Date : 28 –30 September, 2010
BACKGROUND
This course deals with how IT helps to achieve an appropriate balance between realizing opportunities for gains while minimizing losses. It is an integral part of good management practice and an essential element of good corporate governance. It is an iterative process consisting of steps that, when undertaken in sequence, enable continuous improvement in IT decision-making and facilitate continuous improvement in IT performance.
OBJECTIVES
IT risk management course covers how to establish an appropriate infrastructure and culture and apply a logical and systematic method of establishing the context, identifying, analyzing, evaluating, treating, monitoring and communicating IT risks associated with any activity, function or process in a way that will enable organizations to minimize losses and maximize gains. At the completion of this course, the participants should be able to :
- Conceptualize organizations risk management within IT processes
- Identify and analyze risks within IT operations and understand the implications to the whole business operation
- Improve IT operation risk level thru the application and implementation of IT risk management methodology and best practices
- Support the attainment of organizational business objectives by providing comprehensive perspective of IT risk management to the executive management of the organization
- Plan to implement tool for identifying, analyzing, eradicating and communicating the risks within the cycle of risk management
SYLLABUS
Segment 1: Risk Management Introduction
The segment defines Process of identifying vulnerabilities and threats to the information resources used by an organization in achieving business objectives and deciding what countermeasures.
Segment 2: Risk Management Processes
The participants learn to recognize the following issues in the risk management processes such as:
- Identification and classification of information resources or assets that need protection
- Assess threats and vulnerabilities and the likelihood of their occurrence Identification and classification of information resources or assets that need protection
- Assess threats and vulnerabilities and the likelihood of their occurrence.
Segment 3: Risk Indicators
This segment shall describe on the need of IT risk management to operate at multiple levels with divesified risk indicators including:
- Operation: risks that could compromise the effectiveness of IT systems and supporting infrastructure
- Project: risks management needs to focus on the ability to understand and manage project complexity
- Strategic: the risk focus shifts to considerations such as how well the IT capability is aligned with the business strategy.
Segment 4: Loss Event Database
The segment shall describe to the participants on intentional and unintentional action that causes data loss, and highlight on organizational responsibility such as:
- Preventing data loss
- Recovery from data loss
- Cost of data loss.
Segment 5: Effective Risk Management
This segment shall describe to the participants how to establish effective risk management program that covers:
- Establish purpose of the risk management program
- Assign the responsibility for the risk management
Segment 6: Risk Management Maturity
This segment shall describe the road-mapping of risk management as related to IT processes; the framework will be based on the CMM maturity level concept.
Segment 7: IT Risk Management
This segment shall describe on the Information Technology risk management which is part of the organization IT governance encompassing such as: the identification, assessment, and prioritization of IT operation risks, and followed by coordinated and economical application of IT resources to minimize, monitor, and control the probability and/or impact of unfortunate events.
Segment 8: Cases
IT risk management cases
AUDIENCE TARGET
- Managers involved and related in the IT operations
- IT staff and executives involved in risk management and business process improvement
- Information technology professionals involved in projects that are concerned, in part, with the automation of business processes
- IT professionals especially from companies regulated to implement risk management and IT risk management such as banks and state-owned enterprises.
DURATION
3 (tiga) hari, 08.30 – 16.30
TRAINING METHOD
Pelatihan ini menggunakan metode interaktif, dimana peserta dikenalkan kepada konsep, diberikan contoh aplikasinya, berlatih menggunakan konsep, mendiskusikan proses dan hasil latihan.
- 50% Theory
- 50% Practices
- Dynamic and interactive training presentation.
VENUE
Grand Seriti Hotel Bandung / Banana Inn Hotel and Spa Bandung
TRAINING INVEST
Investment/Person : Rp 5.150.000,-
Early Bird : Rp 4.850.000,- (Paid 5 days Before 28 September 2010)
Group Price : Rp 13.500.000,- (3 participants from the same company)
TRAINER PROFILE
Fauzi Hasan, DR, Ir. MM, MBA, PMP, CISA, CISSP, SSCP, CISM, CMPP, CSCP, CGeIT, APICS, ITIL, CEP-PM, APICS,
Having vast experience in the project management area with areas of exposure such as: banking IT & Telco, manufacturing, Oil and Gas industries, enhanced with application of business process improvement procedure in line with CMMI methodology; while also delivering consultancy in IT strategy and audit, and supplemented with direct involvement in the setting up of BCP and DRP complementing the establishment of DRC for local Indonesian banks and government institutions.
Business development and sales executive experienced in direct operational involvement in the information technology and telecommunication services. Major focus in satellite-VSAT/DMV/ ISBN and wireless OFDM, CDMA and embryonic form of 3G services, while having vast experiences for combined Telco solutions with diversified media and technology platforms applied in diversified Industry.
Strong exposure and with hands on knowledge of business process re-engineering and information technology implementation specializes in Enterprise Resource Planning cushioned with telecommunication network. During the exposures has presented deliverables such as:
- Project management for Bank, telecommunication industry, Oil &Gas
- CMMI application and Information system audit implementation
- Set up Telco services business for Oil and Gas
- Set up project management services and IT application services business in the Oil and Gas Industry sector
- Set up and expand the VSAT DMV services to major Oil industry
- Set up TETRA radio telecommunication business (NOKIA) in Indonesia, especially with Police dept and the TNI, and other government agencies
- Developed a strategy to implement IT application especially the ERP supporting the business processes in the area of logistics and supply chain management
- Initiated and developed a strategic alliance with a global computer company to design and market GIS system products
- Manage strategic corporate accounts at government institutions and major private organizations on hardware, software and telecommunication services
- Implement eTOM deployment in Saudi Telcom (STC), extensive exposure in process decomposition, and conducted BPAM and ITIL training to STC staffs
- Lecturer in IT governance and certified project management professional and in IT security, also supply chain management
- Develop and introduce the Integrated Logistics Services or Third Party Logistics to the Indonesian industrial community (Singapore Technology Logistics)
- Ran organization as a business within a business based on a custom driven philosophy, by introducing new concepts, programs and direction to increase productivity and efficiencies.
- Proven marketing and sales ability in closing management services different countries
- Negotiated and dealt with executives of multinational on various aspects of business ventures.
- Develop the Disaster Recovery Services business plan and execute with local and regional partners (SingTel)
- Develop and implement strategy for the implementation of SISKOMDAGRI project-telecommunication networking of the Minister of Internal Affairs
- Set up implement strategy for Telecommunication services business (Telco)
- Set up Intelligent Video Network/ IVN business with Scopus International in Indonesia
Strong strategic thinker, planner, and problem solver with leadership quality for achieving bottom-line goals, including managing multi-disciplinary, cross-cultural teams toward a common purpose.
Conceived and marketed a new trend and concept of Third Party Logistics facilitate clients with outsourcing the logistics and supply chain activities in the direction of generating efficiency and productivity as related to Oil and Gas industry. Developed and implemented programs for corporate accounts and the channels for the hardware and application systems as catalyst to the business acceleration and achievement at Hewlett-Packard.
