Information Security Management Course

Information is the lifeblood of all organizations; without it, they would be severely impacted and ultimately cease to function. Information is knowledge, and knowledge is power.

With an ever-changing climate of technology and threats (both technical and human), the need for trained security personnel to protect our information becomes an increasingly critical evolutionary task.

Information is at risk from many sources, including legal, electronic, physical, internal, and external. It is paramount that security and related management personnel understand the risks, controls, and countermeasures available to secure information and technology within an effective management framework.

Furthermore, this Information Security Management training course will utilize countermeasures, best practices, and management techniques to mitigate electronic and physical risks and enhance an organization's protection.

Duration

5 days.

Who Should Attend

1. Risk Management
2. IT Security and IT Security Auditing
3. Technical IT Management
4. Those with involvement in systems integration and corporate IT development
5. Financial controllers with a technical interest may also benefit from the seminar

Course Objectives

After completion of the course, delegates will have an understanding of the following:

1. Gain knowledge of the concepts relating to information security management (confidentiality, integrity, availability, vulnerability, threats, risks, countermeasures, etc.)
2. Understand the current legislation and regulations that impact information security management
3. Be fully aware of current national and international standards such as ISO 27002, frameworks, and organizations that facilitate the management of information security
4. Understand the current business and common technical environments in which information security management has to operate
5. Gain knowledge of the categorization, operation, and effectiveness of controls of different types and characteristics

Course Outline

Module 1:   Overview of Information Security

1. What is Information Security?

2. Examples of Information Security Incidents

3. What is Information Security Management?

4. Human Aspect of Information Security

5. Social Engineering

Module 2:  Information Security for Server Systems

1. Attacks on Personal Computers and Smartphones and countermeasures

2. Information Security Risk Management

3. What is the Risk Management process?

4. Identifying Information Assets

5. Identifying Security Risks and evaluation

6. Risk Treatment

Module 3:  Security Risk Management as an Organization

1. Information Security Governance

2. Information Security Management System (ISMS)

3. Information Security Policy, Standards, and Procedures

4. Information Security Evaluation

5. Security Incident Response

Module 4:  Information Security and Cryptography

1. Requirements for Secure Communication

2. What is Cryptography?

3. Classic and Modern Cryptography

4. Common Key Cryptography algorithms: DES, Triple DES, AES

5. Problems of Key Distribution for Common Key Cryptography

Module 5:  Data Integrity and Digital Signature

1. Integrity of Data

2. Hash Function

3. Digital Signature

4. Public Key Certificate and Public Key Infrastructure (PKI)

5. Certificate Authority

Related Courses

1. Formulating ICT security policy Course
2. Zoho Analytics Course
3. Web Design for Beginners using HTML5 + CSS3 + Bootstrap Course
4. Windows server 2012 for System Administrators Course
5. Essential Principles and Skills for ICT Managers Course
6. Mastering Cloud Storage Course

Course Administration Details

Methodology

The instructor-led training is delivered using a blended learning approach and comprises presentations, guided sessions of practical exercise, web-based tutorials, and group work.

Our facilitators are seasoned industry experts with years of experience, working as professionals and trainers in these fields.

All facilitation and course materials will be offered in English. Therefore, the participants should be reasonably proficient in English.

Accreditation

Upon successful completion of this training, participants will be issued an IRES certificate certified by the National Industrial Training Authority (NITA).

Training Venue

The training will be held at our training centres.

The course fee covers the course tuition, training materials, two break refreshments, and lunch.

All participants will additionally cater to their travel expenses, visa application, insurance, and other personal expenses.

In addition to our virtual training, we offer training in Kenya (Nairobi, Mombasa, Kisumu, Nakuru, and Naivasha) and in the following locations:

1. Dubai - United Arab Emirates
2. Cairo - Egypt
3. Cape Town, Johannesburg, and Pretoria - South Africa
4. Dar-es-Salaam, Zanzibar, and Arusha - Tanzania
5. Kigali - Rwanda
6. Accra - Ghana
7. Kampala - Uganda

Accommodation and Airport Transfer

Upon request, we can arrange accommodation and airport transfer.

For bookings and reservations, kindly contact us on:

• Email: [email protected]
• Phone: +254715 077 817

Tailor-Made Program

Upon request, we can also customize this training to suit your needs or your institution's. 

You can have it delivered virtually, face-to-face at our training centres or at a convenient location.

For further inquiries, please contact us.