Enterprise Data Secutity and Risk Management

Courses Syllabus

Objectives:

• How to take control of Risk Management Programme and learn appropriate methods.
• How to identify and address risk and compliance issues as presented within a global economy.
• How to design and leverage Risk Management Programme to reduce cost and risk through effective prioritisation and processes.
• Appreciate legal, technical and management risk within the Enterprise Environment and how to quantify these effectively.
• Appreciate the external risk of cyber crime.
• How to measure the financial value of Data Security and Risk Management and communicate these to line executives effectively.
• How governance and risk management trends are affecting corporate enterprises.
• International Standards for Data Security and Risk Management and best practice for managing compliance for security, crisis management, disaster recovery and high resilience and availability.

The Content:

Development of Enterprise Architecture

• Introduction, Development and Role in Modern Enterprise
• Strategic, Tactical and Operational Considerations
• Key Considerations in Development of Enterprise Architecture
• Enterprise Architecture Project Management Considerations

Objectives of Security and IT Security Management Risk Assessment and IT Risk Management

• Categorising and Managing Risk
• Risk Analysis and Threat Identification Methodologies
• Vulnerability Analysis
• Understanding the need for effective Risk Management
• Legal and Regulatory Considerations
• Key Strategic and Security Considerations

The Need and Benefits for Information Security

• Electronic and physical risk
• Utilising Information Security to protect business assets
• Information and Data Risk Management
• Data and asset classification

Data Security

• Ensuring Information Security in an Enterprise Wide Environment
• Vulnerability Assessments
• Management and Technical Control Measures with Systems and Network Design

Legal and Regulatory Considerations

• Data Protection
• Intellectual Property
• Contracts and Commercial Liability

Data Sharing and Best Practice

• Defining data classification and business ownership
• Establishing Memorandum of Understanding/Transfer Agreements
• Best Practice Guidance for data sharing
• Avoiding common errors and liability

Overview of International Standards and Best Practice Introduction to computer system design and enterprise design security

• Types of electronic and management controls for electronic information
• Network, Operating System and Application controls and password schemes
• Ensuring Confidentiality, Integrity, Availability, Authenticity and Accountability
• Overview of ISO27002 Code of Practice for Information Security Management and Relevant Controls

Provisions and challenges

• ISO 3100 Risk Management Principles and Guidelines
• Challenges within Enterprise Architecture and IS environments
• Common Oversights with Enterprise Architecture and IS Environments
• Risk Management and Compliance
• Success Factors for Effective Enterprise Data Security Management