Home   Contact us  Privacy Policy  Site Map  
  2008 Seminars  
  In-house Training  
  Business Excellence Solutions  
  About TCQ Triangle  
  Event FAQs  
  Register  
  Contact us  
  Careers  
 
  Subscribe to our mailing list

  

 
 

 

   

Event Overview

 

Information Security

 

IT Security was ranking on the top on the agenda of CEO and CIO’s surveyed in the USA already in 2001. The primary objective of this seminar is to assist security professionals and IT auditors to understand what is good practice in Information Security and thereby enable them to reduce the level of risk to an acceptable level within their organizations.

 

The two most important international standards on information security have been updated and extended in 2005.

 

Risk Management

 

Organizations recognize the importance of risk management but are challenged by the difficulty to implement sound policies and practices in this area, especially in the IT environment. This workshop will give you a good understanding of risk management.

 

It will also give you a good grounding in the practical use of information risk assessment and control evaluation techniques. Furthermore, methods and tools will be compared. You will understand that in view of the complexity and the importance of the issues, an adequate approach will help you to face the challenges and obtain results very quickly.

Download PDF Brochure

March 18-22, 2007, Dubai

Event Overview

Who Should Attend

What is Special

Seminar Outline

About the Seminar Leader

Venue and Pricing

Register

Who Should Attend

This seminar is suitable for Local Information Security Officers, (IT) auditors, IT Managers, Risk Managers, Project Managers, Operations Managers or any professional with responsibility for information security management, or for the implementation of information security standards and management of IT risks.

top
What is Special
  • To enforce the learning experience, participants will be working on several adapted case studies from an IT environment, can share experiences and participate in discussions.
  • One case study each day, designed to help reinforce key concepts
  • The experience of the course tutor, who is also a practicing international consultant
  • This course has been developed to provide a suitable basis for implementing the ISO 17799:2005 and the ISO/IEC FDIS 27001:2005
  • A demo with a risk, control and incident management tool will show the practical usability of the training.

top
Seminar Outline

INFORMATION SECURITY MANAGEMENT

  • Introduction to the ISO 17799 and the ISO 27001:2005 (BS 7799-2)
  • Corporate Governance and IT Security Governance
  • Who so we need improved security?
  • Controlling Business Risk

Review of the sections of the

  • ISO 17799
  • Security Policy
  • Organising Information Security
  • Management of Assets
  • Personnel Security
  • Physical and Environmental Security
  • Communications and Operations Management
  • Access Control
  • Information Systems Development and Maintenance
  • Business Continuity Management
  • Compliance
  • Security Incident Management

What the CPISM could mean to your organisation

Application of the ISO 17799 and the ISO 27001:2005

  • Identifying objectives
  • Effective gap analysis
  • Creating a Security Improvement Programme

Implementation Guidance

  • What’s involved in implementation
  • Risk Assessment
  • Practical advice on each section of the Standard
  • Monitoring and reporting
  • Overview of frameworks in IT Security and controls

Making Internal Assessment Effective

  • Effective Internal Audit
  • Using Internal Audit as an ally in the implementation process.

Security Awareness

  • How best to involve management and staff in the implementation process
  • Communicating the security policy to management and staff.

RISK MANAGEMENT

  • Operational risk management in the Basel II capital accord and the impact on IT
  • Risk management in the Sarbanes Oxley Law and its consequences for IT.
  • How risk management in IT can have a vital contribution to realise the organisations objectives.
  • Risk management as a cornerstone of IT governance
  • Risk management in different information control frameworks
  • Risk management methodologies compared
  • Making the business case for IT risk management
  • Identify business requirements for controls in IT
  • Vulnerabilities and IT controls
  • Roles and responsibilities in risk management
  • Risk monitoring and the IT risk scorecard
  • Risk reporting and acceptance
  • Risk analysis in the Systems Development Life Cycle
  • Incident management as a Critical Success Factor to successful risk management
  • Information security implications
  • IT Audit implications
  • Practical tools compared
  • Successful implementations in different environments and countries
  • Case studies and an application demo to illustrate the above

top
About the Seminar Leader

Hendrik Ceulemans is the Principal of InfoGovernance bvba/sprl, offering IT governance and IT security governance consultancy and trainings.

Area’s covered particularly include:

  • Using CobiT to improve IT governance,

  • Risk and Control Assessment with the ISAP application

  • Aligning policies and standards with business needs

  • Improving the Information Security Management System and security awareness trainings.

Hendrik lectured seminars and workshops in three languages, and consulted on IT governance, information security governance, and information audit in South Africa, Canada, Morocco, India, the USA, as well as in sixteen European countries.

Trainings were offered at public events, as well as in an adapted format, in-house in companies and in the public sector. Previously Hendrik was employed at Fortis AG, the biggest Belgian Insurance group, where he had four years experience in corporate planning and performance measurement.

Hendrik was also an IT Auditor for seven years. Hendrik is a Certified Information Systems Auditor, Master in Computer Auditing and Master in Business Administration. Hendrik Ceulemans is a co-founder, and has served seven years as the President of the Belux Chapter of the Information Systems Audit and Control Association (ISACA).

top
Venue and Pricing

Venue: Crowne Plaza, Dubai, UAE

Fees: USD 2900/- per delegate

Early Bird Discounts:

Register for USD 2700/- on or before February 18, 2007 and get USD 200 OFF!

Register for USD 2500/- on or before January 18, 2007 and get USD 400 OFF!

Group Discounts:

Register 3 delegates from your organization and the Fourth goes FREE!

In-house Option:

This course can also be delivered as In-house / On-site option. Please contact us if you have a group of employees to be trained at a location of your choice.

top
 
| Upcoming Events | 2008 Seminars |In-house Training | About TCQ Triangle| Event Registration |

Copyright 2005 TCQ TRIANGLE LLC. All rights reserved