Selasa, 19 Oktober 2010

IT Security Management

Brief of Description:

Today’s organizations are under increasing pressure to assure the integrity of their information security efforts. As a result, information security has become an important issue in business priority. This program is specially designed to cover the essential areas you need to know to construct and implement well-balanced information security framework, and also to ensure that you gain proper familiarity with industry best practices, legislation, and professional standards for information security.



Optional Class:



INFORMATION SECURITY

for User

(Day 1)


INFORMATION SECURITY

for IT Staff

(Day 2)


IT SECURITY

for Audit/Risk

(Day 3)

- Introduction

- Information Classification & Control

- Workstation Security

- Physical Security

- Travel/Off site Meeting Security

- Telecommunication Security

- Application Security

- Network Security

- Virus, Worms, Malware, Phising, Spyware, Trojan, etc.

- Awareness


- Introduction

- ISO17799:2005 & ISO27001

- IT Security Architecture

- Business Continuity Plan & Disaster Recovery Plan

- Internet Security

- Protecting IP infrastructure (technical)

- Physical & Data Center Security

- Best Practice & Baseline

- Segregation Terms & Separation of Duties


- Host parameter setting audit (iSeries, UNIX, Linux, Windows, Cisco)

- Windows audit

- TCPIP audit

- Backup/Restore audit

- Process audit

- Physical Audit

- SW version audit

- HW configuration audit

- IT vendor/supplier audit

- Service Level Agreement audit



Training Objectives

· User Class: To increase IT user awareness to protect information under their responsibility.

· IT Staff Class: To provide IT staff with skills to protect IT infrastructure to ensure Confidentiality – Integrity – Availability of sensitive data.

· Audit/Risk Class: To provide Audit/Risk Management staff with skills to ensure that IT security is in line with business metrics.


Prerequisite:

To join Information Security for IT Staff class or IT Security for Audit/Risk class participant must complete Information Security for User class.

Tidak ada komentar:

Posting Komentar