IT Risk, Governance and Security Businesses all over rely heavily on IT systems and technology. The increased use of technology gives rise to IT threats that often leads to financial and reputational damages to the affected organisations. There needs to be a security in place to guard these systems and the need for skilled and knowledgeable information security professionals therefore has never been greater. Are you equipped with the right foundational skills and knowledge to get ahead on this path? Course Duration 2 days Critical FS IT
Transcript
IT Risk, Governance and Security
Businesses all over rely heavily on IT systems and technology. The increased use of technology gives rise to IT threats that often leads to �nancial and reputational damages to the a�ected organisations. There needs to be a security in place to guard these systems and the need for skilled and knowledgeable information security professionals therefore has never been greater.
Are you equipped with the right foundational skills and knowledge to get ahead on this path?
Course Duration 2days
Critical FS IT
Leonard has over 15 years of experience in Information and Corporate Security gained in
telecommunication, enterprise and banking industries. He has been in a number of di�erent
roles within security profession such as information security, corporate security, project
management, consulting and business development.
He led Enterprise Governance and Security practice for a regional �rm. Prior to that, he was
with Barclays Capital as Head of Information Security Risk & Operation, Asia paci�c. During his
tenure with Nokia Siemens Networks, he provided professional consulting services for
regional telecommunication carriers to secure their networks. Leonard spent seven years in
Nokia Corporate Security. He was responsible in securing Nokia businesses across the region,
which includes seven countries. Leonard has been volunteering in a number of security
associations since early 2000 and regularly delivers presentations and trainings in the region.
Trainer’s Biography
Leonard Ong
Course Description
Trainer’s Biography
Introduction to IT Risk, Governance and Security
This course provides participants an understanding of the various IT risks, threats and vulnerabilities that confront organisations today and the mitigation actions and governance disciplines that need to be incorporated to control and contain possible IT risks and security concerns.
Taught by industry expert, this course also equips you with the necessary foundational knowledge and skills and prepares you for the Cybersecurity Fundamentals Certi�cate exam o�ered by ISACA separately.
Course Outline
I. Governance and Management Oversight
• Basic Concepts of Governance
• Management, Control Groups and Internal Audit
• Key Governance Operations, Documents and
Concepts
• Risk Management, Types of Risks and Policies
II. Managing Contingency Risk
• Business continuity plan (BCP) vs Disaster
recovery plan (DRP)
• Generic Response to a Disaster Event
• Structure, Roles and Responsibilities of The Crisis
Management Team
III. Internal Controls
• Types of Controls
• Limitations of Internal Controls
IV. Overview of Risks, Threats and Vulnerabilities:
• Cyber threat landscape
• Cyber security components
• Defence in Depth
V. Key Concepts of Cyber Security
• Cyber Security Architecture
• Privacy Safeguards for threats from spam and
malware
• Resiliency and High Availability
• Audit Logging
• Triple A (Authentication, Authorisation,
Accounting)
• Common Security Tools used for Security areas
• NIST Cyber Security Framework
VI. Security Reviews in Application and Infrastructure
Security Components
• Security Standards Baseline Review
• Overview of Compliance, Access control, Audit
logs and Source code review
• Potential impact from non-compliant �ndings
VII. Industry Best Practices and Standards relevant to IT Risk
and Security
• COBIT, ISO Standards and ITIL
• Regulations
Case StudiesThere will be numerous case studies for you to relate to the concepts and
methodologies taught in the course. A written assessment will also be
conducted at the end of the course.
• Possess at least a basic diploma or equivalent quali�cation
• Possess a good command of the English language
• Possess good analytical and evaluation skills
• Possess good problem-solving skills and communication skills
Pre-requisites
Upon successful completion of the course, you will receive a certi�cate from Singapore Management University.
Additionally, you should be ready to sit for the Cybersecurity Fundamentals Certi�cate exam o�ered by the Information Systems Audit and Control Association (ISACA) separately. This certi�cate is aligned with the National Institutes of Standards and Technology (NIST) National Initiative for Cybersecurity Education (NICE), which is compatible with global cybersecurity issues, activities and job roles. The certi�cate is also aligned with the Skills Framework for the Information Age (SFIA). For more information on the certi�cation exam, visit www.isaca.org
Certification
To register for the course or to view the latest class schedule, visit www.fita.smu.edu.sg
Register Now
S$1,498* (inclusive of GST)Funding under FTS Grant is available. See overleaf for details.
Course FeeGROUP DISCOUNTfor 3 or more participants from same company for the same course.
Terms and conditions apply.10%
Opportunities to work on close to real-life financial systems
Interactive and experiential delivery that includes hands-on simulation, role plays, case studies and classroom lecture
Who Should AttendThis two-day course is particularly relevant for recent polytechnic / university graduates, entry level professionals and those in the early stages of their career or looking for a career change to the IT risk and security space. It is also suitable for anyone who wants to gain a basic knowledge of this critical area.
ISACA members will obtain 14 CPE hours by attending this course.
