IT RISK MANAGEMENT – (Pasti Jalan)
IT RISK MANAGEMENT
Bandung | 28 – 29 November 2011 | 08.30 – 16.30 | Rp 5.150.000,-/person (Pasti Jalan)
Aryaduta Hotel Semanggi / Harris Hotel ( Tebet ) Jakarta | 21 – 23 Desember 2011 | 08.30 – 16.30 | Rp 5.150.000,-/person
BACKGROUND
This course deals with how IT helps to achieve an appropriate balance between realizing opportunities for gains while minimizing losses. It is an integral part of good management practice and an essential element of good corporate governance. It is an iterative process consisting of steps that, when undertaken in sequence, enable continuous improvement in IT decision-making and facilitate continuous improvement in IT performance.
OBJECTIVES
IT risk management course covers how to establish an appropriate infrastructure and culture and apply a logical and systematic method of establishing the context, identifying, analyzing, evaluating, treating, monitoring and communicating IT risks associated with any activity, function or process in a way that will enable organizations to minimize losses and maximize gains. At the completion of this course, the participants should be able to :
- Conceptualize organizations risk management within IT processes
- Identify and analyze risks within IT operations and understand the implications to the whole business operation
- Improve IT operation risk level thru the application and implementation of IT risk management methodology and best practices
- Support the attainment of organizational business objectives by providing comprehensive perspective of IT risk management to the executive management of the organization
- Plan to implement tool for identifying, analyzing, eradicating and communicating the risks within the cycle of risk management
TRAINING SYLLABUS
Segment 1: Risk Management Introduction
- The segment defines Process of identifying vulnerabilities and threats to the information resources used by an organization in achieving business objectives and deciding what countermeasures.
Segment 2: Risk Management Processes
The participants learn to recognize the following issues in the risk management processes such as:
- Identification and classification of information resources or assets that need protection
- Assess threats and vulnerabilities and the likelihood of their occurrence Identification and classification of information resources or assets that need protection
- Assess threats and vulnerabilities and the likelihood of their occurrence.
Segment 3: Risk Indicators
This segment shall describe on the need of IT risk management to operate at multiple levels with divesified risk indicators including:
- Operation: risks that could compromise the effectiveness of IT systems and supporting infrastructure
- Project: risks management needs to focus on the ability to understand and manage project complexity
- Strategic: the risk focus shifts to considerations such as how well the IT capability is aligned with the business strategy.
Segment 4: Loss Event Database
The segment shall describe to the participants on intentional and unintentional action that causes data loss, and highlight on organizational responsibility such as:
- preventing data loss
- recovery from data loss
- Cost of data loss.
Segment 5: Effective Risk Management
This segment shall describe to the participants how to establish effective risk management program that covers:
- Establish purpose of the risk management program
- Assign the responsibility for the risk management
Segment 6: Risk Management Maturity
- This segment shall describe the road-mapping of risk management as related to IT processes; the framework will be based on the CMM maturity level concept.
Segment 7: IT Risk Management
- This segment shall describe on the Information Technology risk management which is part of the organization IT governance encompassing such as: the identification, assessment, and prioritization of IT operation risks, and followed by coordinated and economical application of IT resources to minimize, monitor, and control the probability and/or impact of unfortunate events.
Segment 8: Cases
- IT risk management cases
TRAINING METHOD
Pelatihan ini menggunakan metode interaktif, dimana peserta dikenalkan kepada konsep, diberikan contoh aplikasinya, berlatih menggunakan konsep, mendiskusikan proses dan hasil latihan.
1. 50% Theory
2. 50% Practices
3. Dynamic and interactive training presentation.
WHO SHOULD ATTEND
- Managers involved and related in the IT operations
- IT staff and executives involved in risk management and business process improvement
- Information technology professionals involved in projects that are concerned, in part, with the automation of business processes
- IT professionals especially from companies regulated to implement risk management and IT risk management such as banks and state-owned enterprises.
LEAD FACILITATOR
Iwan Sumantri, CEH, CEI, CHFI, CISA, CISM, CISSP, MCSE, CCNA.
Trainer yang bersertifikasi Internasional ini mempunyai pengalaman menjadi instructor / trainer pada berbagai pelatihan nasional, baik perusahaan-perusahaan swasta, BUMN atau instansi pemerintah di berbagai kota besar di Indonesia. Diantaranya DKI Jakarta, Riau, Kalimantan, Sulawesi, Maluku Utara hingga Papua Barat.
Pelatihan-pelatihan yang pernah Beliau bidangi diantaranya : IT Security Assessment, Risk Assessment & Gap Analysis, Penetration Testing Jaringan dan Aplikasi, Hacking Forensics Investigator, Keamanan Infrastruktur Internet Indonesia, Hacking Technique & Defense Strategy, Sosialisasi LPSE dan SMEP, Solusi Aplikasi E-Government dan lain-lain.
Tentu saja, beliau pun berpengalaman mengajar pelatihan bersertifikasi internasional. Diantaranya pelatihan Certified Ethical Hacker (CEH) v6, ECCouncil Network Security Administrator (ENSA), Certified Hacking Forensic Investigator (CHFI), Certified Information System Auditor (CISA), Certified Network Security Administrator (CNSA), Certified Information System Security Professional (CISSP), Cisco Certified Network Associate (CCNA), Certified Information Security manager (CISM), di beberapa perusahan dan instansi pemerintah seperti Telkom dan Lembaga Sandi Negara.
Date:
- 28 – 29 November 2011, 08.30 – 16.30
- 21 – 23 Desember 2011 08.30 – 16.00
Venue
Bandung
Aryaduta Hotel Semanggi / Harris Hotel ( Tebet )
Fee:
November
- Rp 5.150.000,- ( Full Fare )
- Early Bird : Rp 4.850.000,- (Paid 4 days Before 28 September 2011 )
- Group Price : Rp 13.500.000,- (3 participants from the same company)
Desember
- Rp 5.150.000,- ( Full Fare )
- Early Bird : Rp 4.850.000,- (Paid 4 days Before 21 Desember 2011 )
- Group Price : Rp 13.500.000,- (3 participants from the same company)