ISACA’s COBIT® 5 framework provides a comprehensive framework that assists enterprises in achieving their objectives for the governance and management of enterprise IT. COBIT 5 for Information Security builds on the COBIT 5 framework in that it focusses on information security and provides more detailed and more practical guidance for information security professionals and other interested parties at all levels of the enterprise.
This course provides introductory and practical coverage of all aspects of COBIT 5 for Information Security, including its components, enablers and implementation guidance. Using relevant scenarios or case studies, the course will highlight how COBIT 5 for Information Security can be used in parts or holistically in a simple and pragmatic way.
The course will also cover a high level overview of how COBIT 5 for Information Security can be leveraged to implement or improve an Information Security Management System (ISMS), compliant with ISO/IEC 27001 requirements.
Chief Information Security Officers (CISOs), Information Security Managers (ISMs) and other information security professionals who are interested in realigning their Information Security function and / or initiatives will benefit from this course.
Gain a detailed understanding of COBIT 5 for Information Security framework
- Familiarise with COBIT 5 framework and its components
- Understand the differences between information security governance and management of information security.
- Develop the knowledge and skills required to advise organisations on best practices in management of information security
- Acquire the necessary expertise to support an organisation in implementing, managing and improving an Information Security program
- Familiarise the concepts, approaches and guidance required in an effective management of an Information Security Management System (ISMS)
- Understand components of COBIT 5 for Information Security guidance that can be leveraged for an ISMS implementation
Who should attend
This course is designed for anyone responsible for realigning the Information Security function in their organisation and for InfoSec initiatives more broadly. Typically this will include:
- Chief Information Security Officers (CISOs),
- Information Security Managers (ISMs)
- Other Information Security professionals
- Anyone with a direct or overview responsibility for Information Security
Session 1: Introduction to COBIT 5 for Information Security
- Overview of COBIT 5 framework
- Detailed overview of COBIT 5 for Information Security, and its components
- Information Security governance vs Information Security management
- An Information Security program: the COBIT 5 for Information Security way
- Why should you choose COBIT 5 for Information Security
Session 2: Detailed understanding of COBIT 5 enablers for implementing information security
- Principles, policies and frameworks
- Organisational structures
- Culture, ethics and behaviour
- Services, infrastructure and applications
- People, skills and competencies
Session 3: (Re)-Aligning your information security initiatives using COBIT 5 for Information Security
- Critical success factors of a successful Information Security program
- Information Security program challenges
- Assessing your Information Security needs
- Enabling change using a life cycle approach
- (Re)-Aligning your Information Security initiatives
Session 4: Implementing or improving an Information Security Management System (ISMS) using COBIT 5 for Information Security
- Overview of ISMS (based on ISO/IEC 27001:2005 requirements)
- Strengths and weaknesses of ISO 270xx series of standards and guidelines
- Identifying an ISMS’ components that doesn’t work
- Applying COBIT 5 for Information Security guidance to implement / improve an ISMS
Fees A$ per person
- COBIT® 5 for Information Security
- $550 + gst
A basic knowledge of ISACA’s COBIT 5 or COBIT 4.1 frameworks is recommended.
There are no exams associated with this course