|
¡@
|
¡@ |
 |
 |
|
|
| ¡@ |
Certified
Information Systems Security
Professional (CISSP) |
| Certified Information Security Manager, CISM |
|
 Certified
Information Systems Security Professional (CISSP) and Certified
Information Security Manager (CISM), awarded by The International
Information Systems Security Certified Consortium, ISC2, and
Information Systems Audit and Control Association, ISACA, accordingly,
are two internationally recognized certifications which demonstrate a
very high standard on the competency of IT security managers in an
all-round way, implying his or her brilliant capability in
constructing, implementing, controlling and managing the operation as
well as security of the information system of the whole corporation.
 Training
will be divided into two parts, 60 hours for CISSP and 21 hours for
CISM training. It is eligible for applying Continuing Education Fund
(CEF).
|
|
|
Who should get CISSP and CISM
certifications?
|
 |
Information
system auditors |
|
IT
managers |
|
Infrastructure
managers / planners |
|
System
analysts |
|
Security
consultants |
|
Anyone
who is looking for a better career advancement in IT governance |
|
|
| Prerequisites |
|
Degree
Holder or above
4 years of professional IT security experience in at least one of the
ten domains of the IS security CBK |
|
Non
Degree Holder
5 years of professional IT security experience in at least one of the
ten domains of the IS security CBK |
|
|
|
Certified Information Systems
Security Professional, CISSP (60 hours)
|
|
| Exam Structure |
|
6-hour
examination |
|
250
multiple choices |
|
|
|
Topics Covered
(10 test domains of the information security Common Body of Knowledge,
CBK)
|
| Access
Control Systems & Methodology |
Operations
Security (Computer) |
| Applications
&Systems Development |
Physical
Security |
| Business
Continuity & Disaster Recovery Planning |
Security
Architecture & Models |
| Cryptography |
Security
Management Practices |
| Law,
Investigation & Ethics |
Telecommunications
& Network Security I&II |
|
|
More information: http://www.isc2.org
|
|
|
Certified Information Security
Manager, CISM (21 hours)
|
|
| Exam Structure |
|
4-hour
examination |
|
200
multiple choices |
|
|
|
Topics Covered
|
| Information
Security Strategy |
Information
Security Management |
| Risk
Management |
Response
Management |
| Information
Security Program Management |
|
|
|
More information: http://www.isaca.org
|
|
| Programme Highlights |
|
81 Hours
instructor-lead professional training (60 hours CISSP and 21 hours CISM) |
|
| Qualified
and experienced trainer |
| - |
CISSP,
CISM, CISA, FCRP, CRT, CF-ITIL, CPM, CT-CLE, APSNY, FHKCS, MHKLA, MBA,
BSc.(Hons.) |
| - |
Over
24 years experience in Information System Security & Audit, IT
Service Management, Project Management, Logistics, Supply Demand Chain
Management, and Business Crisis & Risk Management etc |
| - |
President
of ICRM, Advisor of IAPPM and Organizing Committe member of itSMF |
| - |
Co-Founder
of Professional Information Security Association (PISA) |
| - |
Articles
and praises writer |
|
|
|
|
|
| ¡@ |
| Certified
Information Systems Auditor
(CISA) |
|
 Certified
Information Systems Auditor (CISA ®) designation is
awarded by
the Information Systems Audit and Control Association (ISACA), which is
the only globally recognized standard of achievement throughout the IT
audit and control community since 1978. It assures a positive
reputation as a qualified IS audit, control and/or security
professional and certifies individuals who demonstrate proficiency in
today's most sough-after skills.
|
| ¡@ |
|
Why should you get CISA certification?
"In
four years CISA can say to a potential employer, "I have sound IS audit
knowledge and experience." CISA gives candidates an edge in the
market." Robert Coles, CISA; KPMG, United Kingdom
|
| ¡@ |
| Content Areas |
| Topic 1: IS Audit Process |
| IS
Audit Standards, Guidelines and Best Practices |
Conduct
Audits |
| Risk-Based
IS Audit Strategy Development and Implementation |
Communicate
Audit Results |
| Audit
Planning |
Control
Self-Assessment |
| Information
Gathering Technique |
CoBIT |
|
|
|
| Topic 2: IT Governance |
| IT
Governance Framework |
Contract
Management Practices |
| Essential
Element of IT Strategies, Policies, Standards and Procedures |
Balanced
Scorecards |
| Quality
Management |
Privacy,
Intellectual Property and Corporate Governance Requirements |
| Management
Organization, Role and Responsibility |
IT
HR Management |
| International
IT Standards and Guideline |
Resource
Investment |
| Risk
Management |
|
|
|
|
| Topic 3: Systems and Infrastructure Lifecycle |
| System
and Infrastructure Development and Acquisition Processes |
System
Development Methodologies and Tools |
| Project
Management Framework |
Quality
Assurance Methods |
| Control
Mechanisms for Systems and Infrastructure |
Testing
Processes Management |
| System
and Infrastructure Migration |
Data
Conversion Tools, Techniques and Procedures |
| Review
of Systems and Infrastructure Internal Control |
Software
and Hardware Certification and Accreditation Practices |
|
|
|
| Topic 4: IT Service Delivery and Support |
| SLA
Practices |
Problem
and Incident Management Practices |
| Operations
Management |
Functionality
of the IT Infrastructure |
| Data
Administration Practices |
Database
Administration Practices |
| Capacity
and Performance Monitoring Tools and Techniques |
Software
Licensing and Inventory Practices |
| Change,
Configuration and Release Management Practices |
System
Resiliency Tools and Techniques |
|
|
|
| Topic 5: Protection of Information Assets |
| Logical
Access Controls |
Security
Devices, Protocols, and Techniques |
| Network
Infrastructure Security |
IDS,
Firewall, Encryption Algorithm, PKI and Virus Detection |
| Environmental
Controls |
Security
Testing and Assessment Tools |
| Physical
Access Controls |
Data
Classification Schemes |
| Confidential
Information Assets Handling Procedures |
Voice
Communications Security |
| Attack
Methods and Techniques |
Wireless
Technologies Threat |
| Incident
Response |
|
|
|
|
| Topic 6: Business Continuity and Disaster
Recovery |
| Data
Backup Processes, and Practices |
Testing
of BCP & DRP |
| Business
Impact Analysis |
Human
Resources Management Practices |
| Development
of BCP & DRP |
BCP
& DRP Activation Processes |
| Maintenance
of BCP & DRP |
Options
for Alternate Processing Facilities |
|
|
|
| Topic
7: Examination Drill |
|
|
| Prerequisites |
| Degree Holder |
| - |
3
years Professional IS auditing, control or security work experience |
| Non Degree Holder |
| - |
5 years
Professional IS auditing, control or security work experience |
|
|
| Examination Structure |
| - |
4-hour
examination |
| - |
200
multiple choices questions |
|
|
|
Program
Highlights |
|
Awarded
by the Information Systems Audit and Control Association (ISACA) |
|
Only
certification program globally recognized throughout the IT audit and
control community |
|
38 hours
instructor-led workshop |
|
All
course materials included |
|
Experienced
and qualified lecturer - ACo-founder of Professional
Information Security Association (PISA), CISSP, CISA, CEH, CHFI, CFSA,
MHKCS, MIEEE, MACM, MICRM, APSNY |
|
Over
15 years work experience in IS Audit and Security Audit |
|
|
| For more information: http://www.isaca.org |
|
|
|
|
Hong Kong's
1st tailor-made IT Security programme is now
available!
IT
security has been receiving much attention due to the devastating
effects brought by minor security loopholes. While there is a soaring
demand for security professionals in the IT market, we are taking part
in bridging the gap of Hong Kong's human resources pool and the market
needs by offering the FIRST 3-in-1 module security
programme - Professional Certificate in Computer Hacking and Forensic
(CCHF).
CCHF
certifies an individual who has mastered the full spectrum of global
and cutting-edge IT security techniques such as the Penetration Test.
Students can enroll into any one of the specific modules(s) without
sequence constraint according to their study needs. They can also
choose to equip all-round IS security profession by completing the
entire Hacking and Forensic programme. |
|
| Who should
get the CCHF certification? |
|
Systems administrators |
|
Systems auditors |
|
Security professionals |
|
IT managers |
|
Banking, insurance and other professionals |
|
Police and other law enforcement personnel |
|
Defense and Military personnel |
|
Legal professionals |
|
Government agencies |
|
Anyone who is concerned about the integrity of network infrastructure |
 |
|
|
|
|
| Programme
Highlights |
|
100%
hands-on lab (36 hours) training provides students in-depth knowledge and
practical experiences with current essential security systems |
|
Efficient way to acquire globally recognized and today's top hacking & forensic techniques |
|
Exclusive corporate case sharing |
|
Tutorial style |
|
Experienced and qualified lecturer: |
|
CISSP, CISA, CEH, CHFI, CFSA, MHKCS, MIEEE, MACM, MICRM, APSNY |
|
Co-founder of Professional Information Security Association (PISA) |
|
IT Advisor of the Cultural Association of Music & Arts |
|
Over 15 years work experience in IS Audit
and Security Audit |
|
Supported Credential:
|
|
After completion, student is eligible to sit for the examination for
the globally recognized and professional hacking & forensic
credential |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
