Who should attend
Information is the lifeblood to all organizations, without with it would be severally impacted and ultimately cease to function. Information is knowledge and knowledge is power. With an ever changing climate of technology and threats (both technical and human), the need for trained security personnel to protect our information becomes increasingly critical evolutionary task.
Information is at risk from many sources, legal, electronic, physical, internal and external to mention a few. It is paramount that security and related management personnel have an understanding of the risks, controls and countermeasures that are available to secure information and technology within an effective management framework. Furthermore utilizing countermeasures, best practice and management techniques will mitigate electronic and physical risks and enhance protection to an organization.
About the course
An overview of activities, methods, methodologies, and procedures related to establishing sound information security policies.
The purpose of the course is to provide the attendees with an overview of the field of Information Security from a management perspective.
Participants will be exposed to the spectrum of security activities, security and confidentiality, methods, methodologies, and procedures.
Coverage will include inspection and protection of information assets, the management of risk, the detection of and reaction to threats to information assets, and an overview of the Information Security Planning and staffing functions.
On successful completion of the course training, delegates will be able to have:
- Knowledge of the concepts relating to information security management (confidentiality, integrity, availability, vulnerability, threats, risks, counter measures, etc.).
- Understanding of current legislation and regulations which impact upon information security management.
- Awareness of current national and international standards such as ISO 27002, frameworks and organizations which facilitate the management of information security.
- Understanding of the current business and common technical environments in which information security management has to operate.
- Knowledge of the categorization, operation and effectiveness of controls of different types and characteristics.
Day One: Information Security Management - An Overview.
- IT Risk Management.
- Categorizing Physical and Electronic Risk.
- IT and Networks.
- Computer Systems Design.
- Legal and Regulatory Considerations.
- Information, Business and Risk.
- Case Study.
Day Two: Information Security Management.
- Ensuring Information Security.
- Non Repudiation of Data.
- Ethical hacking and Industrial Espionage.
- Where to design and place effective computer and management controls.
- Case Study.
Day Three: Information Management – International Standards.
- Code or Practice for Information Security Management – ISO 17799 / ISO27002.
- Best Practice and Implementing Guidance and Controls For ISO27002.
- Information Security Management Overview.
- Risk Assessment and Controls.
- Security Policy Documentation.
- Organizing Information Security Management.
- IT Asset Management.
- Personnel and Human Resources.
Day Four: Implementing Effective Information Security Management Frameworks.
- Best Practice and Implementing Guidance and Controls for ISO27002.
- Physical and Environmental Security.
- Operations Management and Communications.
- Access Control.
- Information Systems (Design, Development, Maintenance).
- Incident Management.
- Business Continuity.
- Regulatory Compliance.
- Best Practice and Implementation Guidance for BS ISO/IEC 38500:2008 – IT Management.
- Case Study.
Day Five: Implementing Effective Information Security Management Frameworks.
- Successful steps for IT Security Management.
- Audit and Compliance for IT Resources.
- Business Process Engineering.
- Case Study.
Videos and materials
Read more about Cybersecurity
Because of COVID-19, many providers are cancelling or postponing in-person programs or providing online participation options.
We are happy to help you find a suitable online alternative.