Information Security Management 2016 is a 6 day webinar that covers topics such as:
- Information Security Governance
- Is there an adequate organisational structure in place to protect your information?
- Do the board and senior management direct and support your information security efforts?
- What controls have been established to monitor the performance of your information security arrangements?
- Importance of Information Security and Risk Management
- How your risks determine which assets require protection
- What is covered by information security, and its business relevance
- Adopt a best practice framework
- Choose an approach to form control objectives and select appropriate controls
- Training and Content Monitoring
- Mechanisms to verify and validate your information
- Awareness of and training in information security
- How are mechanisms monitored on a daily basis?
- Assessing your defences against their vulnerability
- Asset Classification and Control
- Do you have a complete asset inventory and how is this maintained?
- What information assets do you wish to protect?
- Information classification systems
- Communications and Operations Management
- System planning and acceptance procedures
- What policies, procedures and responsibilities are in existance regarding your IT operations?
- Housekeeping arrangements to maintain the integrity and availability of information services
- Protection to counteract malicious software
- Measures to prevent damage to assets and interruption of business activities and to protect data and information exchanges in e-business activities
- Network security controls
- Physical and Environmental Security
- Protection of your IT equipment with respect to procurement, security, and maintenance and disposal
- Arrangements to provide appropriate physical security for your information assets
- Systems Development and Maintenance
- Security arrangements for the ongoing maintenance of existing systems
- Security requirements for new systems
- Security arrangements with regard to the development, support, and production environments
- Protection of application system files
- Access Control Management
- User access management procedures and the asociated user responsibilities
- Which business roles need system access?
- Monitoring of system access mechanisms
- Network access controls, computer access controls, and application access controls
- ISO/IEC 17799 and BS7799 compliance auditing using the CobiT Audit Guideline
- CobiT Audit guidelines
- ISO/IEC 17799 and BS7799 compliance auditing
- Conclusion
- Using the CobiT Audit guidelines to perform BS7799 compliance audits
- Business Continuity Management
- Business continuity frameworks
- Business continuity processes
- Updating business continuity plans
- Testing business continuity plans
Information Security Management 2016 is intended for:
- Business Continuity Planners, Asset Managers, Risk Managers
- CIOs, CISOs and anyone who has direct line responsibility for information security
- Company Secretaries, Finance Directors and Auditors
- Legal Advisors and Corporate Security Consultants