Cloud computing has emerged as one of the most significant information technology developments over the past decade. As a new framework for the way IT solutions are designed, sourced and used for services delivery, it offers organisations new and flexible ways to manage IT costs, scale IT operations and streamline related processes. However, with the new IT developments, new risks will emerge. This course will help you understand the risk implications of moving to the cloud, as well as strategies for managing those risks.
• Understand the fundamentals and impact of Cloud Computing
• Describe the different types of Cloud Computing architectures
• Describe the different services that Cloud Computing provides
• Describe some of the challenges to adopting a cloud architecture
• Identify the top security threats to cloud computing
• Understand how the risks associated with Cloud Computing vary from the traditional application service provider model
• Develop an audit plan based on the different services of Cloud Services
• Learn about auditing standard based on ISO27001 & ISO27018
• Learn to utilise the myriad of tool/s to map out the risks and develop a comprehensive audit strategy
To be eligible for SF Series subsidy, participants:
- must be Singaporeans or Permanent Residents of Singapore
* Participants who do not fulfill the above criteria are not eligible for SF Series funding, and are required to pay the course fee in full.
Course supported for the new Union Training Assistance Programme (UTAP) funding
Union members may enjoy up to $250 unfunded course fee support when you sign up for courses supported under UTAP. Conditions apply. Visit www.ntuc.org.sg for more information.
• IT Internal Audit Practitioners
• IT Managers
• IT Professionals
• What is Cloud Computing?
• Adoption of cloud
- Current landscape
- New business models
- Key business drivers
• Cloud computing architectures
• Cloud computing service delivery models
• Key attributes of Cloud Computing
• Top Cloud considerations & challenges
• Review of the Cloud risk map
- Addressing risks in security & privacy
- Data management
- Governance & compliance
- General business
• Background to Information Security Management System (ISMS)
• ISO27001: Structure, Auditing Areas, Terms and Definitions
• Auditor Competence, Responsibilities and Characteristics
• Audit Evidence Triangle
• Types of Audit
• Audit Activities
• Creating an Audit Plan
• Creating an Audit Checklist
• Audit Questioning Techniques
• Conducting the opening Meeting
• Prepare, Approve and Distribute
• Conducting Audit follow-up Activities
• Nonconformities and Writing Nonconformities
• Creating the Audit Report: Prepare, Approve and Distribute
• Conducting Audit follow-up Activities
• Case Study – Deep dive into Cloud technology (security & privacy)
- Utilise Cloud risk map
- Identify risks
- Define scope
• Develop an audit plan based on identified Cloud risks
• Scenario based activity – Bring a fictional enterprise securely into the cloud
|Cancellation & Refund Policy|
|A written notification to firstname.lastname@example.org or fax to
6774 2911 before course closing date.
|No cancellation charges (Full refund)|
|A written notification on or after course closing date.||No Refund
SkillsFuture Credit (if applicable):
- Participant to cancel their claim with WDA
- PaCE Collegereserves the rights to collect the full fee amount from the participant
|Given a 3 days notice before course commencement, companies may replace participants who have signed up for the course. Terms and conditions apply.
There is no replacement for participant utilising SkillsFuture Credit. Participant to cancel their SkillsFuture Credit claim with WDA.
|Terms and Conditions|
|• Course is subject to a minimum participation before commencement
• Course is subject to a first-come-first-serve basis in light of overwhelming responses
• PaCE Collegereserves the right to change or cancel any course or trainer, in light of unforeseen circumstances
• All details are correct at time of dissemination
|At PaCE College, participants’ personal information is collected, used and disclosed for the following purposes:
|Course Date, Time||Reg. Closes On|
|1||03 Apr' 19 to 05 Apr' 19, 9.00am to 5.00pm||31 Mar' 19||Register Now|
Mr. Kenneth Ho is a seasoned consultant with extensive knowledge in information risk management, information security and information system audit. He is a certified ISO 27001 Lead Auditor, CRISC, CISSP, CCSK and CISA.
He has 20 years of experience in security assessment, design, implementation and management consultancy in the above domains, and has worked in a number of industries, including the health, airline, electronics, manufacturing, finance and telecommunication.
His professional expertise ranges from Information Security and Compliance Officer to Security Consultant. His direct technology experience spans enterprise architecture, telecommunications networks, network management systems, business continuity, and security operations process.
Kenneth holds a Bachelor of Applied Science in Computer Technology Degree and a Postgraduate Certificate in Network Engineering from Nanyang Technological University.