Information Security Management
Details
INTRODUCTION
Information is the lifeblood to all organisations, without it, it would be severely impacted and ultimately cease to function. Information is knowledge and knowledge is power. With an ever changing climate of technology and threats (both technical and human), the need for trained security personnel to protect our information becomes increasingly critical evolutionary task. Information is at risk from many sources, legal, electronic, physical, internal and external to mention a few. It is paramount that security and related management personnel have an understanding of the risks, controls and countermeasures that are available to secure information and technology within an effective management framework. Furthermore utilising countermeasures, best practice and management techniques will mitigate electronic and physical risks and enhance protection to an organisation.
DURATION
5 Days
Outline
COURSE OUTLINE
Module 1:
Information Security Management - An Overview
- IT Risk Management
- Categorising Physical and Electronic Risk
- IT and Networks
- Computer Systems Design
- Legal and Regulatory Considerations
- Information, Business and Risk – Case Study
Module 2:
Information Security Management
- Ensuring Information Security
- Confidentiality
- Integrity
- Availability
- Authenticity
- Non Repudiation of Data
- Ethical hacking and Industrial Espionage
- Where to design and place effective computer and management controls
- Case Study
Module 3:
Information Management – International Standards
- Code or Practice for Information Security Management – ISO 17799 / ISO27002
- Best Practice and Implementing Guidance and Controls For ISO27002
- Information Security Management Overview
- Risk Assessment and Controls
- Security Policy Documentation
- Organising Information Security Management
- IT Asset Management
- Personnel and Human Resources
Module 4:
Information Management ISO27002
- Best Practice and Implementing Guidance and Controls For ISO27002
- Physical and Environmental Security
- Operations Management and Communications
- Access Control
- Information Systems (Design, Development, Maintenance)
- Incident Management
- Business Continuity
- Regulatory Compliance
- Best Practice and Implementation Guidance for BS ISO/IEC 38500:2008 – IT Management
- Case Study
Module 5:
Implementing Effective Information Security Management Frameworks
- Successful steps for IT Security Management
- Audit and Compliance for IT Resources
- Business Process Engineering
- Case Study
Schedules
Weekdays | 09:00 AM — 05:00 PM |
No. of Days: | 5 |
Total Hours: | 8 |
FineResults Research Services offers training solutions to individuals, communities, governments and civil society organizations, both local and international.
We also provide application-oriented and field-based consultancy services in all aspects of research and evaluations from inception to completion. This includes research designs, designing monitoring and evaluations systems, technical reviews, programme evaluations, questionnaire validation, data collection, data capture, data analysis and report writing. FineResults Research Services is a limited company incorporated under the laws of Kenya. Its head office is in Nairobi Kenya.
The organization has a wide range of experience working with both local and international organizations in both consultancies and capacity building in Africa and beyond.
MissionA world class training and research organization for the realization of individuals, organizations and community welfare.
VisionTo provide world class training and research services that increase individuals and organizations productivity in their development role.
Our Value Statement- We cherish partnerships.
- We believe that our Training and Research Solutions can re-energise organisations by creating vision, certainty and strategic intent. ...