IT security risk management: A lifecycle approach - ITSG-33

Course ITS201C

Description

This instructor-led course introduces the concept of cyber security Cyber securityThe protection of digital information, as well as the integrity of the infrastructure housing and transmitting digital information. More specifically, cyber security includes the body of technologies, processes, practices and response and mitigation measures designed to protect networks, computers, programs and data from attack, damage or unauthorized access so as to ensure confidentiality, integrity and availability. risk management for the Government of Canada (GC). The course is based on the principles and practices detailed in the guidance document “IT Security Risk Management: A Lifecycle Approach” (ITSG-33). It focuses on the high-level processes in Annex 1 which identify business needs for security and define the IT security risk management environment. It also provides a brief overview of the Information System Security Implementation Process (ISSIP). Scenario-based discussions and exercises are included to support situating the processes within a departmental context. Upon completing this course, participants will be familiar with the risk management process, methodology, and key concepts.

Note: This course is part of the boot camp ITS202C - IT Security Risk Management. As a result, you are not required to register for this course if you are planning to register for the boot camp.

Objectives

  • Apply IT risk management within a GC context as defined in CSE guidance ITSG-33
  • Identify the initial steps to integrating risk management guidance within your department/agency

Target audience

Project/Program Managers, IT Security Designers, Architects, Engineers, and Managers.

Prerequisites

Prior to attending, participants should have a working knowledge of GC Security Risk Management. To satisfy this requirement, we recommend participants take course ITS101S - Introduction to IT Security Management.

 

Date modified: