Summary of 508 – HTRA within the ITSG-33

Course Description

In this 3-day course, you will learn about the Threat Risk Assessment methodology using the ITSG-33 ISSIP and CSE’s new ASTRA tool to help you conduct your assessments.  The course will further your knowledge of ITSG-33 in a practical application for any Government IT project. 

Course Outline

Module 1: HTRA Overview

  • Relate the HTRA to the requirements for the assessment of threats and risks
  • Recognise the structure of the HTRA publication
  • Describe the phases of the HTRA process

Module 2: HTRA Activities

  • Describe the HTRA activities
  • Apply the HTRA activities for a variety of mandates

Module 3: Using the HTRA within ITSG-33 ISSIP

  • Situate the HTRA within the ITSG-33 risk management lifecycle process
  • Situate the HTRA activities within the ITSG-33 ISSIP
  • Describe the adaptations that are recommended to use the HRTA in the ITSG-33 ISSIP  

Module 4: Practical Examples and TRA Tool

  • Describe the practical examples for the exercises
  • Use the TRA tool to complete the exercises

Module 5: Support Project Initiation Phases

  • Describe the TRA activities of the ISSIP conducted during the following phases of the generic SDLC process:
    • Concept
    • Requirements analysis
  • Complete these activities in an IT project

Module 6: Support Risk-based Design

  • Describe the TRA activities of the ISSIP conducted during the following phases of the generic SDLC process:
  • High-level design
  • Detailed design
  • Complete these activities in an IT project

Module 7: Assess Residual Risks and Reporting

  • Describe the TRA activities of the ISSIP conducted during the installation phase of the generic SDLC process
  • Complete these activities in an IT project

Price

$1500

Duration

3 days

Target Audience

Project/Program Managers, IT Security Designers, Architects, Engineers and Managers

Recommended Prior Learning

  • Course 601- Introduction to IT Security Management, Knowledge of GC Security Risk Management is Beneficial
  • Course 104 - IT Security Risk Management:  A Lifecycle Approach (ITSG-33)

Report a problem on this page
Please select all that apply:

Thank you for your help!

You will not receive a reply. For enquiries, please contact us.

Date modified: