|
P229
– PROGRAMME ON INFORMATION SECURITY MANAGEMENT (COMPANY
SPECIFIC PROGRAMME FOR L.I.C. OF INDIA)
Background: The growth and success of nearly all enterprises rely on harnessing
Information Technology for secure, profitable use. As organizations
continue to take advantage of the opportunities available through global
networking, and need to comply with the existing or new security laws and
regulations, difficult decisions arise about how much money to
invest in IT security and control. Enterprises must consider the best ways
to offer flexibility to customers and trading partners, yet ensure
security of critical information and systems for all its users. Enterprise needs to formulate and establish policies and directives
in order to protect the investment, safeguard the information contained
within these systems, reduce business and legal risks and the most
important to protect the good name of the company. The policies also
need to define the Do’s and Don’ts identifying and fixing the
responsibilities. This would require a set of policies on Information
Security, Cyber ethics, email usage and privacy of business data in these
systems. Enterprise needs to translate these information security policies
into well-defined procedures that will be implemented at the operating
level. An Information Security Management System (ISMS) is a controlled
approach to managing sensitive company information so that it remains
secure. It encompasses people, processes and IT systems. Objectives: After completion of this programme, participants will be able to: ·
Recognize information as a
strategic resource; ·
Frame Information security
policies and procedures; ·
Identify the Data Security,
Integrity and Privacy Risks; ·
Enhance the effectiveness
of information by creating Security Framework; ·
Implement the information
security procedures in the operating offices; ·
Deal with the
implementation issues regarding the information security procedures Contents: ·
Information systems
resources and processes ·
Threats, risks and
vulnerabilities ·
Information, Integrity,
Privacy and Security Concerns ·
BS 7799 /ISO 17799, ISO
27000 Series, ITIL and COBIT Standards ·
Information Security
Policy: Framework ·
Enabling technologies for
implementing info-security policies ·
Cyber Ethics and e-mail
Policies ·
Hardware and Software
policies – acquisition, maintenance and outsourcing Participants’ Profile: Selected Manager of IT Department from Central Office, Zonal
Office, Divisional Office. Note: Prior knowledge of Computer is essential. Duration:
4 days Dates: 16.02.2009 - 19.02.2009 |
|