Overview of IT security risk management: A lifecycle approach - ITSG-33

Course ITS104S

Description

To avoid the effects of threats that can compromise CompromiseThe intentional or unintentional disclosure of information, which adversely impacts its confidentiality, integrity, or availability. the confidentiality ConfidentialityThe ability to protect sensitive information from being accessed by unauthorized people. , integrity IntegrityThe ability to protect information from being modified or deleted unintentionally or when it’s not supposed to be. Integrity helps determine that information is what it claims to be. Integrity also applies to business processes, software application logic, hardware, and personnel. or availability AvailabilityThe ability for the right people to access the right information or systems when needed. Availability is applied to information assets, software, and hardware (infrastructure and its components). Implied in its definition is that availability includes the protection of assets from unauthorized access and compromise. of their activities, departments need to perform security risk management on their IT assets and information systems. This online course provides a high-level appreciation of the ITSG-33 concepts and processes and the benefits in managing IT-related security risks to departmental business activities. Learners will be exposed to the main security-related questions upon which ITSG-33 is based and given information on a range of aspects where ITSG-33 can help in managing IT security risks.

Objectives

  • Business needs for IT security risk management
  • Essential questions
  • Overview of the ITSG-33 process
  • Benefits of the ITSG-33 approach

Target audience

This activity has been designed for functional specialists in information technology management, functional specialists in security, senior managers and senior executives in the Public Service of Canada.

Date modified: