Sumários

Class 06 - 28/Mar

28 março 2019, 15:30 José Borbinha

Risk management (ISO 31000). Enterprise Risk Management (COSO). Information Security, Information Systems, and Compliance. 

Case E - references for discussion:

  • concepts of “Data Retention”, “Records Management”, “Information Privacy”, “GRC” and “Regulatory Compliance”, “Information Security” 

PROJECT: assignment review...

Invited talk:the case of the INCM - https://www.incm.pt

  • Rosa Tomás (CISO - Chief Information Security Officer)
  • Ricardo Vieira (CRO - Chief Risk Officer; CCO - Chief Compliance Officer)
------------------------------------------------------------------------- 

Class 05 - 21/Mar

21 março 2019, 17:00 José Borbinha


Information Stakeholders and Lifecycle. Information Assurance; Information Security (InfoSec). Information Privacy; General Data Protection Regulation. Digital Forensics and e-Discovery. Certification for ISO 27001.

Extra references:

  • https://ec.europa.eu/info/law/law-topic/data-protection_en
  • https://iab.org/wp-content/IAB-uploads/2011/03/fred_carter.pdf
  • https://www.cookiebot.com/en/gdpr/

Case D: references for discussion:

  • Cobit 2019 Governance and Management Objectives: Chapter 3 and and Chapter 4 - APO03 Managed Enterprise Architecture
  • Case: Define the users’ information stakeholders for Facebook information lifecycle for users’ information.

Invited talks:

  • Alberto Silva (IST, INESC-ID Data Protection Officer)

  • Rui Shantilal (Integrity - https://integrity.pt)
-------------------------------------------------------------------------

Class 05 - 21/Mar

21 março 2019, 15:30 José Borbinha


Information Stakeholders and Lifecycle. Information Assurance; Information Security (InfoSec). Information Privacy; General Data Protection Regulation. Digital Forensics and e-Discovery. Certification for ISO 27001.

Extra references:

  • https://ec.europa.eu/info/law/law-topic/data-protection_en
  • https://iab.org/wp-content/IAB-uploads/2011/03/fred_carter.pdf
  • https://www.cookiebot.com/en/gdpr/

Case D: references for discussion:

  • Cobit 2019 Governance and Management Objectives: Chapter 3 and and Chapter 4 - APO03 Managed Enterprise Architecture
  • Case: Define the users’ information stakeholders for Facebook information lifecycle for users’ information.

Invited talks:

  • Alberto Silva (IST, INESC-ID Data Protection Officer)

  • Rui Shantilal (Integrity - https://integrity.pt)
-------------------------------------------------------------------------

Class 04 - 14/Mar

14 março 2019, 17:00 José Borbinha

Assessment (capability and maturity models) - core concepts
Process Capability. Maturity Assessment

Case C -  references for discussion:
  • Maturity Models 101: A Primer for Applying Maturity Models to Smart Grid Security, Resilience, and Interoperability
  • ISO 33001 Information technology — Process assessment — Concepts and terminology
Invited Talk: Diogo Proença (INESC-ID, IST)
-------------------------------------------------------------------------

Class 04 - 14/Mar

14 março 2019, 15:30 José Borbinha

Assessment (capability and maturity models) - core concepts
Process Capability. Maturity Assessment

Case C -  references for discussion:
  • Maturity Models 101: A Primer for Applying Maturity Models to Smart Grid Security, Resilience, and Interoperability
  • ISO 33001 Information technology — Process assessment — Concepts and terminology
Invited Talk: Diogo Proença (INESC-ID, IST)
-------------------------------------------------------------------------