Organizations are being exposed to newer threats that can exploit their information security frameworks. What is more sinister is that the malicious potential of these threats is increasing with each passing day. This situation warrants the presence of a robust framework that can protect these systems at all costs. Moreover this framework should result from a coherent and standardized approach. Fortunately the ISO/IEC 27005 standard helps organizations take this structural approach.With its latest edition being released in 2022 ISO/IEC 27005 is the standard that requires organizations to conduct information security risk assessment according to the requirements of another standard the ISO 27001. With this course we as course developers aim for our students to learn about the concept of information security risk assessment and how it is performed. For this purpose we have divided this course into two modules. The first module talks about the relevance of ISO 27005 as a standard for information security risk management and the steps of information security management. This module also explains Clause 5 and Clause 6 of the standard.Moving forward the second module takes a more extensive approach to explain the standard and its requirements. In this regard students will get an explanation of clauses 7 8 9 and 10. Overall the course comprises mainly bullet points so students can quickly grasp complex concepts. Different illustrations tables and a separate PDF resource have also been added to simplify the associated concepts.