18 - 20 September 2007, Amora Jamison, Sydney, Australia
Protect what's important
Register   |    Brochure   |    Sponsor   |    Email a friend   |    Add to diary

Masterclasses

Day Three, Thursday 20th September 2007 - Post conference masterclasses

Masterclass A

“Risk Management – the ISO 27001 Way”

This masterclass will be focus on requirements within the ISO 27001 standard and is designed to benefit organisations seeking to implement an ISO 27001 based management system or want to have their management systems certified to ISO 27001. Case study examples and practical advice will equip you with the tools to effectively integrate information security principles with enterprise risk management models.

Agenda:

Bridging IT security and risk management
-  Defining Risk
- Using information security to mitigate enterprise / business risk.
- Scope and level of risk assessments
- ISO27001 as a methodology for security risk assessment

Risk management methodology and policy
- Determining the scope of your Information Security Management System
- Identifying critical assets and associated threats
- Identifying critical risks and analysing the risks
- Continual improvement program

ISMS Certification- how and why
- Preparing for the certification audit
- Building assurance and sustainability in your compliance program
- Driving continuous improvement

Your Masterclass A leader:

Brahman Thiyagalingham
Business Manager—ICT Risk and Assurance
SAI Global

Brahman Thiyagalingham has lead SAI Global’s Information Security Management Systems program for the last three years and has recently been appointed to the position of Business Manager – ICT Risk and Assurance. Brahman was projects manager for Standards Australia committee IT-012-04 where he was managing the committee responsible for the publication of Information Security and Related risk management standards including AS/NZS 7799.2:2003 and HB 231.

 

Masterclass B

“2007 View from the Trenches – Challenges for IT Security Management”

In this masterclass, Drazen Drazic, Managing Director of Security-Assessment.com, Australia, will share SA’s “view from the trenches” – their real world experiences on what really is happening in the world of IT. It’s a scary place – are you owned already? No? Drazen will also talk about approaches to IT Security and Risk Management – what’s working, what isn’t and the myths of reliance upon technology alone. He will then take attendees through the “Strategic Security Management Framework” – a new way to think about managing IT Security and Risk in the Enterprise.

Agenda
- Threats to business today 
- What’s real, what’s not – what we are seeing 
- The popular “head in the sand” approach to IT Security 
- The realities of cyber crime – think it doesn’t impact you? Think again! 
- A critical look at current risk and defence strategies 
- Technology myths 
- Compliance vs. Security (ticks vs. security) 
- Adopting the Strategic Security Management Framework

Your Masterclass B leader

Drazen Drazic
Managing Director
Security-Assessment.com Australia

Drazen Drazic is the Managing Director of leading IT security research company Security-Assessment.com Australia, which provide IT security and risk management consulting services to some of the region’s largest businesses. In previous lives, Drazen has headed up IT Security for a global investment bank and a Big 4 firm. He is the chief writer on IT Security Management blog Beast or Buddha as well as the owner of leading IT Security News site Dailyinfosec.

Sponsors
Exhibitors
Endorser
Media Partner
Online Media Partner
Organised by

Hedge Funds World | Terrapinn.com | Terrapinn Financial Training | Terrapinn Training | Total Media + Content | Total Telecom
Leave a comment | About Terrapinn | CopyRight | Privacy | Terms & Conditions
©Terrapinn Ltd. MMIV