Onsite (Ivey Training Centre) or Online (provide email address)
Training Delivery Method: On-site, instructor-led course; or online, instructor-led course, or hybrid class
Prerequisites: Some background in information security or IT audit, information risk management, or IT controls.
What Problem Does This Training Help Solve?
This overview class is most appropriate for those whose day-to-day responsibilities involve procuring, securing and managing cloud environments or purchased cloud services. In other words, you are heavily involved or going to be involved with the cloud computing.
Who Should Attend? Enterprise Architects, Security Administrators, Systems Engineers, Security Architects, Security Consultant, Security Engineers, Security Managers, Systems Architects, cloud consultants
Course Material: Content-rich manual/course handouts consisting of about 170 slides
Organizations have been moving to the cloud because it brings value. While it brings value, it also creates information risks such as security risk, regulatory compliance risk, discovery risk, BC risk, data loss, end of life data purge, chain of custody of evidence, key management, data loss, interoperability, portability, and many more. These risks must be identified, assessed, mitigated, and monitored. Three cloud architectures – IaaS, PaaS, SaaS come with different capabilities, and different risk management plans. Some of these risks are the responsibility of cloud service provider (CSP), and in other cases it is the customer who is responsible. But in either case, customer is the one who is accountable in all these cases. This one-day seminar will discuss different cloud models, their capabilities, and their risk mitigation plans.
Course Syllabus: In this one-day course, professionals will learn the following topics:
11. Architectural Concepts & Design Requirements: IaaS, PaaS, SaaS
12. Cloud Computing Governance
13. Cloud computing risks- security, discovery, key management, business continuity, data loss, chain of custody, end of life data purge, portability, interoperability
14. Responsibilities of service provider and customer
15. Contractual considerations and obligations
16. Cloud Data Security
17. Cloud Platform and Infrastructure Security
18. Cloud Application Security
19. Operations considerations
20. Legal and Compliance Issues
Director of Education, Jay Ranade: CIA, CRMA, CGEIT, CRISC, CISA, CISM, CISSP, ISSAP, CBCP, HCISPP
Jay Ranade, a certified CISA, CISM, CISSP, ISSAP, CGEIT, CRISC, CIA, CRMA, and CBCP is a New York City-based management consultant and internationally renowned expert on computers, communications, disaster recovery, IT Security, and IT controls. He has written and published 37 IT-related books covering networks, security, operating systems, languages, systems, and more. He also has an imprint with McGraw-Hill called J. Ranade IBM Series, which includes over 300 titles with 7 million copies in print. His publications have been translated into several languages including German, Portuguese, Spanish, Korean, Japanese, and Mandarin. He is also the author of The New York Times critically acclaimed book, The Best of Byte. He is currently working on a number of books on various subjects such as Audit, IT Security, Business Continuity, Blockchain, and IT Risk Management. Jay has consulted and worked for Global and Fortune 500 companies in the U.S. and abroad including: American International Group, Time Life, Merrill Lynch, Dreyfus/Mellon Bank, Johnson & Johnson, Unisys, McGraw-Hill, Mobiltel Bulgaria, and Credit Suisse. He was a member of ISACA International's Publications Committee from 2005 to 2007, and he currently serves as a member and advisor to the New York Metropolitan InfraGard, a partnership between the FBI and private sector institutions to safeguard America’s national infrastructure from hostile attacks. He has been a speaker at the Federal Reserve Bank of New York on Global Financial Infrastructure Protection, and he maintains FBI-certified confidential-level clearance.
Jay also teaches graduate-level classes on Information Security Management, Operational Risk Management, and Ethical Risk Management at New York University, and Accounting Information Systems, IT Auditing, Operational Risk Management, Advanced Fraud Examination, and Internal Auditing at St. John’s University. Jay is senior faculty member at Wharton Executive Education, U of Penn.
President of ISACA New York Metropolitan Chapter awarded him “Best Educator” Award in June 2013.
Profile of Risk Management Professionals Intl. (RMPI)
With over a decade of experience consulting and teaching for marquee clients including Big Four accounting firms and Fortune 500 companies, RMPI has earned a reputation as a leader in business consulting and education. Risk Management Professionals Intl. led by Jay Ranade, renowned IT security expert and best-selling author, was formed to equip our clients with knowledge, tools, and certifications to address the growing and complex arena of IT Risk, IT Security, and IT Controls.
Risk Management Professionals Intl. provides expertise in the latest techniques and methods in curriculum development, training delivery, and training process management, which gives us the edge in shaping IT leaders who are well-prepared to mitigate the information security threats of tomorrow.
Risk Management Professionals Intl.’s certified trainers are knowledgeable practitioners who can teach technology as well as process. Our students learn to apply what they learn in the classroom to real-world challenges; they are not just memorizing facts to pass a certification exam. With Risk Management Professionals Intl., our clients know they have a partner they can trust to support their training objectives and the development of their staff throughout their careers.
Our information security, risk management, governance, and audit training courses have been designed by Jay Ranade; they combine theoretical knowledge with interactive classroom demonstrations and hands-on exercises to instill in-depth knowledge. This approach to information security training, based on real-world scenarios, provides students with the tools to proactively defend against information security threats and optimize and protect their company’s business assets.
Please Note: There is a cancellation policy in effect