Training On Information Security Management
INTRODUCTION
In today's digital era, organizations increasingly rely on information systems to support their operations, decision-making processes, and strategic goals. Consequently, the security of these systems and the data they contain is critical. Information Security Management (ISM) plays a vital role in protecting the confidentiality, integrity, and availability of an organization’s information assets.
The Information Security Management course is designed to provide participants with a comprehensive understanding of the policies, procedures, and controls necessary to protect information systems from internal and external threats. The course focuses on both the theoretical and practical aspects of securing organizational information and ensuring compliance with relevant legal and regulatory requirements.
DURATION
5 days.
TARGET AUDIENCE
- Risk Management
- IT Security and IT Security Auditing
- Technical IT Management
- Those with involvement of systems integration and corporate IT development
- Financial controllers with a technical interest may also benefit from the seminar
OBJECTIVES
At the end of the course, the participants will be able to:
- Gain knowledge of the concepts relating to information security management (confidentiality, integrity, availability, vulnerability, threats, risks, counter measures, etc.)
- Understand the current legislation and regulations which impact upon information security management
- Be fully aware of current national and international standards such as ISO 27002, frameworks and organizations which facilitate the management of information security
- Understand the current business and common technical environments in which information security management has to operate
- Gain knowledge of the categorization, operation and effectiveness of controls of different types and characteristics
COURSE OUTLINE
Module 1: Overview of Information Security
- What is Information Security?
- Examples of Information Security Incidents
- What is Information Security Management?
- Human Aspect of Information Security
- Social Engineering
Module 2: Information Security for Server Systems
- Attacks for Personal Computers and Smart phones and counter measure
- Information Security Risk Management
- What is Risk Management process?
- Identifying Information Assets
- Identifying Security Risk and evaluation
- Risk Treatment
Module 3: Security Risk management as an Organization
- Information Security Governance
- Information Security Management System (ISMS)
- Information Security Policy, Standards and Procedures
- Information Security Evaluation
- Security Incident Response
Module 4: Information Security and Cryptography
- Requirements for Secure Communication
- What is Cryptography?
- Classic and Modern Cryptography
- Common Key Cryptography algorithms: DES, Triple DES, AES
- Problems of Key distribution for Common Key Cryptography
Module 5: Data Integrity and Digital Signature
- Integrity of Data
- Hash Function
- Digital Signature
- Public Key Certificate and Public Key Infrastructure (PKI)
- Certificate Authority
CERTIFICATION
- Upon successful completion of this training, participants will be issued with Macskills Training and Development Institute Certificate
TRAINING VENUE
- Training will be held at Macskills Training Centre. We also tailor make the training upon request at different locations across the world.
AIRPORT PICK UP AND ACCOMMODATION
- Airport pick up and accommodation is arranged upon request
TERMS OF PAYMENT
- Payment should be made to Macskills Development Institute bank account before the start of the training and receipts sent to info@macskillsdevelopment.com
