Information security and personal data protection

Information security and personal data protection

Participants: Managers and experts for information security (CISO / ISO), personal data protection (DPO), IT managers, IT experts of various profiles, human resources managers, as well as all managers and employees who lead and improve business processes (lawyers, employees in charge of business compliance, etc.) Duration: 2 days (14 hours)

COURSE CONTENT:

1. REGULATORY AND LEGAL OBLIGATIONS
  • Law on Information Security (drafting and revision of the ICT System Security Act), Minimum standards for financial institution information system management, Law on Personal Data Protection, General Regulation on Personal Data Protection (GDPR);
2. INTEGRATED MANAGEMENT SYSTEMS
  • With special reference to ISO 27001 (information security), ISO 22031 (business continuity), ISO 29100 (privacy framework), ISO 31000 (risk management) and ISO 38500 (IT corporate governance);
3. PORTFOLIO, PROGRAM AND PROJECT MANAGEMENT
  • as a basis for the successful implementation of these regulatory requirements with special reference to the establishment of IT strategy, Information Security Strategy and determination of Appetite Risk;
4. COBIT AS A COMPREHENSIVE GLOBALLY ACCEPTED ISACA FRAMEWORK
  • or IT corporate governance and management that offers a holistic methodological approach for successful multidisciplinary implementation and solving various implementation challenges.

Application for Training