| COURSE : CERTIFIED CORPORATE DATA RISK MANAGEMENT PROFESSIONAL | |
|---|---|
| Course Overview | Course is designed to expose attendants to the overall risk management process. Focus is on both the data centre infrastructure and the physical data centre facility and equipment |
| Training Duration | Total Training Hours : 22-24 Hours Training Duration : 1 Week Total Training Days : 5 Working Days |
| Training Schedules | Weekdays (Sunday to Thursday) Regular Sessions : 6 Hrs Per day (9am to 2pm or 3.00pm to 9.00 pm) Food & refreshments Included WeekEnds (Friday & Saturday) Fast Track Sessions: 8 Hours per day (9am to 5pm) Food & refreshments Included |
| Certifications: | 1) Certificate from Laurels Training Institute, Attested by Knowledge & Human Development Authority (KHDA) government of Dubai, UAE - With Online Worldwide recognition facility 2) Certificate from American Institute of Professional Studies (AIPS) from USA (After 15 Days of course Completion which will couriered to the attendees office address) - With Online Worldwide recognition facility |
| Tests | Yes |
| Learning Aids | Yes |
| Course Material | Hard & Soft Copies of Study Material |
| Language of Instruction | English |
| Instructor Helpline | Yes 1. Email 2. Social Media (For Emergency requirements) |
| Registration Requirements | 1. Passport Copy 2. Curriculum Vitae 3. Passport size photographs 4. Course Fee |
| Mode of Payment: | Cash / Cheque / Credit Card / Bank Transfer. |
| Eligibility Criteria (Who should attend this training) | The primary audience for this course is an IT, Facilities or Data Centre Operations professional working in and around the data centre (representing both end-customers and/or service provider/facilitators) and having responsibility to achieve and improve hi-availability and manageability of the Data Centre, such as: Data centre managers, Operations / Floor / Facility managers, IT managers, Information security managers, Security professionals, Auditors / Risk Managers / Professionals responsible for IT/corporate governance. |
| Course Benefits | Understand the different standards and methodologies for risk management and assessment Establish the required project team for risk management Perform the risk assessment, identifying current threats, vulnerabilities and the potential impact based on customized threat catalogues Report on the current risk level of the data center both quantitative and qualitative Anticipate and minimize potential financial impacts Understand the options for handling risk Continuously monitor and review the status of risk present in the data centre Reduce the frequency and magnitude of incidents Detect and respond to events when they occur Meet regulatory and compliance requirements Support certification processes such as ISO/IEC 27001 Support overall corporate and IT governance |
| Course Contents / Outline | "Introduction to Risk Management
Risk management concepts Senior management and risk Enterprise Risk Management (ERM) Benefits of risk management Data Centre Risk and Impact
Risk in facility, power, cooling, fire suppression, infrastructure and IT services Impact of data centre downtime Main causes of downtime Cost factors in downtime Standards, Guidelines and Methodologies
ISO/IEC 27001:2013, ISO/IEC 27005:2011, ISO/IEC 27002:2013 NIST SP 800-30 ISO/IEC 31000:2009 SS507:2008 ANSI/TIA-942 Other methodologies (CRAMM, EBIOS, OCTAVE, etc.) Risk Management Definitions
Asset Availability/Confidentiality/Integrity Control Information processing facility Information security Policy Risk Risk analysis/Risk assessment/Risk evaluation/ Risk treatment Threat/Vulnerability Types of risk Risk Assessment Software
The need for software Automation Considerations Risk Management Process
The risk management process Establishing the context Identification Analysis Evaluation Treatment Communication and consultation Monitoring and review Project Approach
Project management principles Project management methods Scope Time Cost Cost estimate methods Context Establishment
General considerations Risk evaluation, impact and acceptance criteria Severity rating of impact Occurrence rating of probability Scope and boundaries Scope constraints Roles & responsibilities Training, awareness and competence Risk Assessment - Identification
The risk assessment process Identification of assets Identification of threats Identification of existing controls Identification of vulnerabilities Identification of consequences Hands-on exercise: Identification of assets, threats, existing controls, vulnerabilities and consequences Risk Assessment - Analysis and Evaluation
Risk estimation Risk estimation methodologies Assessment of consequences Assessment of incident likelihood Level of risk estimation Risk evaluation Hands-on exercise: Assessment of consequences, probability and estimating level of risk Risk Treatment
The risk treatment process steps Risk Treatment Plan (RTP) Risk modification Risk retention Risk avoidance Risk sharing Constraints in risk modification Control categories Control examples Cost-benefit analysis Control implementation Residual risk Communication
Effective communication of risk management activities Benefits and concerns of communication Risk Monitoring and Review
Ongoing monitoring and review Criteria for review Risk scenarios
Risk assessment approach Data centre site selection Data centre facility Cloud computing UPS scenarios Force majeure Organisational shortcomings Human failure Technical failure Deliberate acts" |