Achieving Governance, Risk and Compliance Requirements with HISP Certification Course

Transcription

1 Achieving Governance, Risk and Compliance Requirements with HISP Certification Course in corporation with

2 A unique information security and regulatory compliance certification course that provides IT security professionals with the best practices required to limit the risk of security and regulatory breaches. Certification Course Overview The HISP Training & Certification program is managed by the HISP Institution and was created to address the current shortage of skilled Information Security and Compliance professionals. HISP Institute promotes a holistic approach to information security program management by providing certification opportunities in information security, information assurance and governance. HISP Certification course is the only integration course that provides practical education on the integration of best practices for Information Security Management, Information Systems Auditing and multiple Regulatory Compliance requirements and how to map multiple regulatory requirements to the internationally accepted best practices framework of ISO/IEC 17799:2005 and the ISO/IEC 27001:2005 standard. The class covers the mapping of ISO/IEC 17799:2005 with COBIT, COSO and ITIL then explains a methodology to map regulations such as UK Data Protection Act, EU Directive on Privacy, HIPAA Security, FFIEC, GLB Act, FISMA (NIST /FIPS 200), Sarbanes-Oxley Act (Security), FACT Act, PCI Data Security (Visa CISP), California SB-1386, Canadian Bill C- 198, OSFI, PIPEDA, PIPA, PHIPA to the ISO 17799:2005 framework. The organizer BESECURE has been certified as an Authorized Training Partner for the region from efortresses Inc, which is the author of the HISP Certification Courseware.

3 Target Audience The certification course is addressed to: Staff tasked with the implementation and management of an ISO 17799:2000 or ISO 27002:2005 Information security management system (ISMS). Staff tasked with ensuring compliance with UK Data Protection Act, EU Directive on Privacy, HIPAA Security, SOX Security, FFIEC, GLBA, California SB1386, FACT Act, PCI Data Security, NIST , OSFI, PIPEDA, PIPA, Canadian Bill C-168 and other regulations. Information Security Consultants or Third Party Auditors. Auditors (External and Internal). Information Security Officers. IT Managers/Directors. Privacy/Compliance Officers from all industries. About HISP designation HISP designation is gaining international recognition from the industry with hundreds of attendants and certified professionals registered on a series of public and private certification courses being delivered in Europe and USA. The HISP designation means that: The professional has a good grounding in International best practices for Information Security & Audit Governance as well as general IT Governance i.e. ISO 27002, ITIL, CobiT and COSO. The professional takes a Holistic risk management approach to Information Security. The professional is a hybrid Information Security professional, well balanced between technical and business skills. The professional can function effectively in the capacity of a CISO, CCO by tackling the challenge of Information Security as a business concern that is not solved by technology alone, but by People, Process and Technology. The professional is able to map International best practices of IS , ITIL, CobiT and COSO to current and future regulatory compliance requirements.

4 About HISP Institute Holistic Information Security Practitioner (HISP) Institute (HISPI) is an independent certification organization consisting of volunteers that are true information security practitioners, such as Chief Information Security Officers (CISOs), Information Security Officers (ISOs), Information Security Managers, Directors of Information Security, Security Analysts, Security Engineers and Technology Risk Managers from major corporations and organizations. HISPI promotes a holistic approach to information security program management by providing certification opportunities in information security, information assurance and governance. The objectives of HISPI include: To bridge the current gap between existing professional certification programs by proactively promoting the need to develop comprehensive and holistic information security programs amongst information security, audit and compliance professionals representing various sectors internationally. To promote cost-effective training and certification to information security, audit and compliance professionals, particularly Public Sector and Higher Education employees, where budget constraints can be a barrier to obtaining such quality training and certification. To provide a vendor neutral forum that will facilitate the sharing of knowledge, ideas and other positive initiatives for enhancing the current state of information security in various sectors internationally. To research and develop an integrated system for widely accepted best practice frameworks that are applicable to Information Security such as ISO/IEC 27002, ISO/IEC 27001, COBIT, COSO, ISO/IEC (ITIL), NIST Guidelines, FIPS 200 (NIST ). To foster collaborative efforts across various sectors internationally, particularly government, law enforcement and commercial sector. To foster a positive code of ethics amongst information security, audit and compliance professionals. To reduce the cost of meeting legal, regulatory and contractual requirements pertaining to information security, across various sectors internationally. In addition to the existing partnership with British Standards Institute (BSI) Americas, to also partner and collaborate with other reputable organization.

5 Information about HISP Certification Course delivered on November 2007 The course took place from 26 to 30 of November 2007, in Metropolitan Hotel, Athens, Greece. The course instructor was Mr. Taiye Lambo CISSP, CISA, HISP, BS 7799 Certified Auditor. Taiye Lambo is a Security subject matter expert in the area of Information Security Governance; with years of experience in design & implementation of Intrusion detection and prevention systems, Honeypots, Computer Forensics, Ethical Attack & Penetration Testing, Biometric Identification, Network Security Architecture, Information security governance. Indicative list of Companies Attended Event Sponsors Accredited by

6 Information about HISP Certification Course delivered on April 2008 The course took place from 14 to 18 of April 2008, in Hellenic American Union Venue, Athens, Greece. The course instructor was Mr. Taiye Lambo CISSP, CISA, HISP, BS 7799 Certified Auditor. Indicative list of Companies Attended Event Sponsors Accredited by In corporation with

7 Pictures from previous HISP Events Certification Class Training Sponsors Presentations

8 What others say about HISP Certification Training The instructor provided a comprehensive view of the material making the ISO27002:2005 crystal clear but also providing all the practical tips necessary for a successful implementation. This course was a great investment of my time as it provided a huge amount of knowledge, Senior Security Consultant, Microsoft Hellas HISP has a complete roadmap (to information security) It was a very comprehensive presentation that ended with exam and certification possibility, CSO, Corinth Pipeworks HISP Training is focusing on business needs Operations and Controls Manager, ABN AMRO Bank I liked the step by step approach and the real life scenarios IT Manager, Carrefour Group The training course had a methodical approach in all aspects. It is really a Holistic Security Training Course, Head of Security, G4S I liked the instructor knowledge about the subject of the training, Information Security Officer, Alpha Private Bank Very knowledge instructor, huge experience from real life situations / examples, his ability to illustrate subjects through experience was excellent Senior Security Consultant, Head of IT, Consolidated Constructors Company Interaction between students and the trainer was very valuable Senior Risk Analyst, ABN AMRO Approaching a complex issue such as security and compliance is not an easy task. This course provided me with high level overview of what is out there and clarified several aspects around compliance also, Strategy Consultant, Microsoft Hellas I liked the mapping of the existing standards (ISO27001,COSO, COBIT,ITIL) with the support of examples, practical case studies & discussions, Internal Auditor, Bank of Greece The instructor had valuable extensive experience that he did not mind sharing TUV Austria ISO Auditor Sample list of Certified HISP Professionals in Greece - HELLENIC COMPETITION COMMISSION - TUV AUSTRIA - CONSOLIDATED CONTRACTORS - BANK OF GREECE -CARREFOUR -LETO HOSPITAL - MICROSOFT HELLAS - SOCIATE GENERALE - EMPORIKI BANK - CORINTH PIPEWORKS SA - CETELEM BANK - ABN AMRO BANK

9 in corporation with