Technology Risk Management Masterclass

In a digital-first world, Information Technology risks are among the most critical threats organizations face. Cybersecurity breaches, system failures, and technological disruptions can severely impact business continuity and reputation. This masterclass empowers professionals with a deep understanding of IT risk management principles, frameworks, and best practices essential to safeguarding IT assets and aligning technology risks with organizational goals.

Through interactive sessions, real-life case studies, and practical tools, participants will learn to design, implement, and maintain robust IT risk management frameworks that drive resilience, governance, and compliance in today’s complex technological environment.

Overview

Target Audience

This program is designed for:

• IT risk managers and cybersecurity professionals

• IT governance and compliance officers

• Internal auditors and control specialists focused on IT risk

• Business continuity and disaster recovery planners

• Senior management and board members overseeing IT risk

• IT project managers and system developers

• Professionals seeking comprehensive knowledge of IT risk management

Detailed Course Schedule

Day 1: Foundations of IT Risk Management and Governance

Morning Session

• Role and importance of risk management in IT

• Overview of risk management and ISO 31000:2018 framework

• Risk assessment process: identification, analysis, evaluation, treatment

• Establishing risk context and monitoring & review

• Business value and benefits of managing IT risk

• Definition and importance of IT risk management

• Types of general and criminal IT threats

• Case Study 1: FAA System Failure 2023

• Team breakout & brainstorming on IT risk capability development

Afternoon Session

• Managing IT risks: key requirements and planning

• Risk management controls and best practices for security culture

• IT risk management process steps

• Governance roles: Board and Senior Management responsibilities

• Policies, standards, and procedures for IT risk

• Asset and third-party service management

• Competency reviews and security awareness training

• Practical steps to manage IT risk

• Case Study 2: Marriott Hotel System

• Team breakout: lessons learnt and proposed solutions

Day 2: Developing IT Risk Capability and Strengthening Control Infrastructure

Morning Session

• Role of System Development Life Cycle (SDLC) and Security-By-Design

• System Requirements Analysis, Design, Implementation, Testing, Acceptance

• Quality management and secure software application development

• IT Service Management Framework overview

• Configuration, technology refresh, patch, change, software release, incident management

Afternoon Session

• Problem management and IT resilience (availability, recoverability)

• Disaster recovery planning and data centre resilience

• Access management: user, privileged, remote access controls

• Cryptography and cryptographic key management

• Data, network, system, and virtualization security

• Internet of Things (IoT) risk considerations

• Cybersecurity assessment: vulnerability and penetration testing

• Role of cyber exercises, customer authentication, fraud monitoring

• Customer education and communication strategies

• Emerging top technology challenges for 2025

2 Days Masterclass - CPD Certified Course - By KYR Consulting | Training | Advisory

Key Takeaways

Upon completion, participants will:

• Understand core IT risk management concepts aligned with ISO 31000 standards

• Be familiar with practical IT risk identification, assessment, and treatment processes

• Gain insight into managing IT risks in areas like cybersecurity, access management, and system resilience

• Learn to implement governance and control frameworks including policies, standards, and procedures

• Acquire hands-on experience from case studies such as FAA System Failure and Marriott Hotel IT incidents

• Develop capabilities to integrate IT risk management into organizational strategy and operations

• Understand emerging IT risk challenges and how to proactively address them

By attending this masterclass, delegates will be able to:

• Gain knowledge and awareness of the importance of IT risk management

• Understand the types of IT threats organizations face today

• Comprehend governance requirements to establish an effective IT Risk Management Framework

• Learn how to manage IT risk through best practices and controls

• Participate actively in discussions and case studies demonstrating IT risk management importance.

• Acquire a holistic understanding of IT risk management processes and infrastructure

• Articulate IT risks as business impacts and consequences

• Develop IT risk management skills and foster a strong IT risk culture within their organization

Key Learning Objectives