Temario del curso
Foundations of Information Security in Public Institutions
- Core security principles and why they matter in government organizations
- Confidentiality, integrity, and availability in daily operations
- Common threats affecting public sector information and digital services
Governance, Policies, and Responsibilities
- Security governance in an institutional environment
- Roles of managers, users, IT teams, service owners, and suppliers
- Policies, standards, procedures, and accountability
Risk Management for Information and Services
- Identifying assets, threats, vulnerabilities, and business impacts
- Basic risk assessment and risk prioritization
- Selecting practical treatments and controls
Information Classification and Data Protection
- Classifying institutional information according to sensitivity and use
- Protecting documents, records, databases, and shared files
- Good practices for storage, transfer, retention, and disposal
Identity and Access Management
- User accounts, authentication, and authorization basics
- Least privilege, separation of duties, and access review
- Managing access requests, changes, and revocation
Secure Use of Systems and Digital Services
- Secure use of email, web systems, remote access, and shared platforms
- Common user errors and how to avoid them
- Practical measures for safer daily operations
IT Service Management Basics and Security Integration
- Relationship between IT services and information security
- Security considerations in service design, delivery, and support
- Service requests, incidents, changes, and basic service documentation
Incident Handling and Service Continuity
- Recognizing security incidents and service disruptions
- Reporting, escalation, containment, communication, and recovery steps
- Backups, recovery planning, and maintaining availability during disruptions
Security Awareness, Compliance, and Improvement
- Recognizing phishing, social engineering, and unsafe behavior
- Working in line with institutional policies, audit needs, and regulatory expectations
- Monitoring controls and identifying practical improvement actions
Practical Workshop and Action Planning
- Reviewing a public sector security and service management scenario
- Identifying risks and proposing service and security improvements
- Creating an action plan for participants' own areas of responsibility
Requerimientos
- Basic understanding of IT concepts, office systems, and the handling of institutional information
- Experience using information systems, email, shared files, and online services in day-to-day work
- No programming experience is required
Audience
- Public sector employees involved in using, managing, or supervising digital information and services
- IT staff, system administrators, and service management personnel in government institutions
- Managers, coordinators, auditors, and compliance personnel responsible for digital security and service quality
Testimonios (4)
El formador fue útil.
Attila - Lifial
Curso - Compliance and the Management of Compliance Risk
Traducción Automática
aprendiendo sobre Basilea
Daksha Vallabh - Standard Bank of SA Ltd
Curso - Basel III – Certified Basel Professional
Traducción Automática
Velocidad de respuesta y comunicación
Bader Bin rubayan - Lean Business Services
Curso - ISO/IEC 27001 Lead Implementer
Traducción Automática
La optimización de riesgos es más clara que los otros temas
Munirah Alsahli - GOSI
Curso - CGEIT – Certified in the Governance of Enterprise IT
Traducción Automática
