INFORMATION
TECHNOLOGY
RISK
MANAGEMENT &
LEADERSHIP

30 MARCH - 02 APRIL 2014
RADISSON BLU
DUBAI DEIRA CREEK
UNITED ARAB E...
COURSE
CONTENT
DAY1 IT RISK MANAGEMENT
LEADERSHIP WORKSHOP
IT Risk Management Leadership Workshop is a special one-day cou...
COURSE
CONTENT
DAY3 UNDERSTANDING IT SECURITY
FRAMEWORKS AND STANDARDS
An understanding of the various information technol...
INFORMATION
TECHNOLOGY
RISK
MANAGEMENT &
LEADERSHIP

REGISTRATION FORM
Fax: +603 9205 7779
Tel: +603 9205 7772
Mobile: +60...
Upcoming SlideShare
Loading in …5
×

IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE

174
-1

Published on

Are you effectively securing your organization’s IT systems that store, process, or transmit organizational information?
Is your IT risk management plan tailored to the specific risk profile of your business and being coordinated across all functional and business units?


With the release of IT Governance frameworks, requirements for risk management and new international standards entering the market, the pressure is mounting to ensure that all your IT risks are identified and the necessary action is taken – be this to mitigate them, accept or ignore them. So, how safe is your IT system? What are the risks that your organization is being exposed to?

The solution to this challenge is to establish an effective risk management process that protects the organization, not just its IT assets, and provides it with the ability to perform its mission.

Risk management is the process of identifying and assessing risk and taking preventive measures to reduce it to an acceptable level. It is critical that you develop an effective risk management program that assesses and mitigates risks within your IT systems and better manages these IT-related mission risks.


BENEFITS OF ATTENDING THIS WORKSHOP


Identify common IT project risks
Learn how to assess threats and vulnerabilities to create a risk response strategy
Understand what qualifies as risk with IT projects
Understand the most common IT risk sources
Qualify and quantify IT risks
Learn the difference between negative and positive IT risks
Develop an IT risk management plan
Plan risk response methods for IT risks
Create risk mitigation and contingency plans
Monitor and control project risks
Overcome resistance from stakeholders and team members



WHO SHOULD ATTEND THIS WORKSHOP

IT risk managers
IT security managers
Compliance officers
Program and project managers
IT project managers
IT operation manager


Contact Kris at kris@360bsi.com to register.

Published in: Business, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
174
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
11
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

IT Risk Management & Leadership 30 March - 02 April 2014 Dubai UAE

  1. 1. INFORMATION TECHNOLOGY RISK MANAGEMENT & LEADERSHIP 30 MARCH - 02 APRIL 2014 RADISSON BLU DUBAI DEIRA CREEK UNITED ARAB EMIRATES IT SERIES COURSE OVERVIEW Are you effectively securing your organization’s IT systems that store, process, or transmit organizational information? Is your IT risk management plan tailored to the specific risk profile of your business and being coordinated across all functional and business units? YOUR INTERNATIONAL COURSE FACILITATOR Dr Mark T. Edmead PhD, MBA, CISSP, CISA, COBIT With the release IT Governance frameworks, requirements for risk management and new international standards entering the market, the pressure is mounting to ensure that all your IT risks are identified and the necessary action is taken – be this to mitigate them, accept or ignore them. So, how safe is your IT system? What are the risks that your organization is being exposed to? The solution to this challenge is to establish an effective risk management process that protects the organization, not just its IT assets, and provides it with the ability to perform its mission. Risk management is the process of identifying and assessing risk and taking preventive measures to reduce it to an acceptable level. It is critical that you develop an effective risk management program that assesses and mitigates risks within your IT systems and better manages these IT-related mission risks. IT Transformational Consultant MTE Advisors Mark T. Edmead is a successful technology entrepreneur with over 28 years of practical experience in computer systems architecture, information security, and project management. Mark excels in managing the tight-deadlines and ever changing tasks related to mission-critical project schedules. He has extensive knowledge in IT security, IT and application audits, Internal Audit, IT governance, including Sarbanes-Oxley, FDIC/FFIEC, and GLBA compliance auditing. Mr. Edmead understands all aspects of information security and protection including access controls, cryptography, security management practices, network and Internet security, computer security law and investigations, and physical security. BENEFITS OF ATTENDING Using a carefully selected case study, course participants will: • Identify common IT project risks • Learn how to assess threats and vulnerabilities to create a risk response strategy • Understand what qualifies as risk with IT projects & the most common IT risk sources • Qualify and quantify IT risks • Learn the difference between negative and positive IT risks • Develop an IT risk management plan • Plan risk response methods for IT risks • Create risk mitigation and contingency plans • Monitor and control project risks • Overcome resistance from stakeholders and team members He has trained Fortune 500 and Fortune 1000 companies in the areas of information, system, and Internet security. He has worked with many international firms, and has the unique ability to explain very technical concepts in simple-to-understand terms. Mr. Edmead is a sought after author and lecturer for information security and information technology topics. Mark works as an information security and regulatory compliance consultant. He has: • Conducted internal IT audits in the areas of critical infrastructure/ systems and applications, • Assessed and tested internal controls of critical infrastructure platform systems (Windows, UNIX, IIS, SQL, Oracle) • Assessed and tested internal controls of various critical financial applications. EXCLUSIVE: : COURSE QUESTIONNAIRE & TAKEAWAYS 1. An extensive IT Security Architecture Questionnaire that will help you An extensive Security Architecture Questionnaire that will help extensive Security Architecture Questionnaire that c help evaluate your organizati ’ security position. organization’s i ti i it iti 2. FREE CoBIT 4.0 IT Governance Assessment Evaluation Spreadsheet 3. Take with you templates and worksheets to aid you in applying and putting into practice what you have learned from this workshop. 4. FREE copy of course material, case studies, and other related items of the training workshop • Prepared risk assessments and determined risks to critical financial data systems and infrastructure c components. c • Created test plans & processes and executed test plans. • Conducted reviews of existing systems and applications, ensuring appropriate security, management a and data integrity via control processes. a • Prepared written reports to all levels of management • Participated in audit review panel sessions to address results, conclusions and follow-up actions required. r Tel: Tel: +6016 3326 360 Fax: +603 9205 7779 kris@360bsig oup.com kr s@360bs group.com kris@360bsigroup.com 1
  2. 2. COURSE CONTENT DAY1 IT RISK MANAGEMENT LEADERSHIP WORKSHOP IT Risk Management Leadership Workshop is a special one-day course designed to teach information security professionals how to become an effective information security manager. In addition, you will learn tips and techniques that will increase your competence and confidence when influencing information security in your organization. Implementing IT Risk Management in an organization is a major effort. This requires coordination with all departments. It requires interfacing with individuals at all levels from technicians and programmers to managers, directors, and C-level executives. In this workshop you will learn how perform a stakeholder analysis, outline the stakeholders required to accomplish your job, and how to effectively navigate the possible roadblocks preventing you from accomplishing your tasks. In addition, you will learn tips and techniques that will increase your competence and confidence when influencing and implementing information technology in your organization. WHY THIS EVENT The aim of this interactive workshop is to provide you with the skills critical to IT Risk Management. After attending this workshop, you will leave fully armed with the knowledge needed effectively secure your organization’s IT systems & infrastructure. You will be able to establish an effective risk management program to assess and mitigate risk, and protect your IT assets. The combination of interactive presentations, hands-on exercises and open discussion groups along with real case studies, ensures you will obtain maximum value from attending. Managing the IT Risk Management Process - Creating an IT Risk Management framework - Determining your critical success factors (CSF) - Determining your key performance indicators (KPI) - Challenges in managing the process Understanding your Corporate Culture - Understanding your organization’s trends, strategy and environment - Tips, tricks, and trouble spots - Developing a business continuity management culture - Exercising, maintenance, and audit Understanding your Stakeholders - How to identify your key stakeholders - Performing a stakeholder analysis - Creating a stakeholder engagement communication plan - Getting stakeholder engagement and support DAY2 UNDERSTANDING THE NEED FOR IT RISK MANAGEMENT In this section we will discuss why is it important to consider information technology risks and the impact if an assessment is not performed. - Use of IT risk management in an organization - The importance of IT risk management - IT risk management and ownership - What is risk assessment? Establishing the context of risk in your business - Why your organization needs IT risk management - Consequences for inadequate or no IT risk management activities - The benefits of implementing IT risk management WHO SHOULD ATTEND Vice Presidents, Directors, General Managers Chief Information Officers Chief Information Security Officers Chief Technology Officers IT Risk Managers IT Security Managers Compliance Officers Program and Project Managers IT Project Managers IT Operation Managers 2
  3. 3. COURSE CONTENT DAY3 UNDERSTANDING IT SECURITY FRAMEWORKS AND STANDARDS An understanding of the various information technology frameworks and standards, and the basics of information security is necessary to better understand how to assess the risks associated with the security implementation. - ISO 27001 - COBIT IT Governance Framework - NIST SP-800 Information security fundamentals - Confidentiality, integrity, and availability - Accountability, non-repudiation, identification - Understanding information assurance Developing an IT risk management strategy - How to perform a high-level risk assessment - Understanding your business risk appetite - Establishing your criteria for risk acceptance - Complying with industry, legal, and/or regulatory requirements DAY4 UNDERSTANDING THE IMPACT OF IT RISK TO YOUR ORGANIZATION The risk “appetite” of an organization will vary depending on several variables. It is critical to understand what is it that you are protecting and the impact of a threat in the event it becomes real. - How to identify tangible and intangible assets - Determining the value of these assets - Comparing asset value versus control mitigation costs - Conducting a business impact analysis Latest TESTIMONIALS 1 “I am impressed with the quality of teaching. I am now more equipped to handle my job more efficiently.” - Okudo Anayo, ERM Financial Risk Manager, Asset Management Corporation of Nigeria 2 “The course was very informative and an eye opener on how to manage IT Risk in an organization.” - George Ochola, Manager - IT Risk, Equity Bank Limited 3 “A great & interactive course. It has enhanced my knowledge regarding IT Risk Management. Dr. Mark is an excellent trainer.” - Yousif Ebrahim Faraj, Senior Lecturer, Bahrain Institute of Banking & Finance (BIBF) 4 “The course was very interactive and informal. There were many takeaways which will help me in implementing Risk Management in my organization and also help in procuring management buy-in.” - Aziz Ahmed, Head of IT, Wall Street Exchange Centre LLC 5 “This course covers all the essential knowledge on IT Risk.” - Abdullah Al-Nami, Senior Vice President for Operational Risk and MLC, Riyad Bank 6 “The trainer well managed the interaction between the participants and delivered the material very professionally.” - Adnane Ajroudi, Applications Manager, Dolphin Energy Ltd Applying risk management controls - Finding the right control to manage risk - Using best practice frameworks - How to manage residual risk Implementing an IT risk monitoring process - Performing periodic reviews - How to reporting IT risk status - Creating a risk reporting plan The IT Risk Management Document - Outline of the IT Risk Management document - Keeping your document up-to-date - Getting stakeholder support and acceptance COURSE SCHEDULE 8.00 8.30 10.10 - 10.30 12.00 - 13.00 14.40 - 15.00 16.00 Registration & Coffee/Tea Workshop commences Morning coffee/tea Lunch Afternoon coffee/tea End of day 3
  4. 4. INFORMATION TECHNOLOGY RISK MANAGEMENT & LEADERSHIP REGISTRATION FORM Fax: +603 9205 7779 Tel: +603 9205 7772 Mobile: +6016 3326 360 30 MARCH - 02 APRIL 2014 RADISSON BLU DUBAI DEIRA CREEK UAE Email: kris@360bsigroup.com DELEGATES 1 Name IN-HOUSE TRAINING : 360 BSI is passionate about providing strategic IT programs and high potential training solutions across the region to build personal competencies and organizational capability. Name on tag : Job Title : Email 2 : Mobile : Name You will receive practical training from a professionally qualified educator with over twenty years of teaching and training experience. : Please feel free to mix-and-match topics from the areas listed below to get the right training content for your staff. Other topics may be available upon request. Name on tag : OTHER RELATED PUBLIC COURSES Job Title : Email Mobile 3 : Name IT Governance Service Oriented Architecture (SOA) Business Continuity and Disaster Recovery Preparing for the CISSP exam Information Security Management Principles IT Change Management IT Project Management : : Name on tag : Job Title : Email Mobile Hotel Contact Details: : : For Room Reservation, contact for 360BSI corporate rates. Telephone: 00971 4 2057105 Fax: 00971 4 2234698 E-mail: reservations.dxbza@radissonblu.com Radisson BLU Hotel, Dubai Deira Creek Baniyas Road, P.O. Box 476, Dubai, UAE AUTHORIZATION (This form is invalid without a signature) Name Job Title : Email : Tel : ( General Information: : 1 2 3 4 5 ) Cancellations/Substitutions Organization : Substitutions are welcome at any time. Please notify us at least 2 working days prior to the event. All cancellations will carry a 10% cancellation fee, once a registration form is received. All cancellations must be in writing by fax or email at least 2 weeks before the event date. Cancellations with less than 2 weeks prior to the event date carry a 100% liability. However, course materials will still be couriered to you. Address : Signature : Registrations close ONE (1) week before the training dates. The fees cover lunch, tea breaks, materials and certificate. Official confirmation will be sent, once registration has been received. Participants will need to arrange their own accommodation. Attire: Smart Casual Date: / / FEES USD 2,995 per delegate USD 8,085 - Special for Group of 3 USD 12,000 - Special for Group of 5 The fee does not include any taxes (withholding or otherwise). In case of any taxes applicable the client has to ensure that the taxes are paid on top of the investment fee paid for the course. Compliance with the local tax laws is the responsibility of the client. * Save up to 50% for In-house Training program Thank you for your registration! PAYMENT DETAILS Payment is required within 5 days upon receipt of the invoice. Bank transfer: 360 BSI MIDDLE EAST LIMITED Abu Dhabi Commercial Bank Dubai Mall Branch, P.O.Box 49124 Dubai, U.A.E Account No: 10065721319001 Swift No: ADCBAEAAXXX IBAN No: AE780030010065721319001 All payments must be received prior to the event date © 360 BSI (M) Sdn Bhd (833835-X), Level 8 Pavilion KL, 168 Jalan Bukit Bintang, 55100 Kuala Lumpur, Malaysia. www.360bsi.com/IT 4

×