FORMA SZKOLENIA MATERIAŁY SZKOLENIOWE CENA CZAS TRWANIA

Podobne dokumenty
Cel szkolenia. Konspekt

Why do I need a CSIRT?

PLAN STUDIÓW Wydział Elektroniki, Telekomunikacji i Informatyki, Wydział Zarządzania i Ekonomii Inżynieria danych

No matter how much you have, it matters how much you need

MS OD Integrating MDM and Cloud Services with System Center Configuration Manager

PROGRAM STAŻU. Nazwa podmiotu oferującego staż IBM Global Services Delivery Centre Polska Sp. z o.o.

Dwie oceny systemu bezpieczeństwa: ilościowa i jakościowa. Robert Kępczyński Senior Consultant

Elżbieta Andrukiewicz Ryszard Kossowski PLAN BEZPIECZEŃSTWA INFORMACJI

PROGRAM STAŻU. Nazwa podmiotu oferującego staż IBM GSDC SP.Z.O.O. Miejsce odbywania stażu IBM, ul. Muchoborska 8, Wrocław, Poland

Czy OMS Log Analytics potrafi mi pomóc?

Wydział Informtyki i Nauki o Materiałach Kierunek Informatyka

Dotyczy PN-EN ISO 14001:2005 Systemy zarządzania środowiskowego Wymagania i wytyczne stosowania

WYDZIAŁ NAUK EKONOMICZNYCH. Studia II stopnia niestacjonarne Kierunek Międzynarodowe Stosunki Gospodarcze Specjalność INERNATIONAL LOGISTICS

Krytyczne czynniki sukcesu w zarządzaniu projektami

Przegląd certyfikatów branŝowych

Kierunek: Informatyka rev rev jrn Stacjonarny EN 1 / 6

Terminarz Szkoleń ACTION CE

Program szkolenia: Fundamenty testowania

Usługi IBM czyli nie taki diabeł straszny

CENNIK I TERMINARZ SZKOLEŃ

Brief description of the paper/report. Chain 90% 10% District

Effective Governance of Education at the Local Level

Metodyki projektowania i modelowania systemów Cyganek & Kasperek & Rajda 2013 Katedra Elektroniki AGH

Wydział Inżynierii Produkcji i Logistyki Faculty of Production Engineering and Logistics

Zarządzanie sieciami telekomunikacyjnymi

POPRAWKA do POLSKIEJ NORMY PN-EN ISO 9001:2009/AC. Dotyczy PN-EN ISO 9001:2009 Systemy zarządzania jakością Wymagania. listopad 2009 ICS

PROGRAM STAŻU. IBM Global Services Delivery Centre Sp z o.o. Nazwa podmiotu oferującego staż / Company name. Muchoborska 8, Wroclaw

Internal Audit. Question. Solution. Course objectives. Course benefits. Who is it for?

PROGRAM STAŻU Nazwa podmiotu oferującego staż IBM GSDC SP.Z.O.O

Terminarz Szkoleń ACTION CE

POLITYKA PRYWATNOŚCI / PRIVACY POLICY

Business Development Consulting

Spis treści. Wprowadzenie... 13

PROGRAM STAŻU. Nazwa podmiotu oferującego staż / Company name IBM Global Services Delivery Centre Sp z o.o.

Updated Action Plan received from the competent authority on 4 May 2017

Auditorium classes. Lectures

What our clients think about us? A summary od survey results

Health Resorts Pearls of Eastern Europe Innovative Cluster Health and Tourism

PROGRAM STAŻU. Nazwa podmiotu oferującego staż / Company name IBM Global Services Delivery Centre Sp z o.o.

Dlaczego my? HARMONOGRAM SZKOLEŃ lipiec - wrzesień ACTION Centrum Edukacyjne. Autoryzowane szkolenia. Promocje

Wykaz norm i innych dokumentów normalizacyjnych serii ISO i ich polskie odpowiedniki

Zarządzanie ryzykiem w IT

Rada do spraw cyfryzacji Zespół: Edukacja cyfrowa

Zwiększanie Potencjału Na Rzecz Bezpieczeństwa Ruchu Drogowego Building Road Safety Capacity

Szkolenia informatyczne Vavatech

OSI Physical Layer. Network Fundamentals Chapter 8. Version Cisco Systems, Inc. All rights reserved. Cisco Public 1

CENNIK SZKOLEO MICROSOFT OFFICE

Łukasz Reszka Wiceprezes Zarządu

PRZEWODNIK PO PRZEDMIOCIE. Negotiation techniques. Management. Stationary. II degree

Terminarz Szkoleń II kwartał 2013 ACTION CE

Projekt: Mikro zaprogramowane na sukces!

bezpieczeństwo informacji zarządzanie ryzykiem ochrona danych osobowych optymalizacja procesów biznesowych

Administrowanie systemami informatycznymi

How to run successfully Clinical Trial Project?

OSI Data Link Layer. Network Fundamentals Chapter 7. Version Cisco Systems, Inc. All rights reserved. Cisco Public 1

KATALOG SZKOLEŃ. Kod szkolenia Nazwa szkolenia Czas trwania. QC370 ALM Quality Center Scripting 11.x 2

Ethernet. Ethernet. Network Fundamentals Chapter 9. Podstawy sieci Rozdział 9

Struktura organizacyjna Pekao Banku Hipotecznego SA

Evaluation of the main goal and specific objectives of the Human Capital Operational Programme

Implementation of the JEREMIE initiative in Poland. Prague, 8 November 2011

WYDZIAŁ NAUK EKONOMICZNYCH

Tworzenie zintegrowanych strategii miejskich. Creation of integrated urban strategies? the example of the Krakow Functional Area

Technical training services

[MS-10979] Course 10979C: Microsoft Azure Fundamentals (2 dni)

WYDZIAŁ NAUK EKONOMICZNYCH

Dlaczego my? HARMONOGRAM SZKOLEŃ październik - grudzień ACTION Centrum Edukacyjne. Autoryzowane szkolenia. Promocje

Kalendarium szkoleo Kwiecieo - Czerwiec 2010

Strona główna > Produkty > Systemy regulacji > System regulacji EASYLAB - LABCONTROL > Program konfiguracyjny > Typ EasyConnect.

ARROW ECS SERVICES AUTORYZOWANE CENTRUM SZKOLENIOWE

Installation of EuroCert software for qualified electronic signature

Course: PRiSM Practitioner - The Green and Sustainable Approach to Project Management - Acredited by GPM Global Registered with IPMA

Notacje i modelowanie procesów biznesowych

Dlaczego my? HARMONOGRAM SZKOLEŃ kwiecień - czerwiec ACTION Centrum Edukacyjne. Autoryzowane szkolenia. Promocje

Platforma dostępności Veeam dla rozwiązań Microsoft. Mariusz Rybusiński Senior System Engineer Veeam Microsoft MVP

HARMONOGRAM SZKOLEŃ. październik - grudzień 2019

Wykorzystanie mechanizmów norm serii ISO do potwierdzania zgodności z wymogami ochrony danych osobowych

Form of study: Stationary studies Number of hours/week: 1, 1, 0, 1, 0. Course guide

Dlaczego my? HARMONOGRAM SZKOLEŃ kwiecień - czerwiec ACTION Centrum Edukacyjne. Autoryzowane szkolenia. Promocje RODO / GDPR

Zespół Szkół nr 4 im Janusza Groszkowskiego al. Bielska Tychy PRAKTYK. imię i nazwisko stażysty first name and last name

Zakopane, plan miasta: Skala ok. 1: = City map (Polish Edition)

CENNIK I TERMINARZ SZKOLEŃ

SIG as a practical application of the State Enterprise Architecture

KATALOG SZKOLEŃ ARROW ECS SERVICES AUTORYZOWANE CENTRUM SZKOLENIOWE. Kwiecień 2013

[MS-55070] Course 55070A: Microsoft Lync 2013 Depth Support Engineer (5 dni)

Agile Software Development. Zastosowanie metod Scrum i Kanban.

Metodyka dla projektu SYRIUSZ

Advanced Internet Information Services Management (IIS 8)

KATALOG SZKOLEŃ. Windows Server 2016 Liczba dni STYCZEŃ LUTY MARZEC KWIECIEŃ MAJ CZERWIEC

Międzynarodowe Standardy Profesjonalnej Praktyki Audytu Wewnętrznego Tłumaczenie na język polski

Wojewodztwo Koszalinskie: Obiekty i walory krajoznawcze (Inwentaryzacja krajoznawcza Polski) (Polish Edition)

USB firmware changing guide. Zmiana oprogramowania za przy użyciu połączenia USB. Changelog / Lista Zmian

Ankiety Nowe funkcje! Pomoc Twoje konto Wyloguj. BIODIVERSITY OF RIVERS: Survey to teachers

Procedura oceny wniosków kryteria kwalifikowalności projektów i kryteria oceny

PLANY I PROGRAMY STUDIÓW

Schedule 2 T2S Programme Planning and Monitoring, r.

Specialist training services

Winning the Risk Wprowadzenie do Zarządzania Ryzykiem 25 stycznia 2016

Ankiety Nowe funkcje! Pomoc Twoje konto Wyloguj. BIODIVERSITY OF RIVERS: Survey to students

AN EVOLUTION PROCESS FOR SERVICE- ORIENTED SYSTEMS

Transkrypt:

Szkolenie: Mile2 FORMA SZKOLENIA MATERIAŁY SZKOLENIOWE CENA CZAS TRWANIA Stacjonarne Tradycyjne 1150 EUR NETTO* 4 dni Stacjonarne Tablet CTAB 1250 EUR NETTO* 4 dni Metoda dlearning Tradycyjne 1150 EUR NETTO* 4 dni Metoda dlearning Tablet CTAB 1150 EUR NETTO* 4 dni * (+VAT zgodnie z obowiązującą stawką w dniu wystawienia faktury) LOKALIZACJE Kraków - ul. Tatarska 5, II piętro, godz. 9:00-16:00 Warszawa - ul. Bielska 17, godz. 9:00-16:00 Cel szkolenia: The Certified Information Systems Security Auditor covers the skills and knowledge to assess vulnerabilities, report on compliance and institute controls within small and major enterprises. The Certified Information Systems Security Auditors will receive in-depth understanding in the topics of IS audit, control, assurance, and security professionals, including IT consultants, auditors, managers, security policy writers, privacy officers, information security officers, network administrators, security device administrators, and security engineers. Upon Completion Students will: Establish a certified and accredited (authorized) information system in any organization according to current best practices and Federal standards. Students will enjoy an in-depth course that is continuously updated to maintain and incorporate the ever-changing security and risk environment. Understand security best practices on how to keep information secure Have knowledge to identify a security breach Be ready to sit for the C)ISSA exam. Plan szkolenia: The Process of Auditing Information Systems www.compendium.pl strona 1 z 13

Audit Charter Definition of Auditing Definition of Information Systems Auditing Audit Objectives Audit Planning Audit Planning cont. IS Audit Resource Management Types of Audits Elements of an Audit Creating the Plan for an Audit Planning the Audit Audit Methodology Phases of an Audit Audit Work papers Audit Procedures Types of Tests for IS Controls Forensic Audits Fraud Detection Risk Based Auditing Risk Based Auditing Definition of Risk Purpose of Risk Management Risk Management Purpose of Risk Analysis Why Use Risk Based Auditing Risk Assessment and Treatment Risk Assessment and Treatment cont. General Controls Internal Controls Areas of Internal Control IS Controls Versus Manual Controls IS Controls IS Controls cont. Internal Control Objectives Assessing and Implementing Countermeasures Performing an Audit Risk Assessment www.compendium.pl strona 2 z 13

A Risk Based Audit Approach Risk based Auditing Audit Planning and Performance Audit Planning Effect of Laws and Regulations on IS Audit Planning Performing the Audit ISACA IT Audit and Assurance Tools and Techniques ISACA IT Audit and Assurance Standards Framework Relationship Among Standards, Guidelines and Tools and Techniques ISACA IT Audit and Assurance Standards Framework cont. Evidence Gathering Evidence Sampling Compliance vs. Substantive Testing Testing Controls Integrated Auditing Using the Services of Auditors and Experts Audit Risk Computer-assisted Audit Techniques Reporting on Audit Audit Analysis and Reporting Audit Documentation Automated Work Papers Automated Work Papers cont. Evaluation of Audit Strengths and Weaknesses Communicating Audit Results Management Implementation of Audit Recommendations IT Governance and Management Governance and Management of IT Corporate Governance IT Governance Information Technology Monitoring and Assurance Practices for Management Best Practices for IT Governance Information Security Governance Result of Security Governance www.compendium.pl strona 3 z 13

Strategic Planning and Models IS Strategy Strategic Enterprise Architecture Plans IT Strategy Committee Standard IT Balanced Scorecard Enterprise Architecture Maturity and Process Improvement Models IT Investment and Allocation Practices Auditing IT Governance Structure and Implementation Policies, Standards and Procedures Policies and Procedures Policies Procedures Standards Risk Management Risk Management Process Risk Analysis Methods Risk Mitigation Resource Management Organization of the IT Function IS Roles and Responsibilities Segregation of Duties Within IS Segregation of Duties Controls Human Resource Management Sourcing Practices Management of IT Functional Operations Organizational Change Management Change Management cont. Quality Management Performance Optimization Reviewing Documentation Reviewing Contractual Commitments Business Continuity Planning Business Continuity Planning IS Business Continuity Planning Disasters and Other Disruptive Events www.compendium.pl strona 4 z 13

Business Continuity Planning Process Business Continuity Policy Business Continuity Planning Incident Management Business Impact Analysis cont. Development of Business Continuity Plans Other Issues in Plan Development Components of a Business Continuity Plan Components of a Business Continuity Plan cont. Insurance Plan Testing Summary of Business Continuity Auditing Business Continuity Reviewing the Business Continuity Plan Evaluation of Prior Test Results Evaluation of Offsite Storage Interviewing Key Personnel Evaluation of Security at Offsite Facility Reviewing Alternative Processing Contract Reviewing Insurance Coverage Systems Acquisition, Development and Implementation Program and Project Management Portfolio/Program Management Portfolio/Program Management cont. Business Case Development and Approval Benefits Realization Techniques General IT Project Aspects Project Context and Environment Project Organizational Forms Project Communication Project Objectives Roles and Responsibilities of Groups and Individuals Project Management Practices Project Planning Project Planning cont. General Project Management Project Controlling www.compendium.pl strona 5 z 13

Project Risk Closing a Project Systems Development Models Business Application Development Traditional SDLC Approach Traditional SDLC Approach cont. Traditional SDLC Approach cont. Requirements Definition Business Process Reengineering and Process Change Projects Business Process Reengineering and Process Change Projects cont. Risk Associated with Software Development Use of Structures Analysis, Design and Development Techniques Alternative Development Methods Agile Development Agile Development Prototyping Rapid Application Development Other Alternative Development Methods Computer-aided Software Engineering Fourth-generation Languages Types of Specialized Business Applications Electronic Commerce Electronic Data Interchange Electronic Mail Electronic Banking Electronic Finance Electronic Funds Transfer Automated Teller Machine Artificial Intelligence and Expert Systems Business Intelligence Decision Support Systems Decision Support Systems cont. Acquisition Infrastructure Development / Acquisition Practices Project Phases of Physical Architecture Analysis Hardware Acquisition www.compendium.pl strona 6 z 13

System Software Acquisition Auditing Systems Development, Acquisition and Maintenance Auditing Systems Development Acquisition System Software Change Control Procedures Application Controls Application Controls Input/Origination Controls Processing Procedures and Controls Output Controls Types of Output Controls Business Process Control Assurance Auditing Application Controls Application Testing Precautions Regarding Testing System Change Procedures and the Program Migration Process Information Systems Operations, Maintenance and Support Information Security Management Information Systems Operations Management of IS Operations IT Service Management Infrastructure Operations Monitoring Use of Resources Support / Help Desk Change Management Process Release Management System and Communications Hardware Computer Hardware Components and Architectures Computer Hardware Components and Architectures cont. Security Risks with Portable Media Security Controls for Portable Media Hardware Maintenance Program Hardware Monitoring Procedures Capacity Management IS Architecture and Software Operating Systems Access Control Software www.compendium.pl strona 7 z 13

Data Communications Software Data Management Database Management System cont. Tape and Disk Management Systems Utility Programs Software Licensing Issues Digital Rights Management Auditing Networks Network Infrastructure Enterprise Network Architectures Types of Networks Network Standards and Protocol OSI Architecture Application of the OSI Model in Network Architectures cont. Network Architectures Network Components Communications Technologies Communications Technology cont. Wireless Networking Risks Associated with Wireless Communications Internet Technologies Auditing of Network Management Auditing of Applications Management Hardware Reviews Operating System Reviews Database Reviews Network Infrastructure and Implementation Reviews Network Infrastructure and Implementation Reviews Physical Security Audits Access Controls Review Scheduling Reviews Scheduling Reviews; Questions to Consider Auditing Job Scheduling Job Scheduling Reviews Personnel Reviews Business Continuity and Disaster Recovery www.compendium.pl strona 8 z 13

Audits Auditing of Business Continuity Plans Recovery Point Objective and Recovery Time Objective Business Continuity Strategies Recovery Strategies Recovery Alternatives Audit of Third Party Recovery Agreements Organization and Assignment of Responsibilities Team Responsibilities Backup and Restoration Auditing Networks Network Infrastructure Enterprise Network Architectures Types of Networks Network Services Network Standards and Protocols OSI Architecture OSI Architecture (continued) Application of the OSI Model in Network Architectures cont. Network Architectures Network Components Communications Technologies Communications Technology cont. Wireless Networking Risk Associated with Wireless Communications Internet Technologies Auditing of Network Management Auditing of Applications Management Hardware Reviews Operating Systems Reviews Database Reviews Network Infrastructure and Implementation Reviews Network Infrastructure and Implementation Reviews Physical Security Audits Access Controls Review www.compendium.pl strona 9 z 13

Access Controls Review cont. Scheduling Reviews Scheduling Reviews; Questions to Consider Auditing Job Scheduling Job Scheduling Reviews Personnel Reviews Business Continuity and Disaster Recovery Audits Auditing of Business Continuity Plans Recovery Point Objective and Recovery Time Objective Business Continuity Strategies Recovery Strategies Recovery Alternatives Audit of Third Party Recovery Agreements Organization and Assignment of Responsibilities Team Responsibilities Backup and Restoration End of Domain Four Protection of Information Assets Information Security Management Importance of Information Security Management Key Elements of Information Security Management Critical Success Factors to Information Security Management Inventory and Classification of Information Assets Privacy Management Issues and the Role of IS Auditors Social Media Risks Access Controls System Access Permission Mandatory and Discretionary Access Controls IAAA Authentication Authorization Challenges with Identity Management Identification and Authentication Logical Access Exposures Paths of Logical Access Logical Access Control Software www.compendium.pl strona 10 z 13

Auditing Logical Access Access Control Lists Centralized versus Decentralized Access Decentralized Access Risks Single Sign-on (SSO) Single Sign-on Advantages Single Sign-on Disadvantages Familiarization with the Organization s IT Environment Remote Access Remote Access Security Auditing Remote Access Logging All System Access Equipment and Network Security Security of Portable Media Mobile Device Security Storing, Retrieving, Transporting and Disposing of Confidential Information Concerns Associated with Storage Media Network Infrastructure Security LAN Security Issues Client-server Security Wireless Security Threats Audit Log Analysis Tools Internet Threats and Security Causes of Internet Attacks Firewalls Firewall Issues Network Security Architectures Honeypots and Honeynets Intrusion Detection and Prevention Systems IDS / IPS Components IDS / IPS Features Voice-Over IP (VoIP) Techniques for Testing Security Auditing Network Infrastructure Security Encryption Encryption Definition www.compendium.pl strona 11 z 13

Encryption Symmetric Encryption Asymmetric Algorithms Hashing Algorithms Digital Signatures Digital Envelope Public Key Infrastructure (PKI) Uses of Encryption in Communications Auditing Encryption Implementations Malware Viruses Virus Protection Other Forms of Malware Incident Handling and Evidence Security Incident Handling and Response Evidence Handling Physical and Environmental Controls Physical Access Issues and Exposures Physical Access Issues and Exposures cont. Physical Access Controls Controls for Environmental Exposures Controls for Environmental Exposures cont. Controls for Environmental Exposures cont. Electrical Problems Auditing Physical Access Wymagania: The C)ISSA was created to train & certify managers of information systems who have experience with Information Security Risk, Security, Compliance, & Incident Management of systems. If you are lacking experience in one or two of these areas we recommend taking our C)ISSO: Certified Information Systems Security Officer Certification. This is specialized course, and as such we expect our students to be familiar with these subjects before coming to the course. Poziom trudności www.compendium.pl strona 12 z 13

Certyfikaty: The participants will obtain certificates signed by Mile2 (course completion). This course will help prepare you for the Certified Information Systems Security Auditor exam, which is available through the on-line Mile2 s Assessment and Certification System which is accessible on your mile2.com account. The exam will take 2 hours and consist of 100 multiple choice questions. Each participant in an authorized training will receive a free CISSA exam voucher. Prowadzący: Certified Mile2 Instructor. Informacje dodatkowe: We also recommend further training and certification: C)ISRM Information Systems Security Risk Manager C)ISSM Information Systems Security Manager www.compendium.pl strona 13 z 13

2024 © DocPlayer.pl Polityka prywatności | Warunki świadczenia usług | Zwrotny adres