IT governance and security

Protecting your most valuable assets

New for 2012

Financial and other managers in all companies: the largest to the smallest company can be affected by risks to their IT security - all can lose everything if they fall victim.

Find out how IT governance can help your organisation design and implement best practice Information Security Management Systems that deliver identifiable returns on investment. The course will enable you to review your IT risk and security and the practical steps your business can take to reduce this risk. You will discover how to:

• work within the regulatory constraints of the Data Protection Act and PCI DSS
• assess risk - to safeguard your intellectual property including client data
• understand the globally recognised Information Security Management System - ISO27001
• build customer confidence through compliance and regulation
• identify your key assets and their vulnerability status.

Dr Stephen Hill BSc (Hons), PhD, CIIP

Dr Stephen Hill is the managing director of Snowdrop Consulting Ltd, a company with the aim of providing education and consultancy to the private and public sector in fraud risk management, prevention/awareness and data security including ISO 27001, PCI DSS and the Data Protection Act.

Stephen spent 12 years working for a top 25 firm of accountants, heading the Fraud and Forensic Group, leading an expert body advising clients on prevention, detection and recovery of fraudulent assets, working closely with the police, HMRC and private sector.

He is a trustee director of the ICAEW Fraud Advisory Panel and chairs the Cybercrime Working Group with colleagues from SOCA and The Home Office.

Stephen specialises in combating e-crime and fraud with 10 years experience in internet fraud awareness, identity theft, not-for-profit fraud and risk management. He is a certified practitioner (CIIP) for ISO 27001 and performs IT and system reviews for a number of clients and works on guides to fraud detection and prevention for many small to medium enterprises (SMEs) and charities.

This interactive course will use real life case studies and scenarios.

9.00    Registration and coffee

9.30    Introduction; what is IT governance?

10.00  Is our data exposed, and the Data Protection Act.

11.15  Break

11.30 Understanding information security management systems (ISMS) - ISO27001.

12.30 Lunch

1.30 ISO27001 case study.

2.30 An introduction to PCI DSS.

3.00 Break

3.15 Computer forensics - what are the threats and how to work with the police.

4.00 Other IT legislation.

5.00 Close of seminar

6 CPD hours (where applicable)