INFORMATION SECURITY COMPLIANCE & RISK MANAGEMENT
November 16-17
We are challenged with both securing our information assets and infrastructure
as well as achieving full compliance with numerous legislations and
regulations. Healthcare, financial, government and other verticals are
required to constantly monitor their infrastructure to mitigate risks and
vulnerabilities as well as ensure compliance with international standards and
industry best practices.
Standards such as ISO 27001 or ISO 27002 are a requirement for organizations to
comply with. A key objective for organizations worldwide is to integrate
security best practices and be in compliance. Skilled professionals who
understand regulatory compliance requirements and information security are
valued across several industries, especially healthcare, financial and the
government.
Learn to use tools to provide an overall approach to managing security risks in
order to meet the business objectives.
Address the following areas:
· IT infrastructure and network security - rising from concerns about
hackers, terrorists, cyber-criminals, insiders, outsiders, viruses, and so on
· Data integrity, confidentiality and privacy - rising from regulatory
and market pressure around protecting personal (e.g. data protection
legislation), and corporate data (e.g. fair disclosure regulations), as
well as financial and
operational data
· Business continuity - rising from concerns about the capability to
continue in business after a natural or man-made disaster
· IT management - rising from concerns about project failure, poor IT
operational performance, inadequate IT infrastructure, etc.
Who Should Attend:
· Top Management Representatives
· Security Professionals
· Risk Managers
· Staff responsible for compliance with laws and regulations
· Auditors
· Information Security Officers
· IT Managers/Directors
Course Outline:
1. Threats and Vulnerabilities for Networked Organizations
2. Identifying Threats, Vulnerabilities and Impacts
3. Understanding the Technical and Non-technical Assessment
4. Applicable Regulatory Compliance and Security
5. Financial Services and Security
· Technology and Security Impact
Ø Security Architecture and Infrastructure
· COBIT Security Baseline
Ø Control Objectives
Ø Security Domains
6. PCI DSS Requirements
· Objective
· Control Objectives
· Defined Requirements
· Critical References
7. ISO 27001/2 Standards
· Introduction to ISO 27001
Ø Security Framework Requirements
· ISO 27002 Standard
· Scope
· Key Clauses, Categories and Controls
Ø Definition
Ø Requirements
8. Business Continuity Planning (BCP)
· Definition and Scope
· Components of a Contingency Plan
Ø Disaster Recovery Plan
Ø Emergency Mode Operation Plan
· Classification of Information
· Classification of Threats
· Types of Alternate Sites
9. Risk Management Analysis
10. General Requirements of PDCA
Case Study 1: Risk Analysis
Examine compliance mandates for risk analysis. Analyze
how to conduct a comprehensive and thorough risk analysis to identify
compliance and security deficiencies. Walk through core components of the
resulting Corrective Action Plan (CAP) - your road-map for enabling a more
resilient enterprise.
Case Study 2: Conducting a Business Impact Analysis (BIA)
Step through key activities that organizations must conduct
to complete a comprehensive Business Impact Analysis (BIA).
Understand critical processes for a BIA initiative and identify areas that must
be addressed in a BIA Report.
Case Study 3: Sample Information Security Policy Templates
Step through key sections of critical information security templates in-class.
Review sample policy types and organization.
Training FEE:
P 14,000 + Vat
Training Package:
Training Materials, Certificate of Completion, Meals (Lunch and AM/PM Snacks)
Duration : 2 Days
Time : 9:00 am to 5:00 pm
Venue : Bitshield Training Room
Unit 1602 Cityland 10 Tower 2 HV Dela Costa St., Salcedo
Village, Makati City
Note:
Price is subject to change without prior notice. Minimum number of
participants is required.
REGISTER NOW
Limited Seats Only!!
________________________________________
For reservation / inquiry please call us�Tel. 840.2612
Fax: 8938527
_____________________________________________
Look for Judy
Or text / call 0926.1069134
j...@bitshieldsecurity.com
Payment Details:
�Bank Deposit: Banco de Oro - Reposo Branch� Account
Name:Bitshield Security Consulting, Inc.� Account No.
417800-9134��Please fax deposit slip at 893 8527 or email scanned copy at
j...@bitshieldsecurity.com
If you have other concerns, please do not hesitate to contact us and we will be
glad to assist you.
Thank you very much and we are looking forward to have you as one of our
attendees in the future.
Truly yours,�Judy Ann Raon | Sales Officer for Training�BITSHIELD SECURITY
CONSULTING, INC.�Tel: (+632) 840-2612�Fax: (+632) 893-8527
Mobile: +63926-1069134�Email: j...@bitshieldsecurity.com�URL:
www.bitshieldsecurity.com
"Protecting your information assets is our business"
We practice ethical email distribution. Please accept our sincere apologies if you have
received this e-mail in an unsolicited manner. If you don't want to receive from us,
kindly reply with the subject "Unsubscribe" to sa...@bitshieldsecurity.com
