Professional Documents
Culture Documents
O B J E C T I V E S
describe the fundamentals of BNM GPIS 1 apply security and control measures that are aligned to BNM GPIS 1 evaluate an effective and/or efficient implementation of the guideline consider possible security implementation concerns
Introduction
Purpose and scope of guidelines Structure of the document Comparisons with other sources of infosecurity guidelines
Board of directors Senior management IT steering committee IT strategic planning Organisation structure Internal controls Policies and procedures Documentation Information confidentiality and ownership Manpower and training Code of ethics System availability Business resumption and contingency plan Project management IT sourcing management Internal audit and audit committee
K E Y T O P I C S
System Security
Policy procedures and awareness Authentication management Log-in control Logical access Activity monitoring Data and database controls Application controls Encryption
System Development
Project management Standards and procedures Program change management Testing Program migration Source codes conversion and maintenance Post implementation review Data integrity
K E Y T O P I C S
Operations
Standards and procedures Maintenance of computer centre Monitoring of operational activities Emergency procedures
Communication Network
Standards and procedures Network design Network operations Access controls Activity monitoring
Organisational planning Business impact analysis Contingency planning Testing, validation and continuous improvement
T A R G E T
A U D I E N C E
Managers, officers and personnel of financial institutions responsible for IT governance, information systems security, compliance and audit.
A P P R O A C H
S P E A K E R
Auditor (CISA United States of America), Certified Information Systems Security Practitioner (CISSP ISC2 United States of America). He was formerly a Managing Consultant heading the Technology Risk Services team, PricewaterhouseCoopers, Malaysia. He is currently an independent systems security advisor and Director of Ixaris Sdn Bhd. Ronald has over 13 years of experience in Europe and Asia in the review, design and implementation of trusted security systems with specialisation in trusted systems, networking and telecommunications. He was involved in numerous IT security reviews within the resource protection services industry and e-business systems implementations for various commercial and government organisations. Ronald has worked on security and control assignments using a number of leading-edge technologies in a variety of industries and environments. He is also a regular trainer for Institut Bank-Bank Malaysia and has spoken at other conferences for the Information Systems Audit and Control Association (ISACA) and the Asia Business Forum.
Monday Tuesday, 13 14 April 2009 9.00 am 5.00 pm Institut Bank-Bank Malaysia Wisma IBI, 5 Jalan Semantan Damansara Heights 50490 Kuala Lumpur Office attire STF Member : RM750 IBBM Member : RM1,250 Non-Member : RM1,500 The above fee includes programme materials, lunch and refreshments. Payment of fees must be made BEFORE commencement of the programme.
A D M I N I S T R A T I V E D E T A I L S
Attire Fee
Monday, 30 March 2009 Kindly contact Suhaifie / Rahmat at 03-2095 8922 (ext 166 / 142). Participation is limited to 16 pax on a first-come-first-served basis. IBBM reserves the right to decline any nomination, without the obligation of providing any reason. Confirmation of participation is by way of official notification from the Institute. The Executive (Learning Solution 3) Institut Bank-Bank Malaysia Wisma IBI, 5 Jalan Semantan Damansara Heights 50490 Kuala Lumpur Fax : 03-2095 7822 Email : lead@ibbm.org.my The intensive nature of IBBM programmes requires the participants full undivided attention and attendance at all sessions. Participants should be free of their professional obligations for the duration of the programme.
Commitment to programme
Notice of withdrawal: Unless written notice of withdrawal is received before the closing date of the programme, the full fee is still due in the event of non-attendance. The Institute accepts replacement(s), which must be in writing, prior to the programmes commencement date. However, no substitution of participant(s) will be allowed for the duration of the programme. The Institute reserves the right to make changes to the schedules, venue or cancel the event altogether.
REGISTRATION FORM
Chinese
Indian
Others
Fax
Participant 2
Name New NRIC No. (Mandatory) Individual Membership No. (if any) Ethnic Group Please tick () where appropriate Designation and Department Email Name of Organisation Address of Organisation Bumiputra Malay Bumiputra Others
FEE Please make bank draft/cheque payable to INSTITUT BANK-BANK MALAYSIA. Please include additional RM0.50/0.03% of the amount, whichever is higher, for outstation draft/cheque. Payment of fees must be made BEFORE commencement of the programme
Chinese
Indian
Others
Bank Draft/Cheque No
RM
Tel Fax
Please complete and return this form to the Institute before 30 March 2009