IT Risk Managementworkshop on

Duration: Two-days

Europe Middle East Asia| |

Leading IT Risk Management Solution Maker

in the market for last 3 decades.

Enlightened managements are moving towards utilization; measure and monitor risk-taking process.

establishing an integrated approach to risk management to

identify, measure, monitor, and control risks in their This workshop adopts a hands-on approach where each

organizations. Technology related risks in general and IT participant will fill in and complete a Risk Management

related risks in particular are now emerging as key Workbook. Our experience from past workshops indicate

elements in the enterprise risk management process. that this workbook has been found to add significant value

to the participants, at their workplace.

In view of rapid adoption of IT in areas of strategic This workshop is aimed at all those who create, process,

importance and also in matters pertaining to operations, IT store and use “information” including:

risk assessment is gaining importance. While the risks are ?IT – Operations and Infrastructure Mangers

now uniquely managed in respect of a relatively new band ?Info Security /Governance Managers

of assets, viz., information assets and corresponding IPF, ?Finance and Admin Managers

most of the generic principles of risk management remain ?NW, DB and Security Administrators

the same ?Internal Auditors for ISMS, BCMS and SMS

?Implementers of ISMS, BCMS and SMS

When contemplating and implementing uses of ?Corporate Risk and Compliance Officers

technology, managements should engage in a rigorous ?Legal and Regulatory affairs managers

process of identifying risks and also establish controls to ?HR Managers

manage them. This is easily said than done since the ?Data Center Managers

number of variables and their inter-relationships are large ?DR Center Managers

and complex. This complexity supports the need to ?ISO31000 aspirants

establish an integrated approach to risk management. ?ISO 9001:2015, ISO 27001:2013,

ISO 22301:2012, ISO 20001:2011 standard

In order to benefit from harnessing the power technology, implementing ,certified organizations

effective risk management process involves three essential ?Automated system organization like oracle, cloud,

elements viz., evolution of a clear plan for use of ERP system etc...

technology; decision on how it will implement technology

The use of technology-centric products, services, delivery channels, and processes exposes enterprises to various risks including transaction, strategic, reputation, and compliance risks; to name a few. There are other forms of risks some of which are unique to given business verticals while others are location and / or organization specific.

Duration & Delivery – Eight sessions with the instructor that will have structured presentations,

case discussions, quiz and individual / group exercises where the participants will complete

exercises using Risk Management Workbook.

0900 to

1030

?Introduction to ERM and Key IT Risk

concepts

?Emerging frameworks for IT Risk

Management

?ISO31000 – emergence as best practice

guide and the future certification standard

?Completion of Part-1 of Workbook on IT Risk

Management

?Key components of IT Risk Management

?Importance of IT Risk Management to your

organization

?Risk Dynamics and Risk Attitudes

?Internal Risk Environment

?External Risk Environment

?Governance and infrastructure: why do we

need to consider these while doing IT Risk

Assessment

?Completion of Part – 2 of Workbook on IT

Risk Management

?· Building an IT Risk Management culture

?Working with stakeholders – contributions

and impediments

Mid-Morning Break

Lunch Break

Afternoon Break

1030 to

1100

1230 to

1315

1350 to

1445

1445 to

1515

1515 to

1645

1100 to

1230

0900 to

1030

?Risk Perception and Influences

?Risk Identification, Analysis and Assessment

?Completion of Part-4 of Work book on IT

Risk Management

?Risk Categorization and Prioritization

?Risk Articulation and Risk Registry

?Effective Risk Score and Residual Risk Score

?Risk Treatment and Controls

?Completion of Part-5 of Work book on IT

Risk Management

?Report on Risk to Top Management and Risk

Appetite acceptance

Mid-Morning Break

Lunch Break

Afternoon Break

1030 to

1100

1230 to

1315

1350 to

1445

1445 to

1515

1515 to

1645

1100 to

1230

Day – 1 Day – 2

Program schedule

Hands on exercises are indicated in font Green

This workshop was offered in the following locations; many times at some locations

Work Shop Datesth thDubai : 17 -18 April 2016

th thAbu Dhabi : 19 -20 April 2016Maximum participants in a workshop 16

Contact:

Williams - 0097155 631 6260 p.williams@bascertification.com

George - 0097150 287 7545 m.george@bascertification.com

Anjala - 0097156 45 44935 m.anjala@bascertification.com

BAS Dubai - 009714 33 40045 certification@bascertification.com

| Dubai | Abu Dhabi | Muscat | Kuwait | Doha

In house batches are available on request across the globe