Developed in partnership between ISCA Academy and Deloitte, this course is supported by the Cyber Security Agency of Singapore and CyberSG TIG Collaboration Centre as part of CSA's SG Cyber Associates initiative.
Note:
As this is a WSQ-accredited programme, ISCA is required to upload participant’s assessment results to SkillsFuture Singapore (SSG) for the generation of electronic Statement of Attainment (SOA). ISCA will collect personal information from all participants to generate the relevant SOA. For more information, please refer to SSG website HERE.
Participants are requested to bring a laptop for this programme.
This course is designed to equip management-level professionals with a solid understanding of cybersecurity concepts, emerging threats, and resilience strategies in the context of advancing AI technologies. Gain practical knowledge and insights needed to support robust governance, maintain data integrity, and foster resilience against cyber threats, ensuring business continuity and trust.
At the end of this course, you will be able to:
- Identify cybersecurity risks, threats, and vulnerabilities in the organisation;
- Design a cyber risk assessment using the Confidentiality, Integrity, and Availability (CIA) principles;
- Develop a comprehensive cyber risk assessment to ensure robust security within the organisation;
- Identify at least two treatments for mitigating cyber risks, threats, and vulnerabilities in the organisation; and
- Propose ways to implement treatments and security measures to address identified gaps effectively
Programme Outline
Module 1: Cybersecurity risks, threats, and vulnerabilities
- Steps to identify cybersecurity risks, threats, and vulnerabilities and potential related impacts of these risks on the organisation.
- Categories of cybersecurity risks, threats, and vulnerabilities, internal and external threat sources, common vulnerability types.
Module 2: Cyber Risk Assessment
- Frameworks (to design cyber risk assessments) to guide risk identification, analysis, and prioritization based on business objectives, acceptable risk and compliance requirements.
- Concept of acceptable risk, CIA principles (Confidentiality, Integrity, and Availability), PDPA, privacy enhancing techniques.
- Steps to develop a cyber risk assessment that identifies cybersecurity gaps and supports decision-making.
- Techniques to prepare a cyber risk assessment, how this supports making informed cybersecurity decisions.
Module 3: Risk Treatment Plan
- Steps to identify appropriate risk treatment options according to organisation objectives and risk appetite.
- Types of treatments and measures (risk avoidance, mitigation, transfer, or acceptance) to mitigate risks to an acceptable level.
- Practical strategies to implement the selected risk treatments (such as security policies, technical controls, training), continuous monitoring to address security gaps.
Pre-Requisite:
- At least 2 years of relevant working experience in areas such as governance, policy, risk management, IT, or digital strategy.
- Proficient in English (spoken and written).
- Basic understanding of digital technologies and business operations. Prior exposure to cybersecurity or AI concepts is beneficial but not mandatory.
Written Assessment:
Assessment in the form of Case Study and Short Answer Questions
Certificate Issued:
Certificate of Attendance (ISCA Academy x Deloitte)
Upon meeting at least 75% attendance and passing the assessment(s), participants will receive a Certificate of Attendance and Digital Badge from ISCA Academy x Deloitte and 8 CPD hours.
Statement of Attainment (SOA)
Upon meeting at least 75% attendance and passing the assessment(s), participants will receive a SOA from SkillsFuture Singapore (SSG).
Training Methodology*
- Interactive Presentation
- Case Studies
- Discussions
- Didactic Questions
- Assessment
Closing Date for Registration*
1 Week before Programme or Until Full Enrolment.
Intended For
This course is designed for management-level professionals in both the public and regulated private sectors—particularly those involved in policy, governance, risk, compliance, IT, and digital strategy. These professionals are key decision-makers tasked with balancing innovation and security while ensuring operational resilience in a rapidly evolving threat landscape.
Competency Mapping
Category 5 = 8.00 Hours
Schedule & Fees
Date & Time
01 Apr 2026 (9:00 AM - 6:00 PM)
Fee (inclusive of GST)
SGD pricing -
For Members:
$ 784.80
For Non-Members:
$ 784.80
Programme Facilitator(s)
Makarand Kulkarni
Venue
60 Cecil Street
ISCA House
Singapore 049709
Date & Time
05 May 2026 (9:00 AM - 6:00 PM)
Fee (inclusive of GST)
SGD pricing -
For Members:
$ 784.80
For Non-Members:
$ 784.80
Programme Facilitator(s)
Makarand Kulkarni
Venue
60 Cecil Street
ISCA House
Singapore 049709
Testimonial
Funding
1] SSG Training Grant
Funding Period: Until 23 December 2027
Course Ref No.: TGS-2025061161
1a] Company-sponsored Employees
(For Corporate enrolments only) :
If you wish to enrol participants with SSG Funding, please proceed with the following step:
- Step 1: Register for the course online via ISCA Portal. Upon adding to cart, the system will prompt a question “Do you wish to apply for SSG Funding?”, click Yes and input all required information. At the Cart page, please ensure that SSG funding is applied before clicking “Checkout”.
Enterprises/employers are not required to log into TPGateway to submit training grant application. The employee’s enrolment, attendance and assessment records will be submitted by ISCA onto TPGateway. Thereafter, employers will be notified to log into Enterprise Portal for Jobs & Skills (EPJS) to declare necessary information for Absentee Payroll funding.
*Training Grant/Fees shown below are for courses from 1st Jan 2024 onwards.
| | SME Enhanced
·Singapore Citizen or Permanent Resident | Non-SME
·Singapore Citizen or Permanent Resident | Mid Career
·Singapore Citizen
·40 years old and above | Workfare Skills Support (WSS)
·Singapore Citizen
·35 years old and above
-Monthly income of not more than $2,300 |
SSG Training Grant | $504.00 | $360.00 | $504.00 | N.A |
Nett Fees Payable to ISCA (Inclusive of GST) | $280.80 | $424.80 | $280.80 | N.A |
Company can claim the following Absentee Payroll |
Absentee Payroll | Fixed rate at $4.50/hour | 95% of basic hourly salary |
Please note that there will be an administrative fee of $43.60 for any revision of invoice.
Eligibility Criteria:
- Company must be registered or incorporated in Singapore; and
- Applicant is taking the course for the first time; and
- Applicant must be employed, and is either Singapore Citizen or Permanent Resident of Singapore; and
- Applicant must achieve at least 75% attendance, and pass all examinations /assessments; and
- Applicant must be fully sponsored by the Company for all costs associated with the training; and
- Payment has to be made via corporate means (e.g. corporate cheque, corporate GIRO, corporate credit card).
SkillsFuture Enterprise Credit (SFEC) - valid till 30 June 2026
The SkillsFuture Enterprise Credit (SFEC) encourages employers to invest in enterprise transformation and capabilities of their employees. Eligible employers will receive a one-off S$10,000 credit to cover up to 90% of out-of-pocket expenses on qualifying costs for supportable initiatives, over and above the support levels of existing schemes.
Please click HERE for more information.
1b] Self-sponsored Individuals
If you wish to enrol with SSG Funding, please proceed with the following step:
- Step 1: Register for the course online via ISCA Portal. Upon adding to cart, the system will prompt a question “Do you wish to apply for SSG Funding?”, click Yes and input all required information. At the Cart page, please ensure that SSG funding is applied before clicking “Checkout”.
ISCA will apply for Training Grant from SSG in respect of self-sponsored trainees.
*Training Grant/Fees shown below are for courses from 1st Jan 2024 onwards.
| | Mid-Career
·Singapore Citizen
·40 years old and above | Baseline
·Singapore Citizen or Permanent Resident |
SSG Training Grant | $504.00 | $360.00 |
Nett Fees Payable to ISCA (Inclusive of GST) | $280.80 | $424.80 |
Please note that there will be an administrative fee of $42.80 for any revision of invoice.
Eligibility Criteria:
- Applicant must either be a Singapore Citizen or Permanent Resident of Singapore; and
- Applicant must be at least 21 years old; and
- Applicant must achieve at least 75% attendance, and pass all assessments; and
- Applicant is taking the course for the first time.
Workfare Skills Support (WSS) Scheme
From 1 July 2020, the Workfare Skills Support (WSS) Scheme will replace the Workfare Training Support (WTS) Scheme. WSS encourages low wage workers to undertake training that leads to more impactful employment outcomes. Please click HERE for more information.
2] SkillsFuture Credit (SFC)
Funding Period: Until 23 December 2027
Course Ref No.: TGS-2025061161
All Singaporeans aged 25 and above will receive an opening credit of S$500 from the government. You may wish to use your SFC to pay for partial/full ISCA course fees.
On 1 Oct 2020, the Government provided a one-off SkillsFuture Credit Top-up of $500 for all eligible Singaporeans aged 25 or above by 31 Dec 2020. Singaporeans aged 40 to 60 by 31 Dec 2020 will also receive an Additional SkillsFuture Credit (Mid-Career Support) of $500 which can be used for courses under: (i) SGUnited Skills Programme, (ii) SGUnited Mid-Career Pathways Programme – Company Training, and (iii) Career Transition Programmes. This additional SFC (Mid-Career Support) is NOT applicable for use on ISCA courses. (For more information on the SFC scheme, please visit https://www.myskillsfuture.gov.sg/content/portal/en/header/faqs/skillsfuture-credit.html)
If you wish to enrol for the course with SFC Funding, please proceed with the following steps:
- Step 1: You will need to ensure that you have sufficient SkillsFuture Credits in your SkillsFuture Credit account in order to make a successful claim. Please check your SFC account balance here.
- Step 2: Register for the course online via ISCA Portal.
- Step 3: Upon adding to cart, the system will prompt a question “Do you wish to apply for SkillsFuture Credit?”, click “Yes” and input all required information.
- Step 4: At the Cart page, please ensure that SFC funding is applied before clicking “Checkout”.
- Step 5: Upon receiving an email that the programme status is confirmed, please proceed to submit SFC claim on SkillsFuture Portal within 60 days before the course start date and obtain the necessary approval. Please submit SFC claim via SFC portal (https://www.myskillsfuture.gov.sg/content/portal/en/index.html).
Failure to submit claim application and obtain necessary approval before the course start date will result in topping up of the SFC indicated for use. Please note that there will be an administrative fee of $43.60 for any revision of invoice
Programme Facilitator(s)
Makarand Kulkarni
Senior Manager, Audit & Assurance, Deloitte
ACLP, CISO, CISSP, CISA, CISM, CDPSE, AAISM
Makarand has more than 20 years of experience in cybersecurity, specializing in data governance, protection and privacy. He has worked with major organisations across sectors (e.g., financial institutions, health, hospitality and energy) to establish their data protection management programmes.
Makarand played pivotal roles in defining and operationalizing data protection governance frameworks and integrating data protection controls with other IT and security solutions to achieve end-to-end data security.
Apart from hands-on experience in various cybersecurity domains, he has significant experience in developing and delivering multiple cybersecurity education programmes to internal and external audiences.
Developed in partnership between ISCA Academy and Deloitte, this course is supported by the Cyber Security Agency of Singapore and CyberSG TIG Collaboration Centre as part of CSA's SG Cyber Associates initiative.
Note:
As this is a WSQ-accredited programme, ISCA is required to upload participant’s assessment results to SkillsFuture Singapore (SSG) for the generation of electronic Statement of Attainment (SOA). ISCA will collect personal information from all participants to generate the relevant SOA. For more information, please refer to SSG website HERE.
Participants are requested to bring a laptop for this programme.
This course is designed to equip management-level professionals with a solid understanding of cybersecurity concepts, emerging threats, and resilience strategies in the context of advancing AI technologies. Gain practical knowledge and insights needed to support robust governance, maintain data integrity, and foster resilience against cyber threats, ensuring business continuity and trust.
At the end of this course, you will be able to:
- Identify cybersecurity risks, threats, and vulnerabilities in the organisation;
- Design a cyber risk assessment using the Confidentiality, Integrity, and Availability (CIA) principles;
- Develop a comprehensive cyber risk assessment to ensure robust security within the organisation;
- Identify at least two treatments for mitigating cyber risks, threats, and vulnerabilities in the organisation; and
- Propose ways to implement treatments and security measures to address identified gaps effectively
Programme Outline
Module 1: Cybersecurity risks, threats, and vulnerabilities
- Steps to identify cybersecurity risks, threats, and vulnerabilities and potential related impacts of these risks on the organisation.
- Categories of cybersecurity risks, threats, and vulnerabilities, internal and external threat sources, common vulnerability types.
Module 2: Cyber Risk Assessment
- Frameworks (to design cyber risk assessments) to guide risk identification, analysis, and prioritization based on business objectives, acceptable risk and compliance requirements.
- Concept of acceptable risk, CIA principles (Confidentiality, Integrity, and Availability), PDPA, privacy enhancing techniques.
- Steps to develop a cyber risk assessment that identifies cybersecurity gaps and supports decision-making.
- Techniques to prepare a cyber risk assessment, how this supports making informed cybersecurity decisions.
Module 3: Risk Treatment Plan
- Steps to identify appropriate risk treatment options according to organisation objectives and risk appetite.
- Types of treatments and measures (risk avoidance, mitigation, transfer, or acceptance) to mitigate risks to an acceptable level.
- Practical strategies to implement the selected risk treatments (such as security policies, technical controls, training), continuous monitoring to address security gaps.
Pre-Requisite:
- At least 2 years of relevant working experience in areas such as governance, policy, risk management, IT, or digital strategy.
- Proficient in English (spoken and written).
- Basic understanding of digital technologies and business operations. Prior exposure to cybersecurity or AI concepts is beneficial but not mandatory.
Written Assessment:
Assessment in the form of Case Study and Short Answer Questions
Certificate Issued:
Certificate of Attendance (ISCA Academy x Deloitte)
Upon meeting at least 75% attendance and passing the assessment(s), participants will receive a Certificate of Attendance and Digital Badge from ISCA Academy x Deloitte and 8 CPD hours.
Statement of Attainment (SOA)
Upon meeting at least 75% attendance and passing the assessment(s), participants will receive a SOA from SkillsFuture Singapore (SSG).
Training Methodology*
- Interactive Presentation
- Case Studies
- Discussions
- Didactic Questions
- Assessment
Closing Date for Registration*
1 Week before Programme or Until Full Enrolment.
Intended For
This course is designed for management-level professionals in both the public and regulated private sectors—particularly those involved in policy, governance, risk, compliance, IT, and digital strategy. These professionals are key decision-makers tasked with balancing innovation and security while ensuring operational resilience in a rapidly evolving threat landscape.
Competency Mapping
Category 5 = 8.00 Hours
Programme Facilitator(s)
Makarand Kulkarni
Senior Manager, Audit & Assurance, Deloitte
ACLP, CISO, CISSP, CISA, CISM, CDPSE, AAISM
Makarand has more than 20 years of experience in cybersecurity, specializing in data governance, protection and privacy. He has worked with major organisations across sectors (e.g., financial institutions, health, hospitality and energy) to establish their data protection management programmes.
Makarand played pivotal roles in defining and operationalizing data protection governance frameworks and integrating data protection controls with other IT and security solutions to achieve end-to-end data security.
Apart from hands-on experience in various cybersecurity domains, he has significant experience in developing and delivering multiple cybersecurity education programmes to internal and external audiences.