Course description
THE CONFERENCE
As cyber threats grow in scale and complexity, organizations must move beyond basic cybersecurity to adopt structured, risk-based frameworks that ensure resilience, continuity, and compliance.
The 2025 Conference on Information Security Management Systems (ISMS) and IT Governance is designed to empower IT leaders, compliance officers, and public and private sector managers with critical knowledge to safeguard information assets and align technology with business objectives.
This conference brings together top minds in cybersecurity, IT leadership, internal audit, compliance, and digital transformation to engage in forward-thinking dialogue and actionable training on how to implement robust security management systems and governance practices that align with institutional missions and national mandates.
Attendees will gain insights into building secure IT environments, strengthening institutional digital trust, managing risk across supply chains and cloud infrastructure, and establishing a culture of continuous improvement in cybersecurity and governance.
by the end of the conference, participants will be able to:
§ understand and implement ISO/IEC 27001-based Information Security Management Systems;
§ conduct IT risk assessments and apply security controls in line with global standards;
§ develop and manage IT governance frameworks aligned with organization and regulatory needs;
§ establish effective information security policies, roles, and responsibilities;
§ identify threats, vulnerabilities, and recovery strategies across the IT landscape;
§ integrate ISMS with organizational strategies and continuity plans; and
§ foster a security-first culture through training, monitoring, and leadership.
WHO SHOULD ATTEND:
§ Chief Information Officers (CIOs) and IT Directors
§ Information Security Managers and Risk Officers
§ Compliance, Audit, and Governance Professionals
§ Public sector IT heads and agency ICT teams
§ Project managers overseeing digital platforms
§ Procurement officers for IT services and systems
§ Cybersecurity analysts and data privacy teams
CONFERENCE MODULES
Module 1: Foundations of ISMS and the ISO/IEC 27001 Framework
- Key principles, objectives, and structure of ISMS
- Implementing the 27001 standards in real-world contexts
Module 2: IT Governance and Institutional Alignment
- Role of IT governance in public and private sectors
- COBIT, ITIL, and other global frameworks
Module 3: Risk Management in Information Security
- Threat modeling, vulnerability assessments, and risk treatment plans
- Incident response planning and mitigation strategies
Module 4: Policy, Compliance, and Audit Readiness
- Creating enforceable policies and access control mechanisms
- Internal audit procedures and external certification
Module 5: Human Factor and Security Awareness
- Building a culture of security
- Training, phishing simulations, and behavioral controls
Module 6: Integrating Cybersecurity with Business Continuity Planning
- Recovery objectives, disaster preparedness, and system redundancy
- Case studies from public institutions and private firms
What will i learn?
- Understand and implement ISO/IEC 27001-based Information Security Management Systems;
- Conduct IT risk assessments and apply security controls in line with global standards;
- Develop and manage IT governance frameworks aligned with organization and regulatory needs;
- Establish effective information security policies, roles, and responsibilities;
- Identify threats, vulnerabilities, and recovery strategies across the IT landscape;
Requirements
- June 30 - July 4, 2025. August 18-22, 2025 September 1-5, 2025 November 17-21, 2025 December 15-19, 2025 January 12-16, 2026
Frequently asked question
