Professional Training Series 2016
IT RISK MANAGEMENT
Risk management methods, techniques and tools
for managing business risks associated with IT.
isk comes from not
knowing what you are doing!
-Warren Buffet
WHAT DO YOU NEED TO
UNDERSTAND?
IT risk can be any threat to your information
technology, data, critical systems and business
processes.
Risk management, at its core, is a simple concept,
but is often extremely difficult to implement and
maintain. For information technology managers,
its an increasingly important skill.
www.truetech.asia
�Manage IT Risks
Relevant for management students in understanding the
impact of IT Risk to business and the requirement to contain
it. Relevant for technical managers in understanding &
managing risks in the operational environment, and the
impact on the organizational performance.
nformation is one of the most important assets in any organisation irrespective of its
age, size, location or business domain. Technology is the key tool employed in the
management of this asset, but it is not always a tool that itself is managed well. The
increasing use of technology throughout the organisation can empower the organisation
in enhancing the overall ability & efficiency towards achieving its strategic goals, aims
and objectives.
However, technology is not only an enabler of
business goals by providing new opportunities; it
poses significant risks by increasing security
threats in its operation. In addition, the technology
environment is becoming increasingly complex
with ever greater compliance and regulatory
obligations posing a growing challenge to modern
day organizations.
COURSE OBJECTIVES
The objective is to provide students with the
necessary perspective, knowledge and skills to
understand the essential elements and benefits
of applying effective IT risk management.
This practical hands-on training is tailor made for
future risk managers and IT practitioners who
deal with the complexities of IT risk
management, to reduce IT infrastructure and
process cost, and at the same time, quantify and
prioritise IT risks.
Research has shown that IT Risk is an area that noone really wants to take responsibility for the IT
Managers believe that it is an audit function, and
the internal auditors believe that it is an IT
function. However, stakeholders require that the
critical data is secure and that all possibilities for
fraud are minimized and that any loopholes are
closed.
www.truetech.asia
�LEARN NOW ...
AND MANAGE IT RISKS
VALUE PROPOSITION
IT risk is being addressed as a part of Enterprise Risk Management (ERM).
Managing IT risk has its own set of challenges and understanding the
complexity of IT operations is the first challenge.
Secondly, understanding IT risks and their impact on business
objectives is a major concern for the top management.
Case studies, hands on
Traditional risk assessments or audit teams are generally not
work, quizzes will
equipped to handle the IT risks. However, at the same time, pure IT
keep the participants
practitioners cannot handle this as well due to their inability to
active. Course
understand the context, business processes and environment.
material and
A better approach would be to equip the business users/
management with the necessary skill set to understand and assess
references provided
IT risks.
will be of great value.
IT risk management is NOT intended to teach IT, rather it
focuses on the business users who has the responsibility to manage
IT risks (as part of ERM) and equip them with the necessary skill set to ask right
questions to the risk managers.
Tr ainers Profile
KALPAGAM
GIRIDHAR
A dedicated professional with 20+years of technical and
managerial experience in Fortune 500 Banking
Company. Kalpagam holds a Masters degree in
Computer Science from US and qualified for CISA, CISSP,
ABCP, CeH and ISO 27001. She has experience in major
IT delivery compliance and remediation programs such
as enterprise risk analysis, systems management. Her
career highlights are system audit of critical banking
applications and enhancing security besides consulting
to banks & MNCs. Kalpagam designed and delivered
training on Information Security and audit, IT Risk
management, business continuity management etc. at
IDRBT, Indias premier banking technology institute.
An experienced central banker & ITG consultant,
Giridhar has 20+ years of remarkable experience in FSS
& technology domain. He worked on large IT projects of
the Reserve Bank of India, Institute for Development &
Research In Banking Technology and IBM in the areas
of banking applications design & management, payment
systems, BCP & DRP, consulting and executive training.
As an industry consultant for IBM, Giridhar helped the
global clients achieving their IT goals. In the areas of IT
Risk & Governance, he worked closely with the top
management of banks in India towards better ITG & risk
management. An MBA in IS, Giridhar also holds CRISC,
CGEIT, CISA & CAIIB certifications.
www.truetech.asia
