This session is delivered via live webinar (zoom platform).
NOTE:
As this is a WSQ course, ISCA is required to upload participant’s assessment results in TP Gateway for the generation of e-Certificates (e-Certs). In this regard, ISCA will collect personal information from all participants to facilitate the generation of WSQ e-Certs. For more information, please refer to SSG website HERE.
By signing up for this course, you agree that:
(a) you are at least 21 years old; and
(b) have at least 3 years of working experience; and
(c) have at least intermediate computer literacy skills in operating a computer and access the Internet.
Programme Objective
In view of the changing business environment and the pervasive use of technology, there is greater need for businesses to understand and manage systems related risks. ISCA, with the support of the Singapore Accountancy Commission (SAC), has worked with IT risk experts to develop the ISCA Information Systems Risk Management Certificate programme. The training programme will help to upskill the industry and increase the capabilities of service providers in the area of information systems risk management.
It covers essential knowledge for non-IT professionals to get more insights into IS risk management. Key topics include Enterprise IT Architecture, Network and Information Security Management, IT Service Management, IS Risk Management Framework - covering Risk Identification, Assessment, Treatment, Reporting and Monitoring.
After completing the Certificate programme, learners will be able to:
- Understand information systems security, risks and controls with the aim of managing risks within the organisation
- Understand and apply common IT risk identification, risk assessment and risk mitigation techniques
- Design information system risk management plans
- Identify Key Risk Indicators and Key Performance Indicators to monitor and control IT Risk within the organization
- Progress towards taking the ISACA Certified in Risk and Information Systems Control (CRISC) Certification
Programme Outline
This programme the second series under the ISCA Compliance Certificate Series and is made up of modules as shown in the table below:
| | Series 1: ISCA PDPA Compliance Certificate | Series 2: ISCA Information Systems Risk Management Certificate |
Fundamental
(2 modules)
*Optional | | DGT048v: Cybersecurity Literacy
RM002i: Enterprise Risk Management |
Intermediate
(1 module) | Essentials of Information Systems Risk and Controls (ISRM Part 1) |
Advanced
(1 module) | Information Systems Risk Management (ISRM Part 2) |
Note:
- Participants are recommended to attend the Fundamental modules to obtain a basic understanding of cybersecurity and risk management. Participants who have attended equivalent courses previously or have sufficient understanding/ knowledge of the topics during the course of their work do not need to attend the Fundamental modules. Please refer to the course information for more details.
- Participants are required to take both the Intermediate and Advanced modules of the programme to receive the ISCA Information Systems Risk Management Certificate.
There are two parts to the programme – Intermediate (ISRM Part 1) and Advanced Modules (ISRM Part 2).
Advanced Module - Information Systems Risk Management (ISRM Part 2)
Topics covered in the Advanced Module are:
Day 1
Information Security Risk Management Framework
Risk Identification
Risk Assessment
Risk Treatment
Risk Reporting & Monitoring
(7 CPE hours)
Day 2
Deriving KRIs and KPIs for continuous monitoring
Information Security (IS) Compliance & Audit
Threat intelligence
(7 CPE hours)
Training Methodology
Live Webinar with both formative and summative assessment components.
Participants will be required to complete an assessment at the end of each day’s class.
Closing Date for Registration
1 week before programme or until full enrolment of 20 pax.
Intended For
- Advisory and audit professionals in professional service firms looking to enhance their knowledge or skills in information systems risk management.
- Accountants in business who are involved in risk identification and management within their organisation and would like to deepen skillsets in the area of information systems and controls.
- Non-IT professionals who would like to gain an understanding on information systems risk, risk management and controls
Schedule & Fees
Testimonial
Funding
Course Reference Number: TGS-2022013521
You may click here for more information on the funding schemes, funding eligibility criteria and their respective application process. Terms and conditions apply.
NTUC Union Training Assistance Programme (UTAP)
UTAP (Union Training Assistance Programme) is an individual skills upgrading account for NTUC members.
To find out more on the UTAP funding and support validity period please click here.
Should you have queries on the funding scheme, you can email to UTAP@e2i.com.sg or call NTUC Membership Hotline at 6213-8008
Programme Facilitator(s)
This session is delivered via live webinar (zoom platform).
NOTE:
As this is a WSQ course, ISCA is required to upload participant’s assessment results in TP Gateway for the generation of e-Certificates (e-Certs). In this regard, ISCA will collect personal information from all participants to facilitate the generation of WSQ e-Certs. For more information, please refer to SSG website HERE.
By signing up for this course, you agree that:
(a) you are at least 21 years old; and
(b) have at least 3 years of working experience; and
(c) have at least intermediate computer literacy skills in operating a computer and access the Internet.
Programme Objective
In view of the changing business environment and the pervasive use of technology, there is greater need for businesses to understand and manage systems related risks. ISCA, with the support of the Singapore Accountancy Commission (SAC), has worked with IT risk experts to develop the ISCA Information Systems Risk Management Certificate programme. The training programme will help to upskill the industry and increase the capabilities of service providers in the area of information systems risk management.
It covers essential knowledge for non-IT professionals to get more insights into IS risk management. Key topics include Enterprise IT Architecture, Network and Information Security Management, IT Service Management, IS Risk Management Framework - covering Risk Identification, Assessment, Treatment, Reporting and Monitoring.
After completing the Certificate programme, learners will be able to:
- Understand information systems security, risks and controls with the aim of managing risks within the organisation
- Understand and apply common IT risk identification, risk assessment and risk mitigation techniques
- Design information system risk management plans
- Identify Key Risk Indicators and Key Performance Indicators to monitor and control IT Risk within the organization
- Progress towards taking the ISACA Certified in Risk and Information Systems Control (CRISC) Certification
Programme Outline
This programme the second series under the ISCA Compliance Certificate Series and is made up of modules as shown in the table below:
| | Series 1: ISCA PDPA Compliance Certificate | Series 2: ISCA Information Systems Risk Management Certificate |
Fundamental
(2 modules)
*Optional | | DGT048v: Cybersecurity Literacy
RM002i: Enterprise Risk Management |
Intermediate
(1 module) | Essentials of Information Systems Risk and Controls (ISRM Part 1) |
Advanced
(1 module) | Information Systems Risk Management (ISRM Part 2) |
Note:
- Participants are recommended to attend the Fundamental modules to obtain a basic understanding of cybersecurity and risk management. Participants who have attended equivalent courses previously or have sufficient understanding/ knowledge of the topics during the course of their work do not need to attend the Fundamental modules. Please refer to the course information for more details.
- Participants are required to take both the Intermediate and Advanced modules of the programme to receive the ISCA Information Systems Risk Management Certificate.
There are two parts to the programme – Intermediate (ISRM Part 1) and Advanced Modules (ISRM Part 2).
Advanced Module - Information Systems Risk Management (ISRM Part 2)
Topics covered in the Advanced Module are:
Day 1
Information Security Risk Management Framework
Risk Identification
Risk Assessment
Risk Treatment
Risk Reporting & Monitoring
(7 CPE hours)
Day 2
Deriving KRIs and KPIs for continuous monitoring
Information Security (IS) Compliance & Audit
Threat intelligence
(7 CPE hours)
Training Methodology
Live Webinar with both formative and summative assessment components.
Participants will be required to complete an assessment at the end of each day’s class.
Closing Date for Registration
1 week before programme or until full enrolment of 20 pax.
Intended For
- Advisory and audit professionals in professional service firms looking to enhance their knowledge or skills in information systems risk management.
- Accountants in business who are involved in risk identification and management within their organisation and would like to deepen skillsets in the area of information systems and controls.
- Non-IT professionals who would like to gain an understanding on information systems risk, risk management and controls
Programme Facilitator(s)
