GRC02 - Controlling cyber risks throughout the project life cycle: the ISP approach

• Understand the challenges of security in projects
• Know when and how to identify, assess, analyze and control risks
• A pragmatic approach to PSI to optimize the process

DAY 1: Integrating security into projects

Part 1 - Introduction :

• Issues and examples
• Problems encountered: safety vs. effectiveness
• Objectives of the PSI

Part 2 - The PSI Process:

• General view
• Prerequisites and process construction
• Project qualification: business vision
• Definition of requirements
• Compliance analysis: IT vision
• Identify and analyze risks
• Define the measures
• Check and validate

DAY 2: Industrializing PSI

Part 3 - PSI and Project Life Cycle :

• PSI Milestones
• ISP process and project management process
• Barriers to PSI adoption
• Raising awareness and training
• PSI Tooling
• Useful catalogs and repositories
• Focus: PSI in Agile projects

Part 4 - Case Study:

• Implementation of an ISP process in a fictitious project
• Debriefing and analysis

General knowledge of project management methods is required. Knowledge of SSI risk analysis may be useful.

Category: awareness.

Intended audience:

• Functional Project Manager
• Risk manager
• Responsible for the MOE