|
P229
– PROGRAMME ON INFORMATION SECURITY MANAGEMENT (COMPANY
SPECIFIC PROGRAMME FOR L.I.C. OF INDIA) Background The
growth and success of nearly all enterprises rely on harnessing
Information Technology for secure, profitable use. As organizations
continue to take advantage of the opportunities available through global
networking, and need to comply with the existing or new security laws and
regulations, difficult decisions arise about how much money to
invest in IT security and control. Enterprises must consider the best ways
to offer flexibility to customers and trading partners, yet ensure
security of critical information and systems for all its users. Enterprise
needs to formulate and establish policies and directives in order to
protect the investment, safeguard the information contained within these
systems, reduce business and legal risks and the most important to protect
the good name of the company. The policies also need to define the
Do’s and Don’ts identifying and fixing the responsibilities. This
would require a set of policies on Information Security, Cyber ethics,
email usage and privacy of business data in these systems. Enterprise
needs to translate these information security policies into well-defined
procedures that will be implemented at the operating level. An Information
Security Management System (ISMS) is a controlled approach to managing
sensitive company information so that it remains secure. It encompasses
people, processes and IT systems. Objectives After
completion of this programme, participants will be able to - •
Recognize information as a strategic resource; •
Frame Information security policies and procedures; •
Identify the Data Security, Integrity and Privacy Risks; •
Enhance the effectiveness of information by creating Security Framework; §
Implement
the information security procedures in the operating offices; §
Deal
with the implementation issues regarding the information security
procedures Contents
§
Information systems
resources and processes §
Threats,
risks and vulnerabilities §
Information,
Integrity, Privacy and Security Concerns §
BS
7799 /ISO 17799, ISO 27000 Series, ITIL and COBIT Standards §
Information
Security Policy: Framework §
Enabling
technologies for implementing info-security policies §
Cyber
Ethics and e-mail Policies §
Hardware
and Software policies – acquisition, maintenance and outsourcing Participants’
Profile Selected
Manager of IT Department from Central Office, Zonal Office, Divisional
Office. Note:
Prior knowledge of Computer is essential. Duration
:
4 days
|
|