VIEWS: 13 PAGES: 4 CATEGORY: Business Flyers & Brochures POSTED ON: 2/12/2013
WHY IS THIS IT RISK ASSESSMENT WORKSHOP IMPORTANT? Are you effectively securing your organization’s IT systems that store, process, or transmit organizational information? Is your IT risk management plan tailored to the specific risk profile of your business and being coordinated across all functional and business units? With the release of IT Governance frameworks, requirements for risk management and new international standards entering the market, the pressure is mounting to ensure that all your IT risks are identified and the necessary action is taken – be this to mitigate them, accept or ignore them. So, how safe is your IT system? What are the risks that your organization is being exposed to? The solution to this challenge is to establish an effective risk management process that protects the organization, not just its IT assets, and provides it with the ability to perform its mission. Risk management is the process of identifying and assessing risk and taking preventive measures to reduce it to an acceptable level. It is critical that you develop an effective risk management program that assesses and mitigates risks within your IT systems and better manages these IT-related mission risks. BENEFITS OF ATTENDING THIS WORKSHOP Identify common IT project risks Learn how to assess threats and vulnerabilities to create a risk response strategy Understand what qualifies as risk with IT projects Understand the most common IT risk sources Qualify and quantify IT risks Learn the difference between negative and positive IT risks Develop an IT risk management plan Plan risk response methods for IT risks Create risk mitigation and contingency plans Monitor and control project risks Overcome resistance from stakeholders and team members Contact Kris at email@example.com to register.
INFORMATION TECHNOLOGY RISK MANAGEMENT & LEADERSHIP 14 - 17 APRIL 2013 RADISSON BLU IT DUBAI DEIRA CREEK SERIES UNITED ARAB EMIRATES COURSE OVERVIEW YOUR INTERNATIONAL Are you effectively securing your organization’s IT systems that store, process, or transmit organizational information? COURSE FACILITATOR Is your IT risk management plan tailored to the specific risk profile of your business and being coordinated across all functional and business units? Dr Mark T. Edmead MBA, CISSP, CISA, CompTIA Security+ With the release IT Governance frameworks, requirements for risk management and new international standards entering the market, the pressure is mounting IT Security to ensure that all your IT risks are identified and the necessary action is taken – be Consultant & Trainer this to mitigate them, accept or ignore them. So, how safe is your IT system? What MTE Advisors are the risks that your organization is being exposed to? Mark T. Edmead is a successful technology entrepreneur The solution to this challenge is to establish an effective risk management with over 28 years of practical experience in computer process that protects the organization, not just its IT assets, and provides it with systems architecture, information security, and project the ability to perform its mission. management. Mark excels in managing the tight-deadlines and ever Risk management is the process of identifying and assessing risk and taking changing tasks related to mission-critical project preventive measures to reduce it to an acceptable level. It is critical that you schedules. He has extensive knowledge in IT security, IT develop an effective risk management program that assesses and mitigates risks and application audits, Internal Audit, IT governance, within your IT systems and better manages these IT-related mission risks. including Sarbanes-Oxley, FDIC/FFIEC, and GLBA compliance auditing. Mr. Edmead understands all aspects of information security and protection including access controls, cryptography, security management practices, network BENEFITS OF ATTENDING and Internet security, computer security law and investigations, and physical security. Using a carefully selected case study, course participants will: He has trained Fortune 500 and Fortune 1000 companies • Identify common IT project risks in the areas of information, system, and Internet security. • Learn how to assess threats and vulnerabilities to create a risk response strategy He has worked with many international firms, and has the unique ability to explain very technical concepts in • Understand what qualifies as risk with IT projects & the most common IT risk sources simple-to-understand terms. Mr. Edmead is a sought after • Qualify and quantify IT risks author and lecturer for information security and information technology topics. • Learn the difference between negative and positive IT risks Mark works as an information security and regulatory • Develop an IT risk management plan compliance consultant. He has: • Plan risk response methods for IT risks • Conducted internal IT audits in the areas of critical • Create risk mitigation and contingency plans infrastructure/ systems and applications, • Monitor and control project risks • Assessed and tested internal controls of critical • Overcome resistance from stakeholders and team members infrastructure platform systems (Windows, UNIX, IIS, SQL, Oracle) • Assessed and tested internal controls of various critical financial applications. • Prepared risk assessments and determined risks to : EXCLUSIVE: COURSE QUESTIONNAIRE & TAKEAWAYS c critical financial data systems and infrastructure c components. 1. An extensive IT Security Architecture Questionnaire that will help you An extensive Security Architecture Questionnaire that will help extensive Security Architecture Questionnaire that c help • Created test plans & processes and executed test plans. organization’s evaluate your organizati ’ security position. i tii it iti 2. FREE CoBIT 4.0 IT Governance Assessment Evaluation Spreadsheet • Conducted reviews of existing systems and a applications, ensuring appropriate security, management 3. Take with you templates and worksheets to aid you in applying and putting a and data integrity via control processes. into practice what you have learned from this workshop. 4. FREE copy of course material, case studies, and other related items of the • Prepared written reports to all levels of management training workshop • Participated in audit review panel sessions to address r results, conclusions and follow-up actions required. © 360 BSI (M) Sdn Bhd (833835-X), Level 8 Pavilion KL, 168 Jal Bukit Bin g, 55100 Kuala Lump , Malaysia BSI (M) Bhd (833835-X) L l Pavilion KL, 168 Jalan Bukit Bintang, (833835 X) Pavilion Lumpur, Malaysia. Kuala Lumpur Mala 1 COURSE CONTENT DAY1 IT RISK MANAGEMENT LEADERSHIP WORKSHOP WHY THIS EVENT IT Risk Management Leadership Workshop is a special one-day course The aim of this interactive workshop is to provide designed to teach information security professionals how to become an you with the skills critical to IT Risk Management. effective information security manager. In addition, you will learn tips and techniques that will increase your competence and confidence when After attending this workshop, you will leave influencing information security in your organization. fully armed with the knowledge needed effectively secure your organization’s IT systems Implementing IT Risk Management in an organization is a major effort. & infrastructure. You will be able to establish an This requires coordination with all departments. It requires interfacing effective risk management program to assess with individuals at all levels from technicians and programmers to and mitigate risk, and protect your IT assets. managers, directors, and C-level executives. The combination of interactive presentations, In this workshop you will learn how perform a stakeholder analysis, hands-on exercises and open discussion groups outline the stakeholders required to accomplish your job, and how to along with real case studies, ensures you will effectively navigate the possible roadblocks preventing you from obtain maximum value from attending. accomplishing your tasks. In addition, you will learn tips and techniques that will increase your competence and confidence when influencing and implementing information technology in your organization. Managing the IT Risk Management Process - Creating an IT Risk Management framework - Determining your critical success factors (CSF) - Determining your key performance indicators (KPI) - Challenges in managing the process Understanding your Corporate Culture - Understanding your organization’s trends, strategy and environment - Tips, tricks, and trouble spots - Developing a business continuity management culture - Exercising, maintenance, and audit Understanding your Stakeholders - How to identify your key stakeholders - Performing a stakeholder analysis - Creating a stakeholder engagement communication plan - Getting stakeholder engagement and support DAY2 UNDERSTANDING THE NEED FOR IT RISK MANAGEMENT WHO SHOULD ATTEND In this section we will discuss why is it important to consider information Vice Presidents, Directors, General Managers technology risks and the impact if an assessment is not performed. Chief Information Officers Chief Information Security Officers - Use of IT risk management in an organization - The importance of IT risk management Chief Technology Officers - IT risk management and ownership IT Risk Managers - What is risk assessment? IT Security Managers Compliance Officers Establishing the context of risk in your business Program and Project Managers - Why your organization needs IT risk management IT Project Managers - Consequences for inadequate or no IT risk management activities IT Operation Managers - The benefits of implementing IT risk management 2 COURSE CONTENT DAY3 UNDERSTANDING IT SECURITY FRAMEWORKS AND STANDARDS Latest TESTIMONIALS An understanding of the various information technology frameworks and standards, and the basics of information security is necessary to 1 organized. very “Session well organized The trainer is ver better understand how to assess the risks associated with the security conversant with the subject matter. Well delivered implementation. and would definitely recommend to anyone else.” - Habil Mutende, Manager Information Security & Change - ISO 27001 Management, Central Bank of Kenya - COBIT IT Governance Framework - NIST SP-800 2 “Excellent presentation, excellent attitude to answer our questions & to share his experience.” Information security fundamentals - Senior Manager, IT Department, Deloitte - Confidentiality, integrity, and availability - Accountability, non-repudiation, identification 3 “I have used Mark in key roles with high visibility - Understanding information assurance clients. Without hesitation I would highly recommend Mark for any and all IT audit Developing an IT risk management strategy engagements. His professionalism, deep - How to perform a high-level risk assessment knowledge, and results oriented work style are - Understanding your business risk appetite deeply valued by not only myself, but more - Establishing your criteria for risk acceptance importantly by the all those who are lucky enough - Complying with industry, legal, and/or regulatory requirements to use his services.” - Russ Aebig, Director at Artesient 4 “We have used Mark Edmead on several projects in the past few years including SOX readiness for publicly traded companies and IT vulnerability DAY4 UNDERSTANDING THE IMPACT OF assessments for major financial institutions. He always delivers professional and detail-oriented IT RISK TO YOUR ORGANIZATION workpapers on-time and within budget. Mark is highly recommended and we will continue to use The risk “appetite” of an organization will vary depending on several him on other projects.” - Brenda Piazza, Director at CBIZ MHM variables. It is critical to understand what is it that you are protecting and the impact of a threat in the event it becomes real. - How to identify tangible and intangible assets - Determining the value of these assets - Comparing asset value versus control mitigation costs - Conducting a business impact analysis Applying risk management controls - Finding the right control to manage risk - Using best practice frameworks - How to manage residual risk Implementing an IT risk monitoring process - Performing periodic reviews - How to reporting IT risk status - Creating a risk reporting plan The IT Risk Management Document - Outline of the IT Risk Management document - Keeping your document up-to-date - Getting stakeholder support and acceptance COURSE SCHEDULE 8.00 Registration & Coffee/Tea 8.30 Workshop commences 10.10 - 10.30 Morning coffee/tea 12.00 - 13.00 Lunch 14.40 - 15.00 Afternoon coffee/tea 16.00 End of day 3 INFORMATION TECHNOLOGY REGISTRATION FORM RISK MANAGEMENT & Fax: +603 9205 7788 LEADERSHIP Tel: +603 9205 7772 Mobile: +6016 3326 360 14 - 17 APRIL 2013 RADISSON BLU DUBAI DEIRA CREEK Email: firstname.lastname@example.org UAE DELEGATES IN-HOUSE TRAINING 1 Name : 360 BSI is passionate about providing strategic IT programs and high potential training solutions across the region to build Name on tag : personal competencies and organizational capability. Job Title : You will receive practical training from a professionally qualified educator with over twenty years of teaching and Email : training experience. Mobile : Please feel free to mix-and-match topics from the areas listed below to get the right training content for your staff. Other 2 Name : topics may be available upon request. Name on tag : OTHER RELATED PUBLIC COURSES Job Title : IT Strategic Planning Email : Service Oriented Architecture (SOA) Business Continuity and Disaster Recovery Mobile : Preparing for the CISSP exam Cybercrime & Fraud Investigation 3 Name : IT Change Management Name on tag : IT Project Management Job Title : Hotel Contact Details: Email : For Room Reservation, contact for 360BSI corporate rates. Telephone: 00971 4 2057105 Fax: 00971 4 2234698 Mobile : E-mail: email@example.com Radisson BLU Hotel, Dubai Deira Creek AUTHORIZATION Baniyas Road, P.O. Box 476, Dubai, UAE (This form is invalid without a signature) General Information: Name : 1 Closing date for registration is 7th April 2013. 2 The fees cover lunch, tea breaks, materials and certificate. Job Title : 3 Official confirmation will be sent, once registration has Email : been received. 4 Participants will need to arrange their own accommodation. 5 Attire: Smart Casual Tel : ( ) Cancellations/Substitutions Organization : Substitutions are welcome at any time. Please notify us at Address : least 2 working days prior to the event. All cancellations will carry a 10% cancellation fee, once a registration form is received. All cancellations must be in writing by fax or email at least 2 weeks before the event date. Cancellations with less than 2 weeks prior to the event date carry a 100% liability. However, course materials will still be couriered to you. Signature : Date: / / Thank you for your registration! FEES PAYMENT DETAILS Payment is required within 5 days upon receipt of USD 2,995 per delegate the invoice. USD 2,795 per delegate - register before 24-FEB-2013 Bank transfer: USD 8,085 - Special for Group of 3 360 BSI (M) Sdn Bhd The fee does not include any taxes (withholding or otherwise). In case of any taxes applicable HSBC Bank Malaysia Berhad the client has to ensure that the taxes are paid on top of the investment fee paid for the course. Bukit Bintang Branch, Kuala Lumpur, Malaysia Compliance with the local tax laws is the responsibility of the client. Account No: 203-371059-725 Swift No: HBMBMYKL * Save up to 50% for In-house Training program All payments must be received prior to the event date © 360 BSI (M) Sdn Bhd (833835-X), Level 8 Pavilion KL, 168 Jalan Bukit Bintang, 55100 Kuala Lumpur, Malaysia. www.360bsi.com/IT 4
Pages to are hidden for
"IT Risk Management & Leadership 14 - 17 April 2013 Dubai"Please download to view full document