This session is delivered via live webinar (zoom platform).
NOTE:
As this is a WSQ course, ISCA is required to upload participant’s assessment results in TP Gateway for the generation of e-Certificates (e-Certs). In this regard, ISCA will collect personal information from all participants to facilitate the generation of WSQ e-Certs. For more information, please refer to SSG website HERE.
By signing up for this course, you agree that:
(a) you are at least 21 years old; and
(b) have at least 3 years of working experience; and
(c) have at least intermediate computer literacy skills in operating a computer and access the Internet.
Programme Objective
In view of the changing business environment and the pervasive use of technology, there is greater need for businesses to understand and manage systems related risks. ISCA, with the support of the Singapore Accountancy Commission (SAC), has worked with IT risk experts to develop the ISCA Information Systems Risk Management Certificate programme. The training programme will help to upskill the industry and increase the capabilities of service providers in the area of information systems risk management.
It covers essential knowledge for non-IT professionals to get more insights into IS risk management. Key topics include Enterprise IT Architecture, Network and Information Security Management, IT Service Management, IS Risk Management Framework - covering Risk Identification, Assessment, Treatment, Reporting and Monitoring.
After completing the Certificate programme, learners will be able to:
- Understand information systems security, risks and controls with the aim of managing risks within the organisation
- Understand and apply common IT risk identification, risk assessment and risk mitigation techniques
- Design information system risk management plans
- Identify Key Risk Indicators and Key Performance Indicators to monitor and control IT Risk within the organization
- Progress towards taking the ISACA Certified in Risk and Information Systems Control (CRISC) Certification
Programme Outline
This programme is the second series under the ISCA Compliance Certificate Series and is made up of modules as shown in the table below:
| | Series 1: ISCA PDPA Compliance Certificate | Series 2: ISCA Information Systems Risk Management Certificate |
Fundamental
(2 modules)
*Optional | | DGT048v: Cybersecurity Literacy
RM002i: Enterprise Risk Management |
Intermediate
(1 module) | Essentials of Information Systems Risk and Controls (ISRM Part 1) |
Advanced
(1 module) | Information Systems Risk Management (ISRM Part 2) |
Note:
- Participants are recommended to attend the Fundamental modules to obtain a basic understanding of cybersecurity and risk management. Participants who have attended equivalent courses previously or have sufficient understanding/ knowledge of the topics during the course of their work do not need to attend the Fundamental modules. Please refer to the course information for more details.
- Participants are required to take both the Intermediate and Advanced modules of the programme to receive the ISCA Information Systems Risk Management Certificate.
There are two parts to the programme – Intermediate (ISRM Part 1) and Advanced Modules (ISRM Part 2).
Intermediate Module - Essentials of Information Systems Risk and Controls (ISRM Part 1)
Topics covered in the Intermediate Module are:
Day 1
Introduction to Risk Management
Risk Management & Governance
Enterprise Risk Management
Enterprise IT Architecture
Operating Systems
Application Software
Enterprise Networking
(7 CPE Hours)
Day 2
Network Control Design and Implementation
Firewalls, IDS & IPS
Authentication, Access Control, Accounting
Project & Risk Management
Outsourcing Risk Management
Incident Handling & Business Continuity
(7 CPE Hours)
Day 3
Control Practices and Metrics
Configuration Management
Patch Management
Change Management
Vulnerability Management
(7 CPE Hours)
Training Methodology
Live Webinar with both formative and summative assessment components.
Participants will be required to complete an assessment at the end of each day’s class.
Closing Date for Registration
1 week before programme or until full enrolment of 20 pax.
Intended For
- Advisory and audit professionals in professional service firms looking to enhance their knowledge or skills in information systems risk management.
- Accountants in business who are involved in risk identification and management within their organisation and would like to deepen skillsets in the area of information systems and controls.
- Non-IT professionals who would like to gain an understanding on information systems risk, risk management and controls
Schedule & Fees
Testimonial
Funding
1] SkillsFuture Credit (SFC)
Funding Period: Until 31 May 2024
Course Reference Number: TGS-2022013611
You may click here for more information on the funding schemes, funding eligibility criteria and their respective application process. Terms and conditions apply.
2) NTUC Union Training Assistance Programme (UTAP)
UTAP (Union Training Assistance Programme) is an individual skills upgrading account for NTUC members.
To find out more on the UTAP funding and support validity period please click here.
Should you have queries on the funding scheme, you can email to UTAP@e2i.com.sg or call NTUC Membership Hotline at 6213-8008
Programme Facilitator(s)
This session is delivered via live webinar (zoom platform).
NOTE:
As this is a WSQ course, ISCA is required to upload participant’s assessment results in TP Gateway for the generation of e-Certificates (e-Certs). In this regard, ISCA will collect personal information from all participants to facilitate the generation of WSQ e-Certs. For more information, please refer to SSG website HERE.
By signing up for this course, you agree that:
(a) you are at least 21 years old; and
(b) have at least 3 years of working experience; and
(c) have at least intermediate computer literacy skills in operating a computer and access the Internet.
Programme Objective
In view of the changing business environment and the pervasive use of technology, there is greater need for businesses to understand and manage systems related risks. ISCA, with the support of the Singapore Accountancy Commission (SAC), has worked with IT risk experts to develop the ISCA Information Systems Risk Management Certificate programme. The training programme will help to upskill the industry and increase the capabilities of service providers in the area of information systems risk management.
It covers essential knowledge for non-IT professionals to get more insights into IS risk management. Key topics include Enterprise IT Architecture, Network and Information Security Management, IT Service Management, IS Risk Management Framework - covering Risk Identification, Assessment, Treatment, Reporting and Monitoring.
After completing the Certificate programme, learners will be able to:
- Understand information systems security, risks and controls with the aim of managing risks within the organisation
- Understand and apply common IT risk identification, risk assessment and risk mitigation techniques
- Design information system risk management plans
- Identify Key Risk Indicators and Key Performance Indicators to monitor and control IT Risk within the organization
- Progress towards taking the ISACA Certified in Risk and Information Systems Control (CRISC) Certification
Programme Outline
This programme is the second series under the ISCA Compliance Certificate Series and is made up of modules as shown in the table below:
| | Series 1: ISCA PDPA Compliance Certificate | Series 2: ISCA Information Systems Risk Management Certificate |
Fundamental
(2 modules)
*Optional | | DGT048v: Cybersecurity Literacy
RM002i: Enterprise Risk Management |
Intermediate
(1 module) | Essentials of Information Systems Risk and Controls (ISRM Part 1) |
Advanced
(1 module) | Information Systems Risk Management (ISRM Part 2) |
Note:
- Participants are recommended to attend the Fundamental modules to obtain a basic understanding of cybersecurity and risk management. Participants who have attended equivalent courses previously or have sufficient understanding/ knowledge of the topics during the course of their work do not need to attend the Fundamental modules. Please refer to the course information for more details.
- Participants are required to take both the Intermediate and Advanced modules of the programme to receive the ISCA Information Systems Risk Management Certificate.
There are two parts to the programme – Intermediate (ISRM Part 1) and Advanced Modules (ISRM Part 2).
Intermediate Module - Essentials of Information Systems Risk and Controls (ISRM Part 1)
Topics covered in the Intermediate Module are:
Day 1
Introduction to Risk Management
Risk Management & Governance
Enterprise Risk Management
Enterprise IT Architecture
Operating Systems
Application Software
Enterprise Networking
(7 CPE Hours)
Day 2
Network Control Design and Implementation
Firewalls, IDS & IPS
Authentication, Access Control, Accounting
Project & Risk Management
Outsourcing Risk Management
Incident Handling & Business Continuity
(7 CPE Hours)
Day 3
Control Practices and Metrics
Configuration Management
Patch Management
Change Management
Vulnerability Management
(7 CPE Hours)
Training Methodology
Live Webinar with both formative and summative assessment components.
Participants will be required to complete an assessment at the end of each day’s class.
Closing Date for Registration
1 week before programme or until full enrolment of 20 pax.
Intended For
- Advisory and audit professionals in professional service firms looking to enhance their knowledge or skills in information systems risk management.
- Accountants in business who are involved in risk identification and management within their organisation and would like to deepen skillsets in the area of information systems and controls.
- Non-IT professionals who would like to gain an understanding on information systems risk, risk management and controls
Programme Facilitator(s)
