THE INFORMATION TECHNOLOGY GOVERNANCE

 

Descriptions :

The Information Technology (IT) Governance training is designed  specifically for experienced information security managers and those who have information security management responsibilities. The training  is for the individual who manages, designs, oversees and/or assesses an enterprise’s information security (IS). The IT governance training  promotes international practices and provides executive management with assurance that those earning the designation have the required experience and knowledge to provide effective security management in an enterprise. The course contents are impregnated by standard course recognized by CISA ( Certified Information Security  Auditor)

Objectives
The course has been designed to enhance the skill of participants in the area of security management, especially in relation to the practice and implementation of IT Governance in their day-to-day operation as related to information security management. The training shall provide the participant  with the following capabilities:

1. Have thorough understanding of   IT Governance  within the scope of  Information Security Management
2.  Enhanced knowledge and skill in dealing with the operational issues as related to information security within day-to-day installation operation
3.  Enhanced the skill in the design, implement, manage, and asses the organization’s  IT security system by applying the concept and philosophy of IT governance
4.  Prepare individual competency for the  professional exam

To enhance the skill of the participants in Information Secuity, and  IT governance as related to Corporate Governance and escalate their  management  proficiency with broad managerial perspective essential for their day-to-day IT security  operation and preparing the skill for IT security management  procedural set up.

Benefits:
On completion of this module, delegates will have a detailed understandingPROGRAM OUTLINE :
1    Good Corporate Governance and IT Governance

•  Information Security Governance
•  Information Risk Management
• Information Security Program(me) Development
• Information Security Program (me) Management
•  Information Security Management

2.Structures, Process & Relational Mechanisms for IT Governance Incident and Response Management

• An information security steering group function
• Legal and regulatory issues associated with Internet businesses, global transmissions and trans border data flows
• Common insurance policies and imposed conditions
• Information security process improvement

3.Board of Directors level view of IT Governance
4.IT Governance Model

• Recovery time objectives (RTO) for information resources
• Cost benefit analysis techniques in assessing options for mitigating risks threats and exposures to acceptable levels.
•  Security metrics design, development and implementation.
• Information security management due diligence activities and reviews of the infrastructure.

5.IT Balance Scored Card/IT BSC and IT Strategy Map

• Events affecting security baselines that may
• The requirements for collecting and presenting evidence; rules for evidence, admissibility of evidence, quality and completeness of evidence.
• External vulnerability reporting sources
•  The key components of cost benefit analysis and enterprise migration plans
•  Life-cycle-based risk management principles and practices.
• Cost benefit analysis techniques in assessing options for mitigating risks threats and exposures to acceptable levels.
• Security baselines and configuration management in the design and management of required risk assessment
• Changes to information security requirements in security plans, test plans and re-performance
• Disaster recovery testing for infrastructure and critical business applications, business applications and the infrastructure
•   Acquisition management methods and technique

6. Board of Directors level view of IT Governance
7. IT Val
8. IT Governance with COBIT
9.  AS-8015 on Good Corporate Governance for ICT
10. Cases

AUDIENCE TARGET

• Chief Information Security Officer (CISO)
• Chief Information Officers (CIO)
• Chief Technology Officers (CTO)
• IS/IT Steering Committee
• Audit Committee
• IT Senior Manager
• Information Security Manager
• Senior Risk Manager
• Senior Audit Manager
• IT & Audit Staff
• IT Security Staff
• Risk Management Staff
• Academic students