Data security for today's organizations is an ever increasing difficult task, especially with the increasing sophistication and volume of attacks aimed at stealing information. Protecting data becomes an perpetual challenge, with the view of an increased usage of mobile devices, such as laptops and smart phones. Furthermore, disaffected internal employees often have access to sensitive information. As companies expand and acquire more data, the need for a well-managed solution that integrates multiple data-protection technologies to provide comprehensive enterprise coverage, along with persistent data protection, becomes a necessity across the enterprise. This can only be achieved with a credible appreciation of risk.

In today’s highly regulatory environment it is essential that you have a clear understanding of risk across the enterprise. An appropriate risk management framework can bring visibility to key business and compliance risks and enable an organization to make decisions on where to prioritize its limited resources. It is through a risk management framework that real value to the business can be achieved in focusing on relevant areas of IT risk of data security within the enterprise environment.

Using international standards, an effective risk management control framework and current best practice, the aim of this seminar will advise senior executives and management on how to implement secure safeguards within a virtually borderless environment.

During the training the delegates will:

• How to take control of Risk Management program and learn appropriate methods.
• How to identify and address risk and compliance issues as presented within a global economy.
• How to design and leverage Risk Management Program to reduce cost and risk through effective prioritization and processes.
• Appreciate legal, technical and management risk within the Enterprise Environment and how to quantify these effectively.
• Appreciate the external risk of cyber-crime.
• How to measure the financial value of Data Security and Risk Management and communicate these to line executives effectively.
• How governance and risk management trends are affecting corporate enterprises.
• International Standards for Data Security and Risk Management and best practice for managing compliance for security, crisis management, disaster recovery and high resilience and availability

This training has been designed for individuals involved in, Risk Assessment, Information Security and Management of IT Systems and Enterprise Data Security. It is particular benefit to Application Service Providers, Network Architecture Personnel, individuals in regards to IT Risk, Policy and Compliance in addition to Security Service Vendors and specialist investigators and those with a responsibility for managing and securing information assets.

Development of Enterprise Architecture

• Introduction, Development and Role in Modern Enterprise
• Strategic, Tactical and Operational Considerations
• Key Considerations in Development of Enterprise Architecture
• Enterprise Architecture Project Management Considerations

Risk Assessment and IT Risk Management

• Categorizing and Managing Risk
• Risk Analysis and Threat Identification Methodologies
• Vulnerability Analysis
• Understanding the need for effective Risk Management
• Legal and Regulatory Considerations
• Key Strategic and Security Considerations

The Need and Benefits for Information Security

• Electronic and physical risk
• Utilizing Information Security to protect business assets
• Information and Data Risk Management
• Data and asset classification

Data Security

• Ensuring Information Security in an Enterprise Wide Environment
• Vulnerability Assessments
• Management and Technical Control Measures with Systems and Network Design

Legal and Regulatory Considerations

• Data Protection
• Intellectual Property
• Contracts and Commercial Liability

Data Sharing and Best Practice

• Defining data classification and business ownership
• Establishing Memorandum of Understanding/Transfer Agreements
• Best Practice Guidance for data sharing
• Avoiding common errors and liability

Overview of International Standards and Best Practice

Introduction to computer system design and enterprise design security

• Types of electronic and management controls for electronic information
  • Network, Operating System and Application controls and password schemes
  • Ensuring Confidentiality, Integrity, Availability, Authenticity and Accountability
• Overview of ISO27002 Code of Practice for Information Security Management and Relevant Controls

Provisions and challenges

• ISO 3100 Risk Management Principles and Guidelines
• Challenges within Enterprise Architecture and IS environments
• Common Oversights with Enterprise Architecture and IS Environments
• Risk Management and Compliance
• Success Factors for Effective Enterprise Data Security Management

A variety of methodologies will be used during the course that includes:

• (30%) Based on Case Studies
• (30%) Techniques 
• (30%) Role Play
• (10%) Concepts
• Pre-test and Post-test
• Variety of Learning Methods
• Lectures
• Case Studies and Self Questionaires
• Group Work
• Discussion
• Presentations

To be advice as per course location. This rate includes participant’s manual, Hands-Outs, buffet lunch, coffee/tea on arrival, morning & afternoon of each day.

International Center for Training & Development (ICTD) will award an internationally recognized certificate(s) for each delegate on completion of training.

Daily Course Timings:

    08:00 - 08:20       Morning Coffee / Tea

    08:20 - 10:00       First Session

    10:00 - 10:20       Coffee / Tea / Snacks

    10:20 - 12:20       Second Session

    12:20 - 13:30       Lunch Break & Prayer Break

    13:30 - 15:00       Last Session