Session 1: Introduction to COBIT 5 for Information Security
- Overview of COBIT 5 framework
- Detailed overview of COBIT 5 for Information Security, and its components
- Information Security governance vs Information Security management
- An Information Security program: the COBIT 5 for Information Security way
- Why should you choose COBIT 5 for Information Security
Session 2: Detailed understanding of COBIT 5 enablers for implementing information security
- Principles, policies and frameworks
- Processes
- Organisational structures
- Culture, ethics and behaviour
- Information
- Services, infrastructure and applications
- People, skills and competencies
Session 3: (Re)-Aligning your information security initiatives using COBIT 5 for Information Security
- Critical success factors of a successful Information Security program
- Information Security program challenges
- Assessing your Information Security needs
- Enabling change using a life cycle approach
- (Re)-Aligning your Information Security initiatives
Session 4: Implementing or improving an Information Security Management System (ISMS) using COBIT 5 for Information Security
- Overview of ISMS (based on ISO/IEC 27001:2005 requirements)
- Strengths and weaknesses of ISO 270xx series of standards and guidelines
- Identifying an ISMS’ components that doesn’t work
- Applying COBIT 5 for Information Security guidance to implement / improve an ISMS