Information security

Information Security in Financial and Credit Institutions

Course code: BTA-101

Title: Information Security in Financial and Credit Institutions

Course length: 8 (eight) academic hours / 6.50 CPE Hours

Audience: Managers and deputies in companies starting to implement information security, information security department specialists, information technology department specialists, novice information security specialists

Preliminary requirements: knowledge of the basics of industry legislation and international standards in the field of information security, understanding of the principles of operation and construction of data transmission network topologies, types and types of industrial devices for protection, processing, storage, and transmission of information

Course program:

  • Basics of understanding information security
    • Information security as an organizational management process
    • The goal of modern information security: not protection “at all costs,” but risk and damage reduction.
    • The place of modern information security in the corporate governance structure
  • Current requirements in the field of information security
    • Overview of national requirements
    • Overview of international standards, requirements, and recommendations
    • International best practices in information security
    • Criminal and administrative liability for offences in the field of information security
  • Preservation of institutional and corporate memory, traces, evidence and achievements in the field of information security
    • Documentation is important
    • Overview of key information security processes, a typical list of documents recommended for use in FKU
      • Information security policy
      • Regulations of the departments of information technology and security
      • Organizational risk management
      • Availability, continuity, and recovery operations management
      • Human resources security and access management
      • Personal data management and protection
    • Principles of technical information protection
      • Ensuring a comprehensive approach to information protection
      • Overview of technical means of information security
      • Overview of the architecture of the corporate local network and the locations of technical means of information security
    • Common mistakes in the development and operation of information systems
      • Errors in the implementation of information systems
      • Errors in the development (in-source) of software
      • Errors in the operation and maintenance of information systems, equipment, and software and hardware complexes
      • Ways to minimize risks when planning security deficiencies
    • The process of implementing information security in an institution
      • Where to start with information security implementation
      • Assessment of the maturity and current state of information security
      • Key aspects of information security management in the absence of conflicts of interest between business, IT, and information security

We are using cookies

We use cookies on our website to make your browsing experience better and to continually improve our website. To find out what cookies are, which ones we use and why, please see our cookie policy statement. If you continue to use our website, we will assume that you are happy with the cookies we use. You can manage your cookie preferences at any time through your chosen browser settings.