IT Risk Management
Duration: 2 days
Target Audience: Information Risk Managers, IT Risk Managers, Information Security Managers, Chief Information Officers and related roles that are required to implement or improve their IT Risk Management strategies, monitoring and reporting processes.
Key Learning Outcomes
- Learn how to take a proactive approach to IT Risk Management, aligned with other corporate governance efforts.
- Know how to identify and assess risks associated with information technology.
- Practice using various assessment frameworks and tools to monitor and report on your organisation’s IT risks.
- Develop a practical Risk Management Plan.
Course Delivery Includes:
- Theory: Latest best practice
- Team discussions
- Individual and group exercises
- Case studies
- Technique application practice
- Personal action planning
Course Outline: IT Risk Management
DAY 1
IT Risk Management - the Bigger Picture
The relationship between IT Governance and IT Risk Management
The Information Risk Management Function
The IT Risk Management Committee
Aligning IT Risk Management with other Corporate Risk Management Efforts
Assessing IT/Business Alignment
Principles of Risk Management
Objectives, Risks and Controls
The Risk Management Process
The Risk Management Grid
Risk Mitigation Strategies
Preparing an IT Risk Management Plan
DAY 2
Your IT Risk Management Toolbox
IT Risk Management Frameworks and Governance Requirements
Most Useful Frameworks for Information Risk Managers
- Capability Maturity Model (CMM)
- COBIT
- COSO ERM Framework
- ITIL
- BS7799/ISO17799
- Balanced Scorecard
Key Considerations
Information Security
Project Portfolio Management
Critical Success Factors for IT Risk Management
Management Actions