Information Security Management
The course provides instruction in security for network hardware, software, and data including using physical security measures, instituting backup procedures, protecting systems against attacks and intrusions, and gaining protection from malware. And, the course covers applying these concepts to the theme of “Protecting Yourself in the Digital Age.” The course is inline with all new developments in the IT security with focus on threats and risks, compliance and regulations, strategic alignment with business needs, security frameworks, architecture, effective policies and effective integration of standards and metrics.
· Understand information security needs and learn about risk management
· Recognize standards and best practices in information security management
· Upgrade and enhance your existing IT security policies, standards, procedures and guidelines
· Manage business continuity as an essential element of information security
· Identify controls to manage security and be able to measure security management effectiveness
Information Security Management – An Overview
· IT Risk Management
· Categorizing Physical and Electronic Risk
· IT and Networks
· Computer Systems Design
· Legal and Regulatory Considerations
· Information, Business and Risk – Case Study
Information Security Management
· Ensuring Information Security
· Confidentiality
· Integrity
· Availability
· Authenticity
· Non Repudiation of Data
· Ethical hacking and Industrial Espionage
· Where to design and place effective computer and management controls
Information Management – International Standards
· Code or Practice for Information Security Management – ISO 17799 / ISO27002
· Best Practice and Implementing Guidance and Controls For ISO27002
· Information Security Management Overview
· Risk Assessment and Controls
· Security Policy Documentation
· Organizing Information Security Management
· IT Asset Management
· Personnel and Human Resources
Information Management ISO27002
· Best Practice and Implementing Guidance and Controls For ISO27002
· Physical and Environmental Security
· Operations Management and Communications
· Access Control
· Information Systems (Design, Development, Maintenance)
· Incident Management
· Business Continuity
· Regulatory Compliance
· Best Practice and Implementation Guidance for BS ISO/IEC 38500:2008
· Case Study
Implementing Effective Information Security Management Frameworks
· Successful steps for IT Security Management
· Audit and Compliance for IT Resources
· Business Process Engineering
· Case Study
Software Developers, Project Managers, Business and IT Managers. Anyone involved in the creation, maintenance, or enforcement of the organizational information security policy, practices and procedures.