ISO 3100:2009 - Implementation for IT sector
This course provides comprehensive and practice coverage for how to apply risk management for IT and IT security related issues. Our trainer will share has more than ten years’ experience in IT, IT security and risk management.
Who should attend?
This course is intended for managers and prospective implementers of risk management, and stakeholders in such efforts, especially, IT related staff.
ISO 31000 – Implementation for IT sector
What will I learn?
- Describe the fundamentals of risk management including 1) risk management theory; 2) risk identification, assessment and evaluation; 3) risk response; 4) risk monitoring; 5) risk maintenance and 5) other terminology, e.g. perception, risk appetite, … etc.
- Describe the fundamentals of IT security concept and its relationship with risk management
- Describe the AA1000 AccountAbility and Stakeholder Theory.
- Describe the context, structure, purpose and principles of ISO 31000
- General briefing other risk management systems, e.g. RiskIT, FMEA, … etc.
- Describe the context, structure and principles of varies IT Security principle, e.g.
- CPTED (Criminal Preventative Through Environment Design)
- D3R Defense-in-depth, process mapping, etc.
- Application of risk management in IT Security, e.g.
- ISO27001:2013 New Control requirements.
- ISO22301:2012 case study.
- Other, e.g. IT Supplier Management, Physical environment protection.
- Increase business resiliency structure
- Change management capability
- Ability to implement a risk management framework in IT environment
- Enhanced business continuity and stability
What is included?
- You will gain 14 CPD points on completing the course
- Training course notes