Managing Information Security Risk with OCTAVE and CRAMM

 Open Enrollment Offerings
Open enrollment offering of this course has not been scheduled currently. This course may be offered by arrangement at customer sites. E-mail training@businessbeam.com or call +92-21-34559076, 34316494 for details.


REGISTER ONLINE  or  CONTACT NEAREST CENTER


Introduction
Risk Management is the most important and core step for implementing ISO 27001 based information security management system. Various methodologies are used for managing risks effectively.

The objective of this two days course is to provide participants with the necessary skills to conduct Risk Management. This course introduces two most comprehensive and widely used methodologies OCTAVE and CRAMM to the participants.

CRAMM provides a staged and disciplined approach embracing both technical (eg. IT hardware and software), and non-technical (e.g. physical and human) aspects of Information security. It is developed by OGC UK.

OCTAVE is a risk-based strategic assessment and planning technique for security. OCTAVE is self-directed, meaning that people from an organization assume responsibility for setting the organization’s security strategy. It is developed by the Software Engineering Institute (SEI).


Contents
  • Introduction to Risk Management
    • Risk Management Overview
    • Risk Assessment
    • Risk Mitigation
    • Evaluation and Assessment

  • CRAMM Methodology
    • Introduction to the CRAMM Approach
    • CRAMM Stages
      • Asset identification and valuation
      • Threat and vulnerability assessment
      • Countermeasure selection and recommendation

  • OCTAVE Methodology
    • introduction to the OCTAVE Approach
    • review of OCTAVE Method
      • identify critical assets and the threats to those assets
      • identify the vulnerabilities that expose those threats
      • develop an appropriate protection strategy for the organization's mission and priorities

    • tailor the OCTAVE Method to meet your organization's needs
    • OCTAVE-S processes and activities


Benefits
Participants will gain:
  • knowledge of all the aspects of Risk Management
  • understanding of OCTAVE methodology and the key characteristics of the process
  • understanding of CRAMM methodology
  • Skills to perform Risk Management using OCTAVE and CRAMM Methodology


    Recommended Participants
    This course is highly valuable for:
  • Risk Managers
  • IT Security professionals
  • Management staff responsible for management of information security Risk
  • Individuals who would like an in-depth understanding of OCTAVE and CRAMM


    Materials Provided
  • Course reference manual containing copy of course slides, support documents, exercises, and their solutions
  • Course Certificate


    Duration and Timings
    Two days, 9:30 AM to 5:30 PM


    Course Fee
    Rs.  20,000 per participant


    Questions about this Course?
    Please see our Frequently Asked Questions section for answers to some of the more common inquiries about Business Beam’s Executive Training Programme.


    Note: Mentioned details are tentative. Business Beam (Pvt.) Limited reserves the right to change the schedule, cost and other details without any prior notice.
    		•

    Download Company Profile
    PDF Format

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     



    Enter your work E-mail:
      © 2004 - Business Beam (Pvt.) Limited. All rights reserved. Privacy Policy