- Overview of Corporate Governance: definition, purposes and associated standards;
- IT Governance, Risk & Compliance: definition, purposes and associated standards;
- Relationship between Corporate versus IT Governance and IT-Business alignment;
- IT Governance Framework and Best Practices;
- IT Strategy, Plans & Objectives; IT Assets and Resources
- A practical approach to implementation of IT Governance Framework;
- IT Delivery Optimization, IT Value, and IT Performance;
- IT legal Environment; Information Management
- IT Risk Management and related standards ISO31000 (Risk Management), ISO38500 (Governance), COBIT (IT Controls), ITIL (Service Delivery), ISO 27001 (Security), and ISO 22301 (Business Continuity Management)
- The regulatory environment, compliance, and the role of the Council of Directors
 The emphasis here will be on information security and especially matters of computer crime, its root causes, and how to deal with these from a strategic approach.
A-14 ISO 27000 & Information Security Risk Management
Global reports indicate a rise in computer-related crime, referred to as cybercrime or computer crime. Consequently, organizations lose billions of dollars annually, $1 trillion in 2013. In Kenya, the banking sector is deemed to have lost KES 5 billion in the same period due to the failure of cybersecurity controls.
Experience shows that organizations with proactive information security approaches reduce the chances of loss due to cybercrime. Information security management offers a systematic approach to address cyber-related risks. The ISO27001 offers a reference and guidance to best practices in information security management.
This course draws upon leading practices in information security management both from practical and theoretical approaches as captured in the standard. It will also draw upon instructors’ extensive experience in the field.
Use the enrollment form below:
Information Technology (IT) is an integral component of modern enterprises. To be effective, auditors need substantial knowledge of technology systems, technology operations, and related risks. This is essential to enable the auditor to make effective assessments of the said risks and necessary controls to help mitigate the risks. Information (cyber) security is a major risk to information to information and technology systems. It is essential for auditors to understand information security issues, the risks thereof, and means of protecting the information.
This course introduces information security concepts and how they relate to audits. Participants will learn information security terminology; principles of information protection, risks associated with information on ICT systems, and mitigation controls. This is in addition to learning to perform information security-related audits
Download and complete the enrollment form below and send it to email@example.com and copy it to firstname.lastname@example.org.
This is an online training and registration is essential; participation details will be shared once payment for the training has been received.
Reshaping Corporate Strategy POST COVID 19
In just six months, COVID-19 has eclipsed nearly every other pandemic on record in the past 150 years, in both size and impact. In addition to the disruption of millions of lives, the economic damage has been, and will be, significant and far-reaching.
To mitigate risk, organizational leaders usually attempt to account for every uncertainty, but recent events present challenges few, if any, boards and executives saw coming. The impact of these events will not be uniform across all organizations, be they private, governmental, or non-governmental. That notwithstanding, most board members, senior managers, and others in leadership positions share the same top-of-mind question — what role can strategy and change management, as a corporate function, play to limit the long-term damage occasioned by the pandemic? Specifically, what role can strategy and change management play in helping the organizations fully appreciate the impact, respond, recover, adapt, and thrive beyond the effects of the pandemic? Further, how can the response, recovery, and adaption ensure future resilience against situations similar to that of COVID-19?
Organizational teams are keeping essential services running to the extent that they can during the pandemic. Meanwhile, it is imperative for the organizational senior leaders, particularly senior strategy executives, to reflect on the lasting implications of COVID-19 and what they can do to best position their stakeholders, their processes, and available technology to recover and thrive in the long term. Certain key shifts in strategic direction, team composition, process re-orientation, and technology retooling can help the senior leadership successfully guide their organizations through the pandemic.
Key activities that an organization’s senior leadership can pursue to help their organization recover from recent events and thrive in the long term include the following:
- Balance the here and now with a long-term view: Review of Key Strategic Objectives vis-a-vis present realities as well as impact of those changes in the future;
- Embrace uncertainty by planning for possible multiple alternate futures: scenario building can help expose potential risks as well as opportunities based on the alternate futures;
- Reconsider what is possible: adaptation of agile processes;
- Elevate the orchestrator role: Who is mandated to look at the organization strategy from a pandemic and continuity nexus perspective;
- Tune into purpose: prioritize and demonstrate purpose and social responsibility in decision making;
- Workforce Adaptation: with respect to the workforce relearn, retool and refocus;
- Agile Change Management Approach Post Covid-19: build agility into the change management process to assure responsiveness to future situations;
- Technology Strategy Review: revisit to assure alignment with pandemic-like situations (e.g. support for remote working);
- Re-engineer risk management processes to be more responsive and relevant COVID-19 like situations: development of relevant key risk indicators, monitoring, and early warning thresholds.
While there is not a one-size-fits-all approach to dealing with recent events, we believe this offers an unparalleled opportunity to create value and positive societal impact rather than simply reverting to the status quo for the university. The university’s senior leadership needs to be equipped to undertake a leading role in shaping the strategic focus of the university in order to stem the long-term negative impact of these events and emerge stronger in the long run.
We would therefore like to invite the senior leadership of the university to a 5-day workshop on reshaping Corporate Strategy Post Covid 19.
Complete the attached training form to enroll in the training:
Business Continuity Management!
Disasters are unpredictable! They happen!
Remember DUSIT2, GARISSA UNIVERSITY COLLEGE? How about WESTGATE?
Only organizations that are prepared to face disasters are likely to survive.
Business continuity management (BCM) is about ensuring continued business operations in the face of a disaster. It is essential for business survival. Proactively managing risks through business continuity planning (BCP) and disaster recovery planning (DRP), based on time-tested management processes, assure sustainability. BCM ensures that your business will remain in operation in the most challenging times, such as unexpected occurrences. It ensures the protection of your personnel, continued essential business processes, and preservation of your reputation.
This course offers BCM concepts including business continuity, emergency management, crisis management, and business recovery. Participants will learn how to identify and define problems, plan, respond and recover from disasters. Attendees will further learn how to establish BCM systems in organizations based on global standards such as ISO 22301, ISO 31000, and ISO 27001.
Expose participants to existing and emerging practices in BCM, specifically:
- Examine the “why, what, when, how, and who” aspects of BCM
- Establish the relevance of BCM and BCM practices in an enterprise
- Develop practical steps towards BCM management systems in your enterprise
- Demonstrate how to plan, test, and implement business continuity and disaster recovery
 Also available for in-house training; contact us for terms and pricing.
The trainer was articulate and training was relevant to the business.
The training was very effective.
Very good delivery & presentation; very energetic & good knowledge of the subject. Excellent work!
Complementary instructors! Superb for ease of understanding!
Very practical and very relevant examples given.
Well planned, very interesting and learnt a lot.
The training met my expectations.
The presentation and its references were pertinent and useful.
Practical nature of the topics and their relevance to the business
Excellent practical exercise on disaster recovery and crisis communications
The course is important to our company
The training objectives for each topic were identified and followed
Proactive Risk Management is core to organizations’ survival
An Enterprise Risk Management (ERM) approach is the most effective means of risk management
Risk management has emerged as a well-entrenched discipline that should be an important part of every organization. With changing times, however, traditional risk management techniques are not sufficient to comprehensively address organizations’ risks. Organizations need to adopt, define, implement, and maintain an enterprise risk management (ERM) approach that ensures comprehensive risk management across the organization.
ERM is a process by which organizations identify measure, manage, and disclose all key risks to enhance organizations’ value to stakeholders. ERM pertains to (a) considering risk from all sources (financial, strategic, and operational); (b) measuring the integrated impact of multiple risks occurring simultaneously; (c) aggregating exposures to the enterprise level; and (d) integrating risk information into strategic planning, based on the organization’s risk appetite.
This course draws from leading practices as captured in standards and application to managing risk in enterprises, including the COSO framework, ISO 31000, and ISO 22301, ISO9001:2015 among others.
Expose participants to existing and emerging practices in ERM, specifically:
- Examine the “why, what, when, how, and who” aspects of ERM
- Establish the relevance of ERM and ERM practices in an enterprise
- Develop practical steps towards ERM management systems in your enterprise
- Demonstrate how to plan, develop and implement an Enterprise Risk Management Framework
- Discuss risk-based approach in ISO9001:2015 and demonstrate tools for QMS automation thereof
 Also available for in-house training; contact us for terms and pricing.
Download full course description:
Complete the following enrollment form and send it to email@example.com