MindGrove Training Consultancy

HOME
Photographic image of World cities

ABOUT US

IT GOVERNANCE AND RISK FOR THE NON-IT PROFESSIONAL

PLEASE NOTE: This course is run in partnership with the Institute of Internal Auditors (IIA). Please visit the IIA's website or call the IIA's Training & Events Department on 0207 498 0101 for course cost and details of how to book.

______________________________________________________________

COURSE OVERVIEW

Although IT Governance and IT Risk are known to be key operational issues, discussion of appropriate IT Governance structures and IT Risk is often restricted to those with an IT background or role. This course is deliberately pitched at those who do not have an IT background and those who spend little time working with technology. It is designed to bridge the gap between specialist and non-specialist roles. Easy-to-grasp and life-like examples will span the most important elements of this course allowing all delegates to learn through example. There will be opportunities throughout this course to raise and explore issues concerned with technology.

COURSE BENEFITS

Skills:

After completion of this course, you will be able to:

  • Understand how IT facilitates the delivery of organisational objectives

  • Understand the concepts and strategies underpinning IT Governance

  • Understand the boundaries imposed on information technology by UK law

  • Understand the key risks involved in the arrangements for and support of IT services and how these can be managed

  • Understand the major security-related risks that occur in the delivery of IT services and how these can be reduced

Support Materials:

The course is accompanied by a detailed manual that contains examples, explanations and reference materials to form a useful personal resource when you return to work.

WHO SHOULD ATTEND

Anyone who wishes to extend their knowledge into the field of IT Governance and Risk or anyone that needs to obtain a balanced overview of this subject matter area in order to make a contribution to the IT Governance and Risk debate. This course assumes or requires no prior IT knowledge or skills.

COURSE Programme

IT governance and management

  • IT as the strategic means for meeting the organisation’s objectives and stakeholders’ expectations

  • Critical dependence on IT by organisations

  • How the Board should address the challenge of IT governance

  • How executive management should address the challenge of IT governance

  • COSO and CoCo initiatives and attempts at creating governance structures: ISO:17799; COBIT; GTAG

IT governance and operating within the law

  • Data Protection Act / Freedom of Information Act

  • Regulation of Investigatory Powers Act

  • Surveillance and monitoring at work via electronic means

  • Computer Misuse Act

  • Copyright and Patents Act

  • Electronic Communications Act

IT performance risks

  • Managed services and outsourcing

  • Contractual issues

  • Contingency, disaster and business resumption planning

IT project and software development risks

  • Project Life cycles – project risk; project management standards

  • Systems Life cycles – software development risk; software development standards

  • Application data reliability – internal control structures and reasonable assurance

IT service and security risks

  • Service delivery best practices

  • Service support best practices

  • Security and behaviour policies

  • Network security and transaction risk: availability, integrity, non-repudiation, confidentiality, authenticity; solutions to these risks using cryptographic services

  • Rogue software: spyware and redirection agents, Trojan horses, virus and worm agents

  • Pornography – the impact on systems and the individual

  • Covert activities and signalling – making collusion more difficult

Integrating IT/IS audit

  • Connecting IT risk with the objectives of the organisation

  • Risk based integration of IT auditing

  • SOX and IT auditing / SAS 70 and IT auditing

PRESENTED BY:
This course is designed, developed and presented by MindGrove Ltd.

TRAINING

In-House Training

Public Course Schedule

Course Library

CONSULTANCY

RESOURCES

CLIENTS

CONTACT US

DATES

LOCATION

21 - 22 May 08

London
02 - 03 Dec 08 London

If there are more than 3 people in your organisation interested in this course, you may wish to bring the course in-house.

Please call us on 01925 732 757 to discuss this option.

Copyright 2008 MindGrove Ltd.

Call us on +44 (0)1925 732 757

All rights reserved.
to discuss your requirements