ISACA New York Metropolitan Chapter

Entity Wide Security Program Planning and Management






 

Instructor: Cereda Amos
Date: August 7th - 8th, 2007
Duration: 2 Days
CPE Credits: 14
Location:

St. John's University

Manhattan Campus
101 Murray Street, New York, NY

Cost: $450 Members; $550 Non-members

 

TO RESERVE A SEAT YOU MAY CONTACT:

Peter Kane at Pkane@cablevision.com or 516-803-2251

An entity-wide program for security planning and management is the foundation of an entity’s security control structure and a reflection of senior management’s commitment to addressing security risks. This seminar starts by explaining these concepts as outlined in GAO’s Federal Information System Controls Audit Manual (FISCAM), and continues on to discuss areas that have not yet been included in GAO guidance. For each area, the applicable control activities, control techniques, and audit procedures will be discussed in detail.

  • Information Security Strategy
  • Types of Security Risks
  • Risk Management Concepts
  • Risk Assessment Process
  • Auditing the Risk Assessment Process
  • Security Policy & Standards
  • Hiring, Termination, & Performance Policies
  • Security Program Plan
  • Security Management Structure
  • Security Awareness
  • Security Monitoring & Evaluation
  • Security Incidents
  • Incident Response
  • Contractual Monitoring & Review
  
Copyright © 2002 Information Systems Audit and Control Association (ISACA™). All rights reserved.

Last updated April 11, 2007 3:54 PM