Certified Information Security Manager (CISM)
Aryaduta Hotel Semanggi/ Ibis Arcadia, Jakarta | October 15th – 19th, 2012 | Rp. 7.250.000,
Description :
The Certified Information Security Manager® (CISM®) certification program is developed specifically for experienced information security managers and those who have information security management responsibilities. The CISM certification is for the individual who manages, designs, oversees and/or assesses an enterprise’s information security (IS). The CISM certification promotes international practices and provides executive management with assurance that those earning the designation have the required experience and knowledge to provide effective security management and consulting services. Individuals earning the CISM certification become part of an elite peer network, attaining a one-of-a-kind credential. The CISM job practice also defines a global job description for the information security manager and a method to measure existing staff or compare prospective new hires. The course contents are impregnated by standard course recognized by CISA ( Certified Information Security Auditor)
Objectives :
The course has been designed to enhance the skill of participants in the area of security management, especially in relation to their day-to-day operation as related to information security management. The training shall provide the participant with the following capabilities:
- Have thorough understanding on Common Body of Knowledge within the scope of Information Security Management
- Enhanced knowledge and skill in dealing with the operational issues as related to information security within day-to-day installation operation
- Enhanced the skill in the design, implement, manage, and asses the organization’s IT security system by applying the Common Body of Knowledge in CISM
- Prepare individual competency for the CISM professional exam
- To enhance the skill of the participants in Information Secuity, and escalate their management proficiency with broad managerial perspective essential for their day-to-day IT security operation and preparing the skill for IT security management procedural set up.
Target Audience :
- Chief Information Security Officer (CISO)
- Chief Information Officers (CIO)
- Chief Technology Officers (CTO)
- IS/IT Steering Committee
- Audit Committee
- IT Senior Manager
- Information Security Manager
- Senior Risk Manager
- Senior Audit Manager
- IT & Audit Staff
- IT Security Staff
- Risk Management Staff
- Academic students
Course Contents and Descriptions
- Information Security Governance
- Information Risk Management
- Information Security Program(me) Development
- Information Security Program (me) Management
- Information Security Management
- Incident and Response Management
- An information security steering group function
- Legal and regulatory issues associated with Internet businesses, global transmissions and trans border data flows
- Common insurance policies and imposed conditions
- Information security process improvement
- Recovery time objectives (RTO) for information resources
- Cost benefit analysis techniques in assessing options for mitigating risks threats and exposures to acceptable levels.
- Security metrics design, development and implementation.
- Information security management due diligence activities and reviews of the infrastructure.
- Events affecting security baselines that may
- The requirements for collecting and presenting evidence; rules for evidence, admissibility of evidence, quality and completeness of evidence.
- External vulnerability reporting sources
- The key components of cost benefit analysis and enterprise migration plans
- Privacy and tax laws and tariffs, data import/export restrictions, restrictions on cryptography, warranties, patents, copyrights, trade secrets, national security
- CISM information classification methods
- Life-cycle-based risk management principles and practices.
- Cost benefit analysis techniques in assessing options for mitigating risks threats and exposures to acceptable levels.
- Security baselines and configuration management in the design and management of required risk assessment
- Changes to information security requirements in security plans, test plans and re-performance
- Disaster recovery testing for infrastructure and critical business applications, business applications and the infrastructure
- Acquisition management methods and techniques
- Evaluation of vendor service level agreements, preparation of contracts) CISM question and answer
Workshop Leader :
Fauzi Hasan
Fauzi Hasan, DR, Ir. MM, MBA, PMP, CISA, CISSP, SSCP, CISM, CMPP, CSCP, CGeIT, APICS, ITIL, CEP-PM, APICS,
Having vast experience in the project management area with areas of exposure such as: banking IT & Telco, manufacturing, Oil and Gas industries, enhanced with application of business process improvement procedure in line with CMMI methodology; while also delivering consultancy in IT strategy and audit, and supplemented with direct involvement in the setting up of BCP and DRP complementing the establishment of DRC for local Indonesian banks and government institutions.
Business development and sales executive experienced in direct operational involvement in the information technology and telecommunication services. Major focus in satellite-VSAT/DMV/ ISBN and wireless OFDM, CDMA and embryonic form of 3G services, while having vast experiences for combined Telco solutions with diversified media and technology platforms applied in diversified Industry.
Strong exposure and with hands on knowledge of business process re-engineering and information technology implementation specializes in Enterprise Resource Planning cushioned with telecommunication network. During the exposures has presented deliverables such as:
- Project management for Bank, telecommunication industry, Oil &Gas
- CMMI application and Information system audit implementation
- Set up Telco services business for Oil and Gas
- Set up project management services and IT application services business in the Oil and Gas Industry sector
- Set up and expand the VSAT DMV services to major Oil industry
- Set up TETRA radio telecommunication business (NOKIA) in Indonesia, especially with Police dept and the TNI, and other government agencies
- Developed a strategy to implement IT application especially the ERP supporting the business processes in the area of logistics and supply chain management
- Initiated and developed a strategic alliance with a global computer company to design and market GIS system products
- Manage strategic corporate accounts at government institutions and major private organizations on hardware, software and telecommunication services
- Implement eTOM deployment in Saudi Telcom (STC), extensive exposure in process decomposition, and conducted BPAM and ITIL training to STC staffs
- Lecturer in IT governance and certified project management professional and in IT security, also supply chain management
- Develop and introduce the Integrated Logistics Services or Third Party Logistics to the Indonesian industrial community (Singapore Technology Logistics)
- Ran organization as a business within a business based on a custom driven philosophy, by introducing new concepts, programs and direction to increase productivity and efficiencies.
- Proven marketing and sales ability in closing management services different countries
- Negotiated and dealt with executives of multinational on various aspects of business ventures.
- Develop the Disaster Recovery Services business plan and execute with local and regional partners (SingTel)
- Develop and implement strategy for the implementation of SISKOMDAGRI project-telecommunication networking of the Minister of Internal Affairs
- Set up implement strategy for Telecommunication services business (Telco)
- Set up Intelligent Video Network/ IVN business with Scopus International in Indonesia
Strong strategic thinker, planner, and problem solver with leadership quality for achieving bottom-line goals, including managing multi-disciplinary, cross-cultural teams toward a common purpose.
Conceived and marketed a new trend and concept of Third Party Logistics facilitate clients with outsourcing the logistics and supply chain activities in the direction of generating efficiency and productivity as related to Oil and Gas industry. Developed and implemented programs for corporate accounts and the channels for the hardware and application systems as catalyst to the business acceleration and achievement at Hewlett-Packard.
FEE :
- Rp. 6.750.000, – (Registration 3 person/more; payment before October 8th, 2012)
- Rp. 6.950.000, – (Reg before October 1st, 2012; payment before October 8th, 2012)
- Rp. 7.250.000, – (Full Fare; payment at the latest October 19th, 2012)
- Add. charge 10 % will be applied for max 1 month late payment. And 20 % for payment after 1 month.