Deutsch
English
Français
NewsSecurity-Management
Duration: 3 days
Requirements: The desire to improve IT-Security in your organisation
Description:
Business processes increasingly depend on IT and IT-Security. The importance of IT-Security Management is growing with the complexity of your IT-Environment.
It becomes a necessary management-process (comparable with quality-management) that is still unrealised in many enterprises or public authorities.
This course shows you which organisational structures are essential for an efficient IT Secrity Management, gives examples for documents (e.g. policies) and how an it can be enforced in your daily business routine. You will learn how to do risk analysis in IT and how to write operation manuals. One goal of this course is the formulation of policy documents.
Content:
- Responsibilities and limits of IT Security Management
- Sub-processes: risk analysis & risk management, implementing measures and policies, controll-structures & mechanisms, review/audit
- Security Policies: function and scope of a Security Policy, typical components of a policy, the do´s and don´s a policy, the interaction of policy and risk analysis, publication & enforcement of the security policy, document management and version control.
- Standards: The „BSI Grundschutzhandbuch“, ISO TR 13335/GMITS, BS 7799/ISO 17799, comparation and latitude, combining „BSI Grundschutzhandbuch & BS7799, the interface to ITIL
- Field reports: Examples from a public authority, an international bank and an enterprise.
- Showcase: sub-processes
- Incident Response: strategies & course of action, responsibilities, reporting and working with third parties
- Business Continuity Planning: methods and procedures, scenarios, BCP Monitoring & Testing
Maximum number of participants: 8
Current workshops
on request