Information Security Management
Improve every aspect of your information security!
Improve every aspect of your information security!
Your information assets have never been more crucial, more valuable, or more at risk. This is why information security is becoming a crucial business priority in many organisations.
Moreover, complying with (international) information standards and guidelines (such as the NIST Handbook, ISO 17799, CobiT, and ITIL Security Management) is becoming a hot issue worldwide.
This unique distance learning course provides you with vital information for developing or reviewing your information security management framework. The course will help you determine the levels of risk your organisation is facing and the steps you will need to take to provide adequate protection.
Target group
The course will be of particular benefit to:
- CIOs, CISOs and anyone who has direct line responsibility for information security
- Business Continuity Planners, Asset Managers, Risk Managers
- Legal Advisors and Corporate Security Consultants
- Company Secretaries, Finance Directors and Auditors
For courses in Dutch, please have a look at www.imf-online.com.
In-house training:
Are you interested? Please call us at +31 (0)40 - 246 02 20 or send an e-mail to info@imf-online.com to discuss the possibilities.
- saves time and money;
- enables you to train in the comfort of your own working environment;
- can be arranged for groups from 6 people or more;
- will take place at a time chosen by and convenient to you; and
- sensitive issues can be openly discussed because there are no ‘outsiders’.
Are you interested? Please call us at +31 (0)40 - 246 02 20 or send an e-mail to info@imf-online.com to discuss the possibilities.
LESSON I
Importance of Information Security and Risk Management
LESSON II
Information Security Governance
LESSON III
Asset Classification and Control
LESSON IV
Training and Content Monitoring
LESSON V
Physical and Environmental Security
LESSON VI
Communications and Operations Management
LESSON VII
Access Control Management
LESSON VIII
Systems Development and Maintenance
LESSON IX
Business Continuity Management
LESSON X
ISO/IEC 17799 and BS7799 compliance auditing using the CobiT Audit Guideline
Importance of Information Security and Risk Management
- What is covered by information security, and its business relevance
- How your risks determine which assets require protection
- Choose an approach to form control objectives and select appropriate controls
- Adopt a best practice framework
LESSON II
Information Security Governance
- Do the board and senior management direct and support your information security efforts?
- Is there an adequate organisational structure in place to protect your information?
- What controls have been established to monitor the performance of your information security arrangements?
LESSON III
Asset Classification and Control
- What information assets do you wish to protect?
- Do you have a complete asset inventory and how is this maintained?
- Information classification systems
LESSON IV
Training and Content Monitoring
- Awareness of and training in information security
- Mechanisms to verify and validate your information
- Assessing your defences against their vulnerability
- How are mechanisms monitored on a daily basis?
LESSON V
Physical and Environmental Security
- Arrangements to provide appropriate physical security for your information assets
- Protection of your IT equipment with respect to procurement, security, and maintenance and disposal
LESSON VI
Communications and Operations Management
- What policies, procedures and responsibilities are in existance regarding your IT operations?
- System planning and acceptance procedures
- Protection to counteract malicious software
- Housekeeping arrangements to maintain the integrity and availability of information services
- Network security controls
- Measures to prevent damage to assets and interruption of business activities and to protect data and information exchanges in e-business activities
LESSON VII
Access Control Management
- Which business roles need system access?
- User access management procedures and the asociated user responsibilities
- Network access controls, computer access controls, and application access controls
- Monitoring of system access mechanisms
LESSON VIII
Systems Development and Maintenance
- Security requirements for new systems
- Security arrangements for the ongoing maintenance of existing systems
- Protection of application system files
- Security arrangements with regard to the development, support, and production environments
LESSON IX
Business Continuity Management
- Business continuity processes
- Business continuity frameworks
- Testing business continuity plans
- Updating business continuity plans
LESSON X
ISO/IEC 17799 and BS7799 compliance auditing using the CobiT Audit Guideline
- ISO/IEC 17799 and BS7799 compliance auditing
- CobiT Audit guidelines
- Using the CobiT Audit guidelines to perform BS7799 compliance audits
- Conclusion
The authors all work within the Security Services Group of Deloitte’s Enterprise Risk Services practice and are located in London, Brussels, and Amsterdam. They are:
Personal assistance
Should you have any questions about the lessons, please feel free to contact the authors.
- Ward Duchamps, Manager - Security Services Group Brussels
- Yag Kanani, Lead Partner - Security Services Group London
- Ian Blatchford, Senior Manager - Security Services Group London
- Ernst Oud, Senior Manager - Security Services Group Amsterdam
- Danny van der Ploeg, Senior Manager - Security Services Group Amsterdam
- Vernon Poole, until May 2003 Senior Manager at Deloitte, now Consultant at Sapphire and co-editor and author of this course.
- Mike Murphy, Senior Manager - Security Services Group Amsterdam and chief editor of the course
Personal assistance
Should you have any questions about the lessons, please feel free to contact the authors.
The distance learning course 'Information Security Management' starts on
19 January 2012 and 16 February 2012 .
On the date of your choice you will receive your first lesson. Subsequently you will receive a new lesson every week. Since it concerns a distance learning course, you also have the possibility to start at another date. Please select your preference in the form below. At the end of the distance learning course 'Information Security Management' you will receive a certificate of participation.
The fee for this distance learning course is € 2.180,- for VAT registered companies in the EU countries (0% VAT). For participants from all other countries the course fee
is $ 3.075,- (all-in)*. Please ask for our attractive group discounts.
*USD price is an approximate value. The actual USD price is based on the invoice date's exchange rate.
*USD price is an approximate value. The actual USD price is based on the invoice date's exchange rate.