News | Case Studies | Contact
Course Development: Best Practices in Security Risk Management for (ISC)²
The Challenge: Building an Extensive Course to Educate (ISC)² Constituents on Best Practices in Security Risk Management
Apex Assurance Group has worked with (ISC)² for nearly 5 years. Our Security Testing and Risk Assessment talks at the Security Leadership Series and (ISC)² events have been immensely popular, and (ISC)² heard demands from its constituents for more in-depth sessions.
The Apex Assurance Advantage: Experienced Understanding of Security Risk Management and Proven Communication Ability
(ISC)² reached out to Apex for two main reasons:
- Our experience with systems security and enterprise risk management
- Our team of dynamic speakers, problem-solvers, and practitioners.
Through our Risk Management consulting services, Apex has developed considerable knowledge and experience in information security and enterprise risk management issues. We have sat on the same side of the table with end users discussing risk management needs with product vendors, executives, and their customers.
Apex has led dozens of successful talks and risk management workshops, yielding even more input and observations from the field.
The Result: A Highly-Rated Road Show and Workshop That Helped (ISC)² Members Solve Real Problems
The Security Risk Management series has continued to be one of the most popular events held by (ISC)². It is consistently sold out in every geographic market, and attendees continually remark on their take-aways (even those in it just for CPEs).
As a follow up to the success of the event and the attendees' desire to learn more, Apex partnered with Brightfly to deliver a heavily facilitated Risk Management session/workshop as a second-day offering to (ISC)² members. This intensive, one-day workshop explored the following:
- The difference between policies for auditors vs. policies for business users
- How to align policies with business, audit, and testing procedures
- Practical strategies for embedding security awareness in organizational culture
- Measurement and reporting mechanisms that support policy enforcement
- How to extend internal policies to contractors, partners, and other business contributors
Apex and Brightfly delivered practical strategies, tips, and concrete tools to improve policy awareness and compliance throughout the organization. Brightfly and Apex shared best practices and lessons-learned to leave participants with pragmatic plans and battle-tested steps for policy generation, alignment, communication, and enforcement.
Contact Apex Assurance Group if your organization is in need of non-biased, researched-based training, interactive exercises, knowledge sharing, and peer networking.