Digital Transformation & Resilience
The “Hellenic Association of Risk Managers” (www.harima.gr) member of FERMA (Federation European of Risk Management Associations, www.ferma.eu) & FECMA (Federation of European Credit Management Associations, www.fecma.eu), with the support of “Academics University of London Worldwide” and SEV and in collaboration with the “Risk Training Institute” of ICAP CRIF, present the “Digital Transformation & Resilience”
Description
Digital transformation is a critical priority for many companies across most industries, and in todays world of business is more than a catchphrase. Digital transformation is truly changing consumer and business experiences. No industry is immune to these competitive and global pressures, and the changes go beyond the actual products and services. Companies must conduct business where their customers are while marketing and selling their products through mobile, online, or social channels. Businesses must interact with their not-particularly-loyal customers in more simple, efficient, and satisfying ways through the customer life cycle. While this is the new reality, this new era also poses the creation of new risks maintaining at the same time the traditional risks at the highest level. Organizational resilience refers to an entity’s capacity to anticipate, adapt, respond, and recover from a wide range of internal and external challenges, disruptions, and shocks while maintaining its core functions, values, and stakeholder relationships. Within a digital world with technology constant evolution the Digital Transformation Risks takes extreme significance and forces all companies to invest for organizational resilience.
In this module, participants will be able to understand and evaluate the importance of Digital Transformation and Operational Resilience Risks as a key component in managing entities’ new era of operation environments. The module analyses key digital transformation strategies, approaches and systemic cyber risks impacting the Digital Economy. The program is designed for all kind of companies willing to be, or already being, in the new digital era of operations, providing key insights and trends for digital growth against associated risks.
In this module, participants will evaluate the implications of the Digital Transformation Risks, EU Compliance initiatives against digital risks (i.e. Digital Operational Resilience Act - DORA). The module analyses systematic cyber risks impacting the EU Digital Economy and provides context for the DORA regulatory framework.
About
Subject Areas
Subject Areas
Risk Management Essentials
ICT Risk Management
Organization & Governance Requirements
Third Party Risk Management
Business Continuity Management
Incident Response (framework, management, requirements)
Cybersecurity policies framework and requirements
Legal aspects of DORA requirements
MODULE-1 DIGITAL ERA, DIGITAL RISK and COMPLIANCE (2 hours)
Digital Era, Risk and Compliance
Digital Transformation Management
Overview of DORA.
Sectors affected by DORA.
Key definitions underpinning the Act.
Processes that come under the Act and are inspected.
Role of competent authorities.
Understanding the proportionality principle.
Penalties and how to apply remedial measures
MODULE-2 DIGITAL TRANSFORMATION RISKS (2 hours)
The Digital Transformation Journey
Defining the Digital Transformation Risk
Digital Risk in Different Industries
Preparing for Digital Transformation Risks
Managing Digital Transformation Risks
MODULE-3 GOVERNANCE & ORGANIZATION (4 hours)
Regulatory requirements
Governance & Organization control framework
Necessary roles for designing-developing-implementing-monitoring-auditing.
Conflict of Interest Risk and Independence principle
Monitoring and Reporting
MODULE-4 ICT RISK MANAGEMENT (4 hours)
The internal governance and control framework ensures an effective and prudent management of ICT risks.
The sound, comprehensive and well-documented ICT risk management framework, as part of the overall risk management system.
ICT systems, protocols and tools.
The need to identify, classify and adequately document all ICT supported business functions, roles and responsibilities, the information assets and ICT assets supporting those functions, and their roles and dependencies in relation to ICT risk.
The need to continuously monitor and control the security and functioning of ICT systems and tools, to minimize the impact of ICT risk on ICT systems through the deployment of appropriate ICT security tools, policies and procedures.
The need for mechanisms to promptly detect anomalous activities.
The need for response and recovery, and a comprehensive ICT business continuity policy.
Ensuring the restoration of ICT systems and data with minimum downtime, limited disruption and loss
MODULE-5 ICT CYBERSECURITY POLICIES (4 hours)
Regulation Requirements for Security Policies
From Policies to Procedures to Technical Standards
Internal and External Drivers
InfoSec Framework, Roles and Governance
MODULE-6 INCIDENT MANAGEMENT (4 hours)
Regulation Requirements for Incident Management
Incident Management Framework
Incident Classification and Response
Internal Incident Reporting
External Incident Reporting
MODULE-7 BUSINESS CONTINUITY (2 hours)
Regulation Requirements for Business Continuity
Backup and Restore
Business Continuity & Crisis Management
MODULE-8 THIRD PARTY RISK MANAGEMENT (4 hours)
Regulation Requirements for 3rd Party Risk Management.
Preliminary assessment of ICT concentration risk at entity level.
Key contractual provisions.
Designation of critical ICT third-party service providers.
Structure of the Oversight Framework.
Tasks of the Lead Overseer.
Operational coordination between Lead Overseers.
Powers of the Lead Overseer.
Exercise of the powers of the Lead Overseer outside the Union.
General investigations, inspections, ongoing oversight.
Harmonisation of conditions enabling the conduct of the oversight activities.
International cooperation.
MODULE-9 DIGITAL OPERATIONAL RESILIENCE (4 hours)
General requirements for the performance of digital operational resilience testing.
Testing of ICT tools and systems.
Red Teaming Activities
Advanced testing of ICT tools, systems and processes based on threat-led penetration testing.
Requirements for testers for the carrying out of TLPT.
Summary: Requirements interdependence (‘all relevant’)
30
Hours Live Online
0%
Skilled and Profesional Advisors
0k+
Ambitious Training Attendes
0+
Years of Experience
0+
Trainings & Certificates
