IT Security
Overview
3-day single organisation course
The global coverage and complexity of the IT infrastructure, the increasing use of the internet and public communications systems and the demands made by society combined with the continual threat of terrorism are amongst the pressures on organisations to provide high-availability IT Services that are safe and secure.
This course provides practical guidance for the planning and successful implementation of an IT Security Management function, and puts it in the context of an organisation's overall IT Service Management framework, based on industry best practice guidelines.
Objectives
The course provides an opportunity for staff involved in the support and delivery of IT Services to gain a greater understanding of the issues relating to the development and implementation of a comprehensive IT Security strategy.
Who should attend?
The course is aimed at staff who are involved in the support and delivery of IT Services, and who wish for a greater understanding of the issues relating to the development and implementation of a comprehensive IT Security strategy.
There are no particular course qualifications, but delegates should be familiar with the difficulties and issues that surround the provision and support of contemporary IT Services, combined with a general understanding of Service Management.
Structure
The course comprises lectures, group discussion and syndicate work.
The course content is based on a wide variety of sources, including the IT Infrastructure Library (ITIL®), and the framework suggested by ISO 27001 and ISO 17799.
Content
Topics covered include:
- Fundamentals - scope, concepts and definitions
- Context - why bother with Security Management, business need and business benefit, the legal aspect, the Security Management framework
- Standards and procedures - security standards, ISO 27001 & ISO 17799, certification of systems, codes of conduct and employee issues, developing a Security Policy
- Threats - what are the threats to the infrastructure (distributed systems, data centres, networks, software, information, etc.)? What are the threats posed by increased exposure to the internet and the prevalence of malicious software?
- Risk Management - approaches to analysing risk, assessing vulnerability, implementing countermeasures and combating risk
- Protecting the infrastructure - software safeguards, people issues, network and communications considerations, servers and systems, preserving integrity of information, development issues, maintaining confidentiality, business continuity
- Interfaces into IT Service Management - integrating IT Security Management into IT Service Management
- Security Management roles - The role of the Security Manager, start-up and ongoing activities
- Implementing Security Management - costs, awareness, problems and success criteria.
Documentation
Comprehensive course documentation is provided.
What Next?
Following on from this course, you may wish to consider:
- IT Governance Awareness (1-day or half-day)
- Introduction to Enterprise Risk Management (1-day) with optional practical workshop on day 2
- ITIL Foundation course (3-day) leading to the Foundation Certificate in Service Management
- ITIL Practitioner courses, especially IT Service Continuity (3-day)
- COBIT® Foundation course (2-day)
- ITIL® Service Capability courses (5-day)
- ITIL® Service Lifecycle courses (3-day)
You may also be interested in:
- foxMAPS
baseline current operation and outline implementation roadmap - foxPRISM
web based Process Knowledge Base
Please contact us to discuss your requirements with our team of expert advisors.
