Close this search box.

Are you the victim of a security incident? Contact our CERT


Cybersecurity Coordination - "Bringing the ISP to life in the context of risk management"

This training program aims at deploying the ISP as part of the enterprise risk management. This module presents the techniques for aligning and updating the ISP while taking into account the new threats to which the company is exposed.

Course overview

  • Deploy the ISP as part of the company’s overall risk management
  • Update the ISP to take into account new threats
  • Put in place means to measure the implementation of and compliance with the ISP

Course Curriculum

The CISO facing the risks

  • Why manage risk?
  • A definition of risk
  • The risk management process

Defining an ISP

  • ISP: definition & stakes involved
  • The ISP and the organization
  • Content of a ISP
  • How to write a ISP

Deploying the ISP

  • Deployment within the organization
  • Integration of security in projects
  • Deployment at the organization’s edge
  • Communication strategy
    Management of deviations from the ISP

Update the ISP

  • Factors in the evolution of a ISP
  • Application of the PDCA to the ISP
  • Evolutions, Risks and ISP

Measure and improve the implementation of the ISP

  • Measurements of the effectiveness of the ISP
  • Definition and implementation of indicators
  • Improving security based on indicators

Method of Assessment

Production of a final online questionnaire covering all the concepts learned

Training benefits

This training is based on alternating theoretical and practical sessions:

  • Practical tools
  • Operating recommendations
  • Real case studies
  • Distance learning and face-to-face formats possible

Who should attend?

  • CISO
  • Risk Manager
  • DSI
  • Project Manager (technical and/or functional)
  • Program Director

Entry Requirements

  • General knowledge of information systems
  • General knowledge of risk management
  • General knowledge of information systems security

How and when to access

The participant is considered registered when:

  • The prerequisites and needs are identified and validated
  • The training agreement is signed

Registration requests can be sent up to 10 working days before the start of the training.


Whether you are recognized as having a disability or not, making our training accessible to everyone is part of our commitment.

If you need compensation or adaptation for the content, the supports, the “venue”, the material used, the schedules, the rhythm, we are at your disposal.

To go further

This training course is a preparation for the following training course:


7 hours


OPCO support

Download the training sheet in PDF format

Would you like more information?

+33 (0)2 55 59 01 11

Almond commits itself to ensure that the collection and processing of your data, carried out from the site, are in conformity with the General Data Protection Regulation (GDPR) and with the modified law n° 78-17 of January 6, 1978, relating to the protection of personal data. The information collected on this form is recorded in a file computerized by Almond, in order to answer the requests for information. You can access the data concerning you, ask for their correction or their deletion. You also have a right of opposition, and a right to limit the processing of your data (see for more information on your rights). You can exercise your rights by contacting Almond's Data Protection Officer at the following address: [email protected]. Your data will be kept within the European Union, in accordance with the regulations in force.