Course Outline
Fundamentals of Information Security in Public Sector Entities
- Essential security principles and their importance within government operations
- The role of confidentiality, integrity, and availability in daily administrative functions
- Predominant threats impacting public sector data and digital infrastructure
Governance Frameworks, Policies, and Accountability
- Security governance structures within institutional environments
- Responsibilities assigned to leadership, staff, IT personnel, service owners, and external partners
- Establishment of policies, standards, procedures, and accountability mechanisms
Risk Management for Information Assets and Services
- Identification of assets, threats, vulnerabilities, and operational impacts
- Foundational risk assessment methodologies and prioritization strategies
- Selection of appropriate mitigation treatments and technical controls
Information Classification and Data Protection
- Categorization of institutional information based on sensitivity and usage requirements
- Protection measures for documents, records, databases, and shared repositories
- Standards governing storage, transmission, retention schedules, and secure disposal
Identity and Access Management (IAM)
- Fundamentals of user accounts, authentication protocols, and authorization controls
- Implementation of least privilege, separation of duties, and periodic access reviews
- Procedures for managing access requests, modifications, and revocations
Secure Operations for Systems and Digital Services
- Secure usage guidelines for email, web applications, remote access, and collaborative platforms
- Identification of common user errors and strategies for prevention
- Practical measures to enhance security posture in daily activities
IT Service Management and Security Integration
- The interrelationship between IT service delivery and information security
- Security considerations integrated into service design, deployment, and support phases
- Management of service requests, incidents, changes, and associated documentation
Incident Response and Service Continuity
- Detection and recognition of security incidents and service disruptions
- Procedures for reporting, escalation, containment, stakeholder communication, and recovery
- Backup strategies, recovery planning, and maintenance of operational availability during crises
Security Awareness, Regulatory Compliance, and Continuous Improvement
- Detection of phishing attempts, social engineering tactics, and non-compliant behavior
- Alignment with institutional policies, audit requirements, and regulatory obligations
- Monitoring of security controls and identification of actionable improvement opportunities
Applied Workshop and Strategic Action Planning
- Analysis of a public sector scenario involving security and service management challenges
- Assessment of risks and formulation of recommendations for operational enhancement
- Development of targeted action plans aligned with participants' specific areas of responsibility
Requirements
- Familiarity with fundamental information technology principles, office automation tools, and the secure stewardship of institutional records.
- Practical proficiency in utilizing enterprise information systems, electronic communication platforms, collaborative repositories, and web-based applications within daily operational workflows.
- Prior coding or software development expertise is not necessary for participation.
Target Audience
- Government personnel tasked with the utilization, administration, or oversight of digital assets and public services.
- Information technology professionals, including system administrators and service management staff employed within federal, state, or local agencies.
- Administrative leaders, audit specialists, and compliance officers accountable for maintaining data integrity, information security protocols, and high-quality service delivery standards for government operations.
Testimonials (3)
The trainer was helpful..
Attila - Lifial
Course - Compliance and the Management of Compliance Risk
The report and rules setup.
Jack - CFNOC- DND
Course - Micro Focus ArcSight ESM Advanced
The way to receive the information from the trainer