Events 

 
Admin
Risk-Based Approach to IT Infrastructure Security & Control Assessments
 Description
  Register Now »  

Session Highlights 

Key information security governance controls, including a risk-based approach to design, operation and assessment of security and controls are critical to ensuring that an organization’s information assets are adequately protected to prevent compromise.  

This session will discuss a risk-based approach to assessment of security and control in the following areas:

  •  Configuration Management Controls
  •  Security Configuration Standards
  •  Build Processes 
  •  Patch and Change Management Processes
  •  Security Event Monitoring 
  •  Vulnerability Assessment & Management
  •  Security Compliance Processes

 

1. IT Infrastructure Risk & Control

  • Information Security Governance

  • Security Policy and Standards Framework

  • Mapping IT Infrastructure to Application Systems and Business Processes

  • Security Architecture & Design

  • Risk Assessment Processes

  • Threat and Vulnerability Management

  • Security Compliance Processes

  • Key Security Metrics  

2. Security Standards and Baselines

  • Key Baselines and Security Configuration Standards

3. Security Compliance Process and Control Assessment

  1. Assessment Methodologies and Approaches

  2. Key Assessment Tools

  3. Results Reporting and Management  

     

    The approach to building risk profiles, key controls and assessment methodologies will be discussed   and applied to the following technology environments:

    1. Virtualization Security

         - E.g. VMware

   2. Operating System Security

        - E.g. Windows Server, Linux

   3. Database Security

       - E.g. Oracle, SQL Server

    4. Network Security

        - Network Perimeter, Firewalls

 

Speaker Profile:

John Tannahill, CA, CISM, CGEIT, CRISC, CSXP

John is a management consultant specializing in information security and audit services.

His current focus is on security and control in large information systems environments and networks. Specific areas of technical expertise include Windows and Linux operating system security, network security, database security and cybersecurity.

John is a frequent speaker in Canada, USA, Europe, Africa and Asia on the subject of Information Security.  He is a member of the Institute of Chartered Accountants of Scotland.

 Details
Date & Time: Nov 15, 2018 08:30 AM to
Nov 15, 2018 04:00 PM
[America/Toronto UTC -5]

 

Add to my Calendar
Location: Holiday Inn (Kitchener)
30 Fairway Road S
Kitchener ON
Canada
N2A2N2
 

Get Driving Directions
Registration Closes: Nov 14, 2018 05:00 PM

Event Coordinator:

Admin Support
admin.support@isaca.toronto.on.ca
 Registration Fees
Member Price
CAD
Spaces
Remaining
Registration Fee  
  
$180.00
Yes
 
Non-member Price
CAD
Spaces
Remaining
Registration Fee  
  
$220.00
Yes
 

 
  Register Now »  

Admin

View our Privacy Policy


Powered By GiftTool.com