your business and knowing that it will be accepted as best practice by ISO 27001 auditors and assessors.

What are the benefits of attending a PCIRM course?

URM’s PCIRM training course provides you with an in-depth knowledge of the processes associated with effective information risk management and, importantly, you will gain experience of conducting those processes in a hands-on learning environment. You will learn how to confidently establish what your most important risks are and how to evaluate them against your organisation’s risk appetite to determine the most appropriate and effective ways of treating them. At the end of the course, you will be in a position to apply information risk management processes within your organisation, enabling you to protect your important information assets more effectively.

Passing the end of course exam and gaining the PCIRM qualification, will provide you with a level of credibility that will greatly enhance your career. If you are looking to embark on a career that includes information risk management responsibilities, PCIRM is the course for you.

What will I learn on a PCIRM training course?

By attending URM’s PCIRM training course, you will learn about all of the component parts of information risk management.  You will learn, for example, how to identify the important information assets in your organisation and understand why they are important. You will also learn how to identify the threats that could harm your key assets and also to assess any vulnerabilities that might lead to those threats materialising. The PCIRM training course also teaches you about the different options available to treat the risks that you have identified and what the most effective and appropriate controls are. Information classification schemes is another subject that is covered on the course along with the most effective ways of communicating information risk to your organisation’s management so that they can make informed decisions on how to proceed.

What is the format of a PCIRM training course?

URM’s PCIRM course is delivered by our experienced information security and risk management consultants and practitioners. You will learn all the key components of information risk management through a combination of PowerPoint presentations and real-life examples on how to apply risk management processes. Working through case studies, you will undertake practical exercises on each stage of the risk management process. This will enable you to quickly gain hands-on experience on what you have learned in the classroom. URM’s trainers are experienced information security and risk management practitioners and consultants and are happy to discuss and review what you have learned and applied as well as addressing any specific queries you may have. By attending URM’s PCIRM course, you will build the knowledge and confidence to implement information risk management processes within your own organisation or in your future career.

Are there any pre-requisites to attending a PCIRM course?

As the PCIRM is a practitioners course, it is intended for those who have an understanding of information security and the need for effective risk management. An understanding of IT, ISO 27001 and how information security is managed within your organisation would be advantageous.

Great facilitator - helpful examples provided and an engaging presenter.