Security is a top priority globally as cyber-attacks have increased in frequency, intensity and severity. It is critical for businesses and organisations to have qualified information security professionals to manage cybersecurity threats and incidents.

To support the development of personnel in this demanding profession since 2010, the Association of Information Security Professionals (AiSP) has been offering its Qualified Information Security Professional (QISP®) Programme. The QISP® examination enables the professionals in Singapore to attest their knowledge in AiSP’s IS-BOK domains.

This special 5-day training program provides an intense environment in preparing participants for the QISP exams based on 2.0.

“QISP” is a registered trademark owned by AiSP and QISP® examination is conducted exclusively by AiSP.

[In partnership with Transformists Network Pte Ltd, the exclusive training partner of AiSP and AI Network360 Pte Ltd]

Full Time

• Professionals who wish to appreciate or embark into Cybersecurity.

• Security Professional who is / will be leading or taking a senior management role or senior technical role in ensuring Enterprise Governance is achieved with Corporate, Security and IT Governance.

5 Days

35 Hours

Module 1:

• Review of Business Alignments and Enterprise Goals, Objectives and Business Strategy
• Cybersecurity Risk Management Principles and Practices
• Risk Management and the Cybersecurity Framework
• Understand Security Components and Control
• Roles and Responsibilities
• Alignment of Security Goals and Business Strategy
• Review of Enterprise Goals, Objectives and Strategy
• Review of Standards and Expectations of Security Services

Module 2: Physical Security, Business Continuity & Audit

• Overview of implementing site and facility security controls, designing sites and facilities, and generally protecting things from physical threats.
• Design, Develop, Implement and document scope and plan Business Impact Analysis (BIA) and BCM
• Understand information system audits, Develop and Conduct, different types of IS audits and what happens during and after the audit.

Module 3: Security Architecture & Engineering.

• Overview of how cryptography helps to implement Security Services
• Understand the importance of Various Security components interface with each other providing the Essential Structure to support the Strategy
• Review Standards and Framework that can be used as a model or reference to achieve the Security Architecture
• Review Standards and Framework that can be used as a model or reference to achieve the Security Architecture
• Establish a Business Justification of offering a new, change or retiring of Security Services

Module 4: Operation & Infrastructure Security.

• Establish relationship with Stakeholders to ensure security services are relevant to Requirements
• Establish a Business Justification of offering a new, change or retiring of Security Services
• Understand and Support Detection, Respond and Recovery Security Lifecycle
• Operate and maintain detective and preventative measures
• Design and Implement Secure infrastructure in Network, Endpoint components and Cloud

Module 5: Software Security

• Understand and integrate security in the Software Development Life Cycle (SDLC)
• Identify and apply Security By Design
• Define and apply secure coding guidelines and standards

Module 6: Cyber Defense

• Overview Threat Intelligence, Vulnerability Management and Penetration Testing