Information, Risk, Security and Crisis Management (Dubai)

HRODC Postgraduate Training Institute
Em Wolverhampton (Reino Unido)

£5.000 - (R$21.084)

Informação importante

  • Curso
  • Wolverhampton (Reino Unido)
  • Duração:
    5 Days
  • Quando:
    à escolha

At the conclusion of the specified learning and development activities included in this course, delegates will be able to: Demonstrate an understanding of the 'risk context'. Demonstrate an understanding of the variety of disciplines to which risk management is applied. Develop an Information Security Policy and Identify their Organisation's Key Information Assets. Formulate effective risk statements. Provide risk examples, distinguishing them from non-risk examples.
Suitable for: This course is designed for: Managers. Executive and those responsible for dealing with risk management in their organisation. Risk Managers and Professionals. Insurance Practitioners. Corporate governance, experts and practitioners. Auditors. Occupation Health Practitioners. Safety Officers. Security Officials. Treasury Workers. Actuarial and Banking Professionals. Project Management Experts. Health Care Professionals. Compliance Officers. Surveying Engineers. Risk Engineers. Those with interest in risk and risk management issues

Informação importante

Requisitos: Degree or Work Experience


Instalações e datas

Início Localização
à escolha
122a Bhylls Lane, WV3 8DZ, West Midlands, Reino Unido

O que se aprende nesse curso?

Business Continuity
Risk Management
Crisis Management
Security Management
IT risk
IT Security
IT Development
IT Management


Course Contents, Concepts and Issues:

Understanding Risk and Risk Management

  • Defining Risk
  • Contextualising Risk
  • Formulating Risks Statements
  • Risk Examples
  • Non-Risk Examples
  • Proposal Risk
  • Performance Risk
  • Management’s Perception and Calculation of Risk
  • Risk Probability and Improbability
  • The Traditional ‘Number Line’ and Traditional Risk Management Calculation
  • ‘Risk-Improbability Scale or Continuum’
  • Understanding Risk in Organisations
  • Analyzing and Identifying Risk in Organisations
  • Developing Strategies and Approaches to Treat and Manage Risk
  • What Is Risk Management?
  • Continuous Risk Management Example
  • Non-Continuous Risk Management Example
  • Evaluating Likely Risks and Consequences
  • Assessing the Options for Accommodating Risks
  • Prioritising Risk Management Efforts
  • Developing Risk Management Plans
  • Authorising the Implementation of Risk Management Plans
  • The Context of Risk Management in Organisations
  • The Link between Risk Management and Governance Arrangements
  • Risk Management Standards
  • The Differing Levels of Risk within an Organisation, Business Risk, Project Risk and Process Risk
  • Developing Criteria for Determining Acceptable Levels or Residual Risk

Crisis Management: Security and Natural Disaster Recovery

  • Contingency Planning
  • Continuity Management and Disaster Recovery
  • Recovery Planning
  • Recovery Planning and Logistics
  • Business Continuity Management
  • Introduction to BS 25999: Business Continuity Management
  • Business Recovery Management

Information Security Management

  • Defining Information Security Management System
  • Types of Information Security
  • Physical Controls
  • Purpose of Information Security
  • Threats to Confidentiality-Confidentiality
  • Personnel Security
  • Risk Management In Organisation; A Systems Perspective
  • The Self-Hack Audit
  • Information Security Policy – Organisational Information as Assets and Resources
  • The Role of the Information Security Management System (ISMs) Auditor
  • The Auditor’s Plan
  • The Auditor’s Report
  • Asset Classification and Control
  • Personnel Security
  • Physical and Environmental Security
  • Communications and Operations Management
  • Access Control
  • Systems Development and Maintenance
  • Business Continuity Management
  • Information Security Compliance
  • Information Security – Confidentiality
  • Understanding an Organisation’s Information as Assets and Resources
  • Asset Classification and Control

BS 7799-2:2002 Specification for Information Security

  • The BS7799 / BS7799 Security Standard
  • Explaining BS 7799-2:2002
  • Requirements of BS 7799 – 2:2002 and EA 7-03 in the Context of Information Security Management Systems Audit
  • The Auditor and ISO 190111
  • Complying With BS7799 (ISO 17799)
  • The Traditional Risk
  • Bs 7799 in Europe, Middle East and Africa Introduction to BS 7799 Services
  • ISO/IEC 17799 Code of Practice for Information Security Management
  • Formulating an Information Security Policy
  • Telecommunication Security: A Self-Hack Audit
  • Objectives of the Self-Hack Audit

Information Risk Management Issues:

  • Distinction between Data and Information
  • Primary and Secondary Data
  • Primary and Secondary Sources of Information
  • Secondary Sources of Information
  • Primary Sources of Information or Data

Sampling and Its Importance in Information Security Management

  • Types of Sampling
  • Convenience or Non-Random Samples
  • Probability or Random Samples
  • Simple Random Samples
  • Stratified Sampling
  • Multi-Stage Sampling

Information System and Organisational Effectiveness

  • Information Systems: Definition
  • Need for Constant Review of Information System
  • Characteristics of an Effective Information System

Information as Intellectual Capital – Industrial Espionage and Industrial Sabotage

  • Organisational Information and Security
  • Protecting an Organisation’s Intellectual Capital
  • Investigating and Averting Industrial Espionage
  • Detecting, Dealing With and Averting Industrial Sabotage

Information and National Security

  • Information as ‘Secret’
  • Information Moratorium
  • In Formation and Confidentiality
  • Information as a Control Mechanism
  • The Information Act and Its Implications for Internal Security
  • Data Protection Act 1998: Whose Data?
  • Freedom Of Information Act: National Security Provision