Course details

Overview ?

INTRODUCTION

Information is pervasive across all organisations, technology and processes. Information, technology and data is all around us, both tangible, intangible, active and passive. The need to drive more value from IT investments and manage an increasing array of IT-related commercial risks has never been greater. Increasing regulation is also driving heightened awareness amongst directors and IT management of the importance of a well-controlled IT environment and the need to comply with legal, regulatory and contractual obligations. Effective enterprise governance of IT will result in improved performance, risk reduction and compliance with external requirements.
Information Management Compliance is a complex and detailed area. Personnel involved or which have responsibility for the organisation’s information needs and compliance, will invariably involve all areas of the business. Therefore, IT Management and multidisciplinary teams involved in information management compliance, need a firm understanding of corporate governance and regulatory considerations to fulfil their duties effectively and responsibly. They also need to keep abreast of practical and theoretical developments in the direction of their organisation and that of Information Management. This calls for adequate and specialized training and professional development.

WHO SHOULD ATTEND?

This training session has been designed for IT Management and personnel responsible for IT operations, network maintenance and data integrity/compliance and related projectsIt is also of key benefit to executives, senior managers, lawyers, investors, regulators, auditors and personnel responsible for compliance and technology within an organisation

PROGRAMME OBJECTIVES

Review the current state and direction of best practices in corporate governance
Appreciate implementing and embedding best practices within your organisation/institution
Understand how to structure board committees, institutional policies and procedures to conform to international requirements and expectations
Appreciate the role of audit within the compliance and corporate governance models
Learn successful techniques in communicating governance procedures with outside stakeholders, including shareholders, governments and communities
Review best practice guidance for implementation of governance directives within the management of the organisation
Review the governance of other institutions, avoiding common pitfalls and implementing best practice
Analyse the cost and how to identify and maximise the financial benefit from improved corporate governance and procedures
Understand in detail ISO27002 – Code of Practice for Information Management, and appropriate controls for technology

TRAINING METHODOLOGY

Participants will gain detailed knowledge by active participation in seminars, group discussions and real life case studies.
Delivery will be by presentation, group syndicate investigations, training DVD and interactive seminars
ORGANISATIONAL IMPACT
Organisations will be better educated in relation to risks and benefits that corporate governance can bring. Successful delegates will understand the requirements, obligations, key regulations and codes of practice which are pervasive in corporate governance and Information Management today. This in turn will allow shareholders and executives to place good reliance on controls and governance models which safeguard information and business processes. Being able to adapt the current best practice will ensure that the organisation can benefit from leading solutions relevant for the organisational ethos, culture and regulatory infrastructure.
PERSONAL IMPACT
This leading seminar will provide delegates with an understanding of corporate governance and relevant stakeholder perspectives and responsibilities. With a review of relevant models, regulations and codes of practices for Information Management, this will ensure successful delegates can avoid common pitfalls and utilise best practice to ensure compliance when implementing corporate governance, information management and technical controls.

COMPETENCIES EMPHASIZED

Directors Roles and Responsibilities
Accountability and Audit
Effective Management and Control
Regulation and Codes of Practice
Information Management
ISO 27002 Code of Practice for Information Security Management
Technical and Management Controls for Information Management
Corporate Governance Models and Best Practice
Compliance, Audit and Successful Steps to implementation

PROGRAMME OUTLINE

DAY 1

Corporate Governance
Corporate Governance
An introduction and Development
Strategic, Tactical and Operational Considerations
Governance Model Considerations
IT Governance Framework
Strategic Alignment
Value Delivery
Risk Management
Resource Management
Performance Measurement
Success factors in choosing the correct Governance Model

DAY 2

Governance Models, Legislation and Codes of Practice
Defining a Code of Best Practice
Codes and Laws Compared
Use of Codes to Establish Confidence
Adapting and Implementing International Standards
Case Study

DAY 3

Information Management
Code of Practice for Information Security Management – ISO 17799 / ISO27002
Best Practice and Implementing Guidance and Controls For ISO27002
Information Security Management Overview
Risk Assessment and Controls
Security Policy Documentation
Organising Information Security Management
IT Asset Management
Personnel and Human Resources

DAY 4

Information Management ISO27002
Best Practice and Implementing Guidance and Controls For ISO27002
Physical and Environmental Security
Operations Management and Communications
Access Control
Information Systems (Design, Development, Maintenance)
Incident Management
Business Continuity
Regulatory Compliance
Best Practice and Implementation Guidance to BS ISO/IEC 38500:2008 – IT Management
Case Study