Skip to content Skip to navigation

SMU Certificate in IT Risk, Governance and Security (IBF Level 1)

Curriculum

Governance and Management Oversight 

  • Principles of governance & enterprise risk management
  • IT governance & risk considerations
  • Key governance operations, documents & risk management policies 

Managing Contingency Risk

  • Business continuity plan (BCP) vs Disaster recovery plan (DRP)
  • Recovery time objectives (RTO) & recovery point objectives (RPO)
  • Business impact & RTO

Internal Controls

  • Preventive, detective & corrective controls
  • Types of control & their limitations
  • Technology risk management guidelines

Cyber Risk, Threats & Vulnerabilities

  • Vulnerability element – operating system, application, database & network
  • Threat source & categories
  • CIA framework – confidentiality, integrity & availability

Cyber Security Components

  • Technical safeguard
    • AAA concept
    • Encryption
    • Firewalls
    • Malware protection
    • Application design
  • Data safeguards
    • Access control
    • Logging
    • Data loss prevention
    • Penetration testing
    • Security analyzers
  • Human safeguards
    • account administration
    • password management

Cyber Security Frameworks & Standards

  • CoBIT 5, ISO, ITIL, NIST, etc
  • Key regulations – MAS Technology Risk Management (TRM) Guidelines
  • Security standards baseline review

Cyber Security Attack & Defence Modelling

  • Case study

Last updated on 02 Feb 2018 .