The current training offered by our training partner Transformists Network, caters to:
- Professionals who wish to appreciate or embark into cyber security.
- Security professional who is or will be leading or taking a senior management role or senior technical role in ensuring enterprise governance is achieved with corporate, security and IT governance.
For the QISP® examination based on BOK 2.0, it covers 22 core topics across six core domains in the Singapore-centric BOK 2.0:
- Governance & Management
- Physical Security, Business Continuity & Audit
- Security Architecture and Engineering
- Operation & Infrastructure Security
- Software Security
- Cyber Defence
The learning objectives for the 5-day course are as follows,
Understand and attain knowledge in the various areas:
- Enterprise governance
- Risk analysis and management
- Security controls
- Security principles and lifecycle
- Business continuity planning
- Develop and Implement Security goals, objectives, strategies and programmes
- Maintain and Review Security operations
Module 1: Governance and Management
- Review of Business alignments and Enterprise goals, objectives and business strategy
- Cybersecurity risk management principles and practices
- Risk management and the Cybersecurity framework
- Understand Security components and control
- Roles and Responsibilities
- Alignment of Security goals and business strategy
- Review of Enterprise goals, objectives and strategy
- Review of Standards and Expectations of Security services
Module 2: Physical Security, Business Continuity and Audit
- Overview of implementing site and facility security controls, designing sites and facilities, and generally protecting things from physical threats.
- Design, develop, implement and document scope and plan Business Impact Analysis (BIA) and BCM
- Understand information system audits, develop and conduct, different types of IS audits and what happens during and after the audit.
Module 3: Security Architecture & Engineering.
- Overview of how Cryptography helps to implement Security services
- Understand the importance of various security components interface with each other providing the essential structure to support the strategy
- Review standards and framework that can be used as a model or reference to achieve the Security architecture
- Establish a Business Justification of offering a new, change or retiring of Security Services
Module 4: Operation and Infrastructure Security.
- Establish relationship with stakeholders to ensure security services are relevant to requirements
- Establish a business justification of offering a new, change or retiring of Security services
- Understand and support detection, respond and recovery in Security lifecycle
- Operate and maintain detective and preventative measures
- Design and implement secure infrastructure in network, endpoint components and cloud
Module 5: Software Security
- Understand and integrate security in the Software Development Life Cycle (SDLC)
- Identify and apply Security by Design
- Define and apply secure coding guidelines and standards
Module 6: Cyber Defence
- Overview on Threat intelligence, Vulnerability management and Penetration testing