IT RISK MANAGEMENT
based on Various Frameworks, Standards, and Models: BASEL II, ISO 20000, ITIL, COSO, COBIT, ISO 27001, BS 25999 ,NIST’s SP-800-30 OCTAVE™, ISO 27005
Jakarta | 18 – 22 August 2014 | Rp 9.500.000/peserta
Jakarta | 8 – 12 September 2014 | Rp 9.500.000/peserta
Jakarta | 6 – 10 October 2014 | Rp 9.500.000/peserta
Jakarta | 10 – 14 November 2014 | Rp 9.500.000/peserta
Jakarta | 8 – 12 December 2014 | Rp 9.500.000/peserta
TRAINING DESCRIPTION:
The IT risk management is the application of risk management to Information technology context in order to manage IT risk, i.e.: The business risk associated with the use, ownership, operation, involvement, influence and adoption of IT within an enterprise.
IT risk management can be considered a component of a wider Enterprise risk management system.
Risk management is the identification, assessment, and prioritization of risks followed by coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities.
This training is built around globally accepted standards such as ISO 31000:2009 and frameworks such as ISACA’s Risk IT, and NIST and OCTAVE guidelines for risk management.
TRAINING OBJECTIVES:
Identify where and how to reduce known/unknown IT risks
Identify areas of cost-benefit optimization and thus reduce IT expenditure
Understand the ISO 31000:2009 standard and its applicability to the corporate environment
Understand risk assessment as addressed in BASEL II, ISO 20000, ISO 27001, ITIL, COSO, COBIT, BS 25999 and its relevance to IT
Understand the different IT Risk Assessment Standards, Models and Methodologies – NIST’s SP-800-30, and OCTAVE™, ISO 27005
Insights on practical use of risk assessment and control evaluation techniques
TRAINING MATERIAL OUTLINE:
DAY 1:
Background:
Briefing on Definition of Risk and Risk in context of Information Technology
Discussion and recording: Known risk scenarios
IT Risk Management Initiative
Project Planning Requirements
Groundwork:
General Risk Scenarios
Understanding Business-specific, industry-specific, region/location-specific scenarios
Recording the scenarios
Management Buy-in
Degree of business dependence on information technology
Understanding and recording technology-specific risks
Tying in general risk scenarios with IT risks
Techniques of building business case
Budgeting
Project Planning
Resource Identification and Allocation
Understanding the Concepts and Techniques
IT Risk Management Cycle
Technology and business drivers
Risk Terms – Asset, Threat, Threat Agent, Threat Event, Vulnerability, Countermeasure, Risk, Residual Risk
Risk Assessment Methodology
ISO 31000:2009 Overview
Exercises, and Discussion
DAY 2:
IT Risk Assessment:
IT Process Selection
IT Component Selection
Approach Selection
Risk Discussion :
Risks from IT Strategy adopted
Risks from IT Processes and Plans
Risks from Networks and Systems
Risks from Business Applications
Risks from Internal Application
Risks from Devices – Security Implementation, Disaster Recovery, Business Continuity
Risks from Internal and External customers
Applying ISO 31000 and Risk IT for Risk Assessment
Challenges and Solutions
Case Study I
Exercises, and Discussion
DAY 3:
IT Risk Mitigation :
IT Risk Mitigation Options
IT Risk Mitigation Strategy
Controls’ Identification and Analysis
Cost Benefit Analysis
Calculating Residual Risk
Case Study II
Applying ISO 31000 and Risk IT for Risk Mitigation
Evaluation IT Risk Management Cycle :
Project Evaluation
Learning from Selection and Execution techniques
Integrating IT Risk Management with various frameworks and standards – BASEL II, ISO 20000, ITIL, COSO, COBIT, ISO 27001, BS 25999 ,NIST’s SP-800-30,, OCTAVE™, ISO 27005
IT Risk Management Cycle: A Revision
Exercises, and Discussion
DAY 4:
Special Project / Case Study “ IT Risk Assessment” (part 1)
DAY 5:
Special Project / Case Study “ IT Risk Assessment” (part 2)
INSTRUCTOR :
Ir. Muhammad Tavip, MPM, Cert.HR (US-Based).
Muhammad Tavip, Ir., MPM, Cert. HR pemegang sertifikasi internasional Project Management berdasarkan PMBOK – PMI, USA dan Human Resource Management (US-based), Alumni of Institut Teknologi Bandung (1992) dan Post Graduate Diploma dari University of South Australia, Adelaide (1995). Beberapa Sertifikasi Internasional yang dipegangnya adalah: Project Management (PM)/ITPM, Software Business Analysis (SBA), Systems Analysis and Design (SAD), Software Quality Assurance (SQA), Software Testing Professional (STP), IT Infrastructure Library (ITIL ), Disaster Recovery Planning (DRP).
Memiliki pengalaman lebih dari 15 tahun di bidang IT, Management and Business. Beliau Mengelola Proyek berskala Nasional dan International. Memberikan jasa konsultansi di bidang Project Management dan IT Project Management, Enterprise Project Management using Project Server 2003/2007/2010, Pelatihan dan Konsultansi Implementasi Balanced Scorecard, dan IT Management consulting. Beliau merupakan salah satu pendesain software Balanced Scorecard MBRIO yang telah digunakan beberapa perusahaan swasta berskala UKM.
Beliau berpengalaman lebih dari 10 tahun memberikan pelatihan baik public maupun in-house dan Coaching untuk bidang IT Management termasuk: Project Management (PM)/ITPM, Software Business Analysis (SBA), Systems Analysis and Design (SAD), Software Quality Assurance (SQA), Software Testing Professional (STP), IT Infrastructure Library (ITIL V2 and V3 ), Disaster Recovery Planning (DRP), IT Risk Management, Information Security Management based on PBI, , COBIT 5 Foundation, Operation Management ( supply chain management, logistics management, warehouse management, inventory management), project financing.
Dari tahun 2001 s/d sekarang Beliau telah membimbing lebih dari 5000 para project Manager di Indonesia mempelajari Project Management dan IT Project Management berdasarkan standard defector PMBOK – PMI, USA mulai dari versi 2000, 2004, dan PMBOK 2008.
Beberapa klien yang pernah mendapatkan bimbingan/ training/coaching/ konsultasi Project Management/ IT Project Management sejak 2001 s/d sekarang diantaranya adalah:
PEMERINTAHAN & BUMN:
Bank Indonesia, PT. Bank Mandiri (Persero) Tbk, PT. Bank Negara Indonesia (Persero) Tbk, PT. Bank Rakyat Indonesia (Persero) Tbk, Depnakertrans, Departemen Dalam Negri, Departemen PU, Departemen Agama, Departemen Keuangan, PLN, BKPM, BPKP, PT. PUSRI, Sekolah Staff Komando Angkatan Laut (SESKOAL). PT. Telkom, PT. Sigma Cipta Caraka, Komisi Pemberantasan Korupsi (KPK), PT. Antam, Tbk, PT. Laras Astra Kartika, dll.
PERUSAHAAN SWASTA:
PT. Bank Artha Graha International Tbk, Bank BTN, PT. Bank UOB Buana, Artha Jasa, Kabel Vision, Alcatel, PT. Hindoli (A Cargill Co), Satelindo, Excelcom, Bank Bali, Bank Permata, Tbk, Citra Sari Makmur, PT. Amway Indonesia, PT. Pabrik Kerta Tjiwi Kimia, PT. Astragraphia, Tbk, Metro TV news, PT. Intikom, PT. Bank DKI, Galenium Pharmasia Lab, PT. Unicharm Indonesia, PT. Primacom, PT. Gramedia – Majalah, Swadharma, PT. Data Script, PT. Bank Mega, PT. Astra Oto Parts, Talisman Energy Inc, PT. Berca Hardaya Perkasa, PT. Mandiri Sekuritas, PT. Arutmin, ACC, dll.
PERUSAHAAN ASING:
Caltex, Unocal, PWC, Chevron, BHP Billiton, Vico Indonesia, PT. Coats Indonesia, PT. Sumiko Leadframe Bintan, PT. Metlife Sejahtera, Santos Asia Pacific Pty Ltd, German Centre, PT. Thames PAM Jaya, PT. AC Nielsen Indonesia, KPC, PT. Freeport Indonesia, PT. Mattel Indonesia, PT. Bank Rabobank International Indonesia, PT. Roche Indonesia, PT. Nestle Indonesia, PT. Arun LNG, PT. Sinar Meadow International Indonesia, PT. Bank HSBC, PT. Oberthur Indonesia, PT. Bank Woori Indonesia, PT. Bank of Tokyo, PT. Atlas Copo, PT. Bank RBS,dll.
UNIVERSITAS & LSM:
Universitas PETRA, STIE Perbanas, Universitas Trisakti, HIV Foundation, Universitas Maranatha, Universitas Satya Wacana, Universitas Atmajaya World Vision, dll.
VENUE :
Jakarta( Hotel Ibis Arcadia/Hotel Harris Tebet/Hotel Oak Tree/Setiabudi Building 2)
TRAINING DURATION :
5 days
TRAINING TIME
18 – 22 August 2014
8 – 12 September 2014
6 – 10 October 2014
10 – 14 November 2014
8 – 12 December 2014
INVESTATION PRICE/PERSON :
Rp 9.500.000/peserta (bayar penuh) atau
Rp 9.250.000/peserta (early bird, yang membayar 1 minggu sebelum training) atau
Rp 8.950.000/peserta (untuk peserta bergroup yang terdiri dari 3 orang peserta atau lebih dari 1 perusahaan yang sama)
FACILITIES FOR PARTICIPANTS:
Training Module
Flash Disk contains training material
Certificate
Stationeries: NoteBook and Ballpoint
T-Shirt
Backpack
Training Photo
Training room with Full AC facilities and multimedia
Lunch and twice coffeebreak every day of training
Qualified Instructor
Transportation for participants from hotel of participants to/from hotel of training – VV (if minimal participants is 4 persons from the same company)
Formulir Permintaaan Informasi Lanjutan / Pra-Pendaftaran Public Training
INFORMATION OPTIONS
Judul Training (required)
Tanggal Training
Select a message type
(required)
PERSONAL DATA
Your Name (required)
Job Title (required)
Company (required)
Company Address
Email (valid email required)
Mobile Phone (required)
Office Phone (required)
Extention No.
Facsimile (Fax)
Website
PRE REGISTRATION DATA (Tidak Mengikat)
Penanggung Jawab Training di Perusahaan
Email
Office Phone+Ext atau No. Handphone
Jumlah Peserta (required)
Nama-nama peserta
Payment Method
MESSAGE FOR TRAINING PROVIDER
Pesan untuk penyelenggara Training
CC this registration / message to me
cforms contact form by delicious:days