To learn more about additional tracks, click here:Track 1- Audit Track Wednesday, 11/20/19 - Thursday, 11/21/19
Presented
by Leighton Johnson, CISSP, CISA, CISM, Founder and CTO of ISFMT Successfully Implementing and Managing Enterprise Risk Management
Course Description
COSO defines Enterprise Risk Management (ERM) as “a process, effected by an entity’s board of directors, management, and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within the risk appetite, to provide reasonable assurance regarding the achievement of entity objectives.” That sounds rather vague. What does it mean to your organization, and how do you make it happen?
During this course participants will examine risk types, methods for identification of risk, evaluation of risks, mitigating options, and on-going monitoring. This class will help individuals learn and develop the skills necessary to help drive, implement, and execute an effective Enterprise Risk Assessment through the use of lecture, interactive discussion, case studies, best practices, and group exercises.
Learning Objectives
Course Outline
Enterprise Risk Management Basics
Additional Information
Who Should Attend
About the Speaker
Leighton Johnson, CISSP, CISA, CISM, is the CTO of ISFMT (Information Security & Forensics Management Team). He has presented computer security, cyber security and forensics classes and seminars all across the US and Europe. He was regional CIO and Senior Security Engineer for a 450 person directorate within Lockheed Martin Information Systems & Global Solutions Company covering 7 locations within the Eastern and Midwestern parts of the U.S. He is an adjunct instructor of digital and network forensics and incident response at Augusta State University. He has over 36 years’ experience in Computer Security, Cyber Security, Software Development and Communications Equipment Operations & Maintenance; Primary focus areas include computer security, information operations & assurance, software system development life cycle focused on modeling & simulation systems, systems engineering and integration activities, database administration, business process & data modeling. He holds CISM (Certified Information Security Manager), CISSP (Certified Information Systems Security Professional), CIFI (Certified Information Forensics Investigator) CSSLP (Certified Security Software Lifecycle Professional), CMAS (Certified Master Antiterrorism Specialist) and CISA (Certified Information Systems Auditor) credentials. He has taught CISSP, CISA, CISM, DIACAP, Digital and Network Forensics, and Risk Management courses around the US over the past 7 years. He has presented at EuroCACS 2010, ISMC 2007, ISMC 2006, CyberCrime Summit 2007, multiple year presentations for OPNET Technologies international conferences, INFOSEC WORLD 2005, multiple presentations for military and civilian conferences for customers and clients worldwide.
|