Course Agenda

  • What IT risk is
      • Security vs. risk
      • Security: Confidentiality, integrity, availability
      • Corporate pyramid- value delivery vs. risk management
  • 4-tier ITR  approach
      • Enterprise risk governance
      • IT Risk governance
      • IT Risk management
      • IT Risk controls
  • 4-layers of IT Risk interdependence
      • Business processes
      • IT Applications
      • IT Infrastructure
      • IT SD/SM
  • Six step IT Risk approach
      • Risk governance
      • RCA
      • LCA
      • Risk Indicators
      • Risk Scenario- for AIC
      • Risk reporting
  • 3 Frameworks
      • Assurance centric
      • Operations centric
      • Action orientation centric
  • Various risk concepts
      • Risk appetite vs. risk tolerance
      • Risk policies
      • Risk appetite techniques
      • R and R

Day 2 | Day 3 | Day 4 | Day 5