Effective Management of Information Security, and Continually Improve the security level – ISO 27001 : Qualification Training
14-16 Maret 2011
08.30 – 16.30 WIB
Aryaduta Hotel Semanggi / Santika Hotel Jakarta
Pembicara / Fasilitator
Fauzi Hasan, DR, Ir. MM, MBA, PMP, CISA, CISSP, SSCP, CISM, CMPP, CSCP, CGeIT, APICS, ITIL, CEP-PM, APICS,
Having vast experience in the project management area with areas of exposure such as: banking IT & Telco, manufacturing, Oil and Gas industries, enhanced with application of business process improvement procedure in line with CMMI methodology; while also delivering consultancy in IT strategy and audit, and supplemented with direct involvement in the setting up of BCP and DRP complementing the establishment of DRC for local Indonesian banks and government institutions.
Business development and sales executive experienced in direct operational involvement in the information technology and telecommunication services. Major focus in satellite-VSAT/DMV/ ISBN and wireless OFDM, CDMA and embryonic form of 3G services, while having vast experiences for combined Telco solutions with diversified media and technology platforms applied in diversified Industry.
Strong exposure and with hands on knowledge of business process re-engineering and information technology implementation specializes in Enterprise Resource Planning cushioned with telecommunication network. During the exposures has presented deliverables such as:
- Project management for Bank, telecommunication industry, Oil &Gas
- CMMI application and Information system audit implementation
- Set up Telco services business for Oil and Gas
- Set up project management services and IT application services business in the Oil and Gas Industry sector
- Set up and expand the VSAT DMV services to major Oil industry
- Set up TETRA radio telecommunication business (NOKIA) in Indonesia, especially with Police dept and the TNI, and other government agencies
- Developed a strategy to implement IT application especially the ERP supporting the business processes in the area of logistics and supply chain management
- Initiated and developed a strategic alliance with a global computer company to design and market GIS system products
- Manage strategic corporate accounts at government institutions and major private organizations on hardware, software and telecommunication services
- Implement eTOM deployment in Saudi Telcom (STC), extensive exposure in process decomposition, and conducted BPAM and ITIL training to STC staffs
- Lecturer in IT governance and certified project management professional and in IT security, also supply chain management
- Develop and introduce the Integrated Logistics Services or Third Party Logistics to the Indonesian industrial community (Singapore Technology Logistics)
- Ran organization as a business within a business based on a custom driven philosophy, by introducing new concepts, programs and direction to increase productivity and efficiencies.
- Proven marketing and sales ability in closing management services different countries
- Negotiated and dealt with executives of multinational on various aspects of business ventures.
- Develop the Disaster Recovery Services business plan and execute with local and regional partners (SingTel)
- Develop and implement strategy for the implementation of SISKOMDAGRI project-telecommunication networking of the Minister of Internal Affairs
- Set up implement strategy for Telecommunication services business (Telco)
- Set up Intelligent Video Network/ IVN business with Scopus International in Indonesia
Strong strategic thinker, planner, and problem solver with leadership quality for achieving bottom-line goals, including managing multi-disciplinary, cross-cultural teams toward a common purpose.
Conceived and marketed a new trend and concept of Third Party Logistics facilitate clients with outsourcing the logistics and supply chain activities in the direction of generating efficiency and productivity as related to Oil and Gas industry. Developed and implemented programs for corporate accounts and the channels for the hardware and application systems as catalyst to the business acceleration and achievement at Hewlett-Packard.
Rp 5.150.000,- ( Full Fare )
Early Bird : Rp 4.850.000,- (Paid 5 days Before event)
Group Price : Rp 13.500.000,- (3 participants from the same company)
This qualification training covers the knowledge required to gain an understanding of the content and requirements of the international standard, ISO 27001: ISMS preparation. It covers the certification requirements of ISO 27001 and how the guidance in ISO 27001 based on BS 7799 and BS 17799 can be adopted by an organization to deliver effective management of information security, and continually improve the security level. The qualification is aimed at staff in internal and external service provider organizations who require knowledge and understanding of the ISO 27001 standard and its content.
The training provides:
- Information Security Management System-ISMS, process and other security management staff with an awareness of and familiarity with the ISO 27001 standard
- Individuals with the necessary knowledge to assess the relevance and importance of the ISO 27001 standard to the security management activities within their own organization
- Managers and team leaders with a knowledge of a typical ISO 270001 IT security management system
- Internal auditors, process owners, process reviewers and assessors with a good knowledge of the ISO 27001, BS 1779, BS 7799 standard, its contents and justification of the need for internal reviews, assessments and audits
- Evidence that delegates have achieved a foundation level of knowledge of the ISO 27001 standard.
At the completion of this course, the participants should be able to :
- Have overview and peripheral understanding of the aims and use of the ISO 27001 Specification and Code of Practice through an understanding of the roles of the component parts of the standard
- Explain appropriately their understanding of the integrated approach to maintaining IT security management systems and processes that conform with ISO/IEC 27001 certification
- Have conditional scoping and eligibility requirements and options to achieve certification
- Understand the common dialectics of Information Security Management System (ISMS) and the Plan, Do, Check Act cycle
- To provide a detail explanation of ISO 27001 ISMS component and the PDCA Cycle. Including Comprehensive Coverage of the Managerial and Technical Aspect of 27001. The training will discuss on how the company management involve in the Information Security Management System. Various methods to do risk Assessment. The implementation process flow to prepare for ISO 27001 Certification
- Have the understanding on the objectives and requirements of each section of the ISO 27001 Specification
- Have and understanding on need to plan, schedule, implement, review of ISO 27001 standard implementation
- Have understanding on reviews and internal audits of IT Security Management systems and ISMS against the requirements of the standard are used.
Pelatihan ini menggunakan metode interaktif, dimana peserta dikenalkan kepada konsep, diberikan contoh aplikasinya, berlatih menggunakan konsep, mendiskusikan proses dan hasil latihan.
1. 50% Theory
2. 50% Practices
3. Dynamic and interactive training presentation.
- Understanding ISO 27001 scope, purpose and use Understand the principles of the ISO 27001standard and be able to describe its scope, purpose and use. The principles of a service management system including the need for:
- Overall quality management system on a structured hierarchy of policy, process and procedures
- Taking an end to end security management approach
- Management responsibility and control
- Recognition of the contribution of staff on security management
- Understanding ISO/27001 and Information Security Management (ISMS) Approach
Understand the principles and processes for security management and the requirements of the overall security management system.
- Adopting the Plan, Do, Check, Act cycle to improve service
Understand the approach to planning and implementing IT service management to ensure the required processes are effectively implemented, services are continually improved and the requirements of the ISO/IEC 20000 standard are met.
- Review, assessment and audit of ISMS
Understand the review, assessment and audit of ISMS activities, including the use of supporting systems, tools and techniques that will enable an organization to plan and conduct reviews, assessments and internal audits of IT security management systems.
- Key Components Syllabus
- Background to Information Security
- PDCA Process Approach
- Information Security Management Systems
- Documentation Requirement
- Management Responsibility
- Internal ISMS Audit
- Management Review of ISMS
- ISMS Improvement
- Risk Assessment
- Detail Discussion on The Managerial and Technical Aspect of the ISO 27001 Control Framework
- Certification Process Flow.
Target Audience :
The course is aimed at all levels within the organization who want to attain an overview of the elements of the ISO 27001 standard and the certification process, and professionals such as the followings:
- IT Manager/ Director
- Business Manager/ Director
- IT Security Audit
- Risk Management Function
- Engineer in charge of IT Security Function
cforms contact form by delicious:days
Jika jadwal yang Anda cari sudah terselenggara (terlewat). Silahkan hubungi kami untuk permintaan jadwal terbarunya di 0899-8121-246