Jadwal Training 2024

Effective Management of Information Security, and Continually Improve the security level – ISO 27001 : Qualification Training

 

Effective Management of Information Security, and Continually Improve the security level – ISO 27001 : Qualification Training

Tanggal
14-16 Maret 2011

Jam Pelaksanaan
08.30 – 16.30 WIB

Tempat
Aryaduta Hotel Semanggi / Santika Hotel Jakarta

Pembicara / Fasilitator
Fauzi Hasan, DR, Ir. MM, MBA, PMP, CISA, CISSP, SSCP, CISM, CMPP, CSCP, CGeIT, APICS, ITIL, CEP-PM, APICS,
Having vast experience in the project management area with areas of exposure such as: banking IT & Telco, manufacturing, Oil and Gas industries, enhanced with application of business process improvement procedure in line with CMMI methodology; while also delivering consultancy in IT strategy and audit, and supplemented with direct involvement in the setting up of BCP and DRP complementing the establishment of DRC for local Indonesian banks and government institutions.
Business development and sales executive experienced in direct operational involvement in the information technology and telecommunication services. Major focus in satellite-VSAT/DMV/ ISBN and wireless OFDM, CDMA and embryonic form of 3G services, while having vast experiences for combined Telco solutions with diversified media and technology platforms applied in diversified Industry.

Strong exposure and with hands on knowledge of business process re-engineering and information technology implementation specializes in Enterprise Resource Planning cushioned with telecommunication network. During the exposures has presented deliverables such as:

  1. Project management for Bank, telecommunication industry, Oil &Gas
  2. CMMI application and Information system audit implementation
  3. Set up Telco services business for Oil and Gas
  4. Set up project management services and IT application services business in the Oil and Gas Industry sector
  5. Set up and expand the VSAT DMV services to major Oil industry
  6. Set up TETRA radio telecommunication business (NOKIA) in Indonesia, especially with Police dept and the TNI, and other government agencies
  7. Developed a strategy to implement IT application especially the ERP supporting the business processes in the area of logistics and supply chain management
  8. Initiated and developed a strategic alliance with a global computer company to design and market GIS system products
  9. Manage strategic corporate accounts at government institutions and major private organizations on hardware, software and telecommunication services
  10. Implement eTOM deployment in Saudi Telcom (STC), extensive exposure in process decomposition, and conducted BPAM and ITIL training to STC staffs
  11. Lecturer in IT governance and certified project management professional and in IT security, also supply chain management
  12. Develop and introduce the Integrated Logistics Services or Third Party Logistics to the Indonesian industrial community (Singapore Technology Logistics)
  13. Ran organization as a business within a business based on a custom driven philosophy, by introducing new concepts, programs and direction to increase productivity and efficiencies.
  14. Proven marketing and sales ability in closing management services different countries
  15. Negotiated and dealt with executives of multinational on various aspects of business ventures.
  16. Develop the Disaster Recovery Services business plan and execute with local and regional partners (SingTel)
  17. Develop and implement strategy for the implementation of SISKOMDAGRI project-telecommunication networking of the Minister of Internal Affairs
  18. Set up implement strategy for Telecommunication services business (Telco)
  19. Set up Intelligent Video Network/ IVN business with Scopus International in Indonesia

Strong strategic thinker, planner, and problem solver with leadership quality for achieving bottom-line goals, including managing multi-disciplinary, cross-cultural teams toward a common purpose.

Conceived and marketed a new trend and concept of Third Party Logistics facilitate clients with outsourcing the logistics and supply chain activities in the direction of generating efficiency and productivity as related to Oil and Gas industry. Developed and implemented programs for corporate accounts and the channels for the hardware and application systems as catalyst to the business acceleration and achievement at Hewlett-Packard.

Harga
Rp 5.150.000,- ( Full Fare )
Early Bird : Rp 4.850.000,- (Paid 5 days Before event)
Group Price : Rp 13.500.000,- (3 participants from the same company)

BACKGROUND
This qualification training covers the knowledge required to gain an understanding of the content and requirements of the international standard, ISO 27001: ISMS preparation. It covers the certification requirements of ISO 27001 and how the guidance in ISO 27001 based on BS 7799 and BS 17799 can be adopted by an organization to deliver effective management of information security, and continually improve the security level. The qualification is aimed at staff in internal and external service provider organizations who require knowledge and understanding of the ISO 27001 standard and its content.

The training provides:

  • Information Security Management System-ISMS, process and other security management staff with an awareness of and familiarity with the ISO 27001 standard
  • Individuals with the necessary knowledge to assess the relevance and importance of the ISO 27001 standard to the security management activities within their own organization
  • Managers and team leaders with a knowledge of a typical ISO 270001 IT security management system
  • Internal auditors, process owners, process reviewers and assessors with a good knowledge of the ISO 27001, BS 1779, BS 7799 standard, its contents and justification of the need for internal reviews, assessments and audits
  • Evidence that delegates have achieved a foundation level of knowledge of the ISO 27001 standard.

PURPOSE
At the completion of this course, the participants should be able to :

  1. Have overview and peripheral understanding of the aims and use of the ISO 27001 Specification and Code of Practice through an understanding of the roles of the component parts of the standard
  2. Explain appropriately their understanding of the integrated approach to maintaining IT security management systems and processes that conform with ISO/IEC 27001 certification
  3. Have conditional scoping and eligibility requirements and options to achieve certification
  4. Understand the common dialectics of Information Security Management System (ISMS) and the Plan, Do, Check Act cycle
  5. To provide a detail explanation of ISO 27001 ISMS component and the PDCA Cycle. Including Comprehensive Coverage of the Managerial and Technical Aspect of 27001. The training will discuss on how the company management involve in the Information Security Management System. Various methods to do risk Assessment. The implementation process flow to prepare for ISO 27001 Certification
  6. Have the understanding on the objectives and requirements of each section of the ISO 27001 Specification
  7. Have and understanding on need to plan, schedule, implement, review of ISO 27001 standard implementation
  8. Have understanding on reviews and internal audits of IT Security Management systems and ISMS against the requirements of the standard are used.

TRAINING METHOD
Pelatihan ini menggunakan metode interaktif, dimana peserta dikenalkan kepada konsep, diberikan contoh aplikasinya, berlatih menggunakan konsep, mendiskusikan proses dan hasil latihan.
1. 50% Theory
2. 50% Practices
3. Dynamic and interactive training presentation.

TRAINING SYLLABUS

  1. Understanding ISO 27001 scope, purpose and use Understand the principles of the ISO 27001standard and be able to describe its scope, purpose and use. The principles of a service management system including the need for:
  2. Overall quality management system on a structured hierarchy of policy, process and procedures
  3. Taking an end to end security management approach
  4. Management responsibility and control
  5. Recognition of the contribution of staff on security management
  6. Understanding ISO/27001 and Information Security Management (ISMS) Approach
    Understand the principles and processes for security management and the requirements of the overall security management system.
  7. Adopting the Plan, Do, Check, Act cycle to improve service
    Understand the approach to planning and implementing IT service management to ensure the required processes are effectively implemented, services are continually improved and the requirements of the ISO/IEC 20000 standard are met.
  8. Review, assessment and audit of ISMS
    Understand the review, assessment and audit of ISMS activities, including the use of supporting systems, tools and techniques that will enable an organization to plan and conduct reviews, assessments and internal audits of IT security management systems.
  9. Key Components Syllabus
  10. Background to Information Security
  11. PDCA Process Approach
  12. Information Security Management Systems
  13. Documentation Requirement
  14. Management Responsibility
  15. Internal ISMS Audit
  16. Management Review of ISMS
  17. ISMS Improvement
  18. Risk Assessment
  19. Detail Discussion on The Managerial and Technical Aspect of the ISO 27001 Control Framework
  20. Certification Process Flow.

Target Audience :
The course is aimed at all levels within the organization who want to attain an overview of the elements of the ISO 27001 standard and the certification process, and professionals such as the followings:

  1. IT Manager/ Director
  2. Business Manager/ Director
  3. IT Security Audit
  4. Risk Management Function
  5. Engineer in charge of IT Security Function

Bagikan:

KONTAK CEPAT

Tags

Avatar photo

 

Jika ada kebutuhan Inhouse training atau kelas khusus silahkan hubungi 0851-0197-2488 / 0899-8121-246 Petrus Soeganda. Untuk mengundang Petrus Soeganda sebagai Pembicara Internet Marketing

Tinggalkan komentar

Chat dengan kami
CV INFO SEMINAR
0899-8121-246