Analytix announces the launch of a two-day governance, risk management, compliance and information security (GRCI) workshop in May 2007.
"The two-day workshop is a result of market demand based on the requirements for organisations to comply with an increasing number of regulations, standards and frameworks. There is a fair amount of confusion among companies who are battling with legislation while still attempting to proactively adopt the advice provided by international standards and frameworks such as COBIT, BS 25999, ISO 27001, ISO 17799, etc. This uncertainty may lead to duplicating or delaying certain projects, resulting in budget overruns or even placing the organisation at risk," according to Craig Rosewarne, Executive Director at Analytix (www.analytix.co.za) and Chairman of the Information Security Group of Africa (www.isgafrica.org).
"The objective of the comprehensive two-day workshop is to investigate the primary drivers for governance, risk management, compliance and information security, and to provide delegates with an approach, based on the British Institute's PAS 99 Specification of common management system requirements as a framework for integration, that will help organisations to achieve benefits from integrating the common requirements of all your management system standards and specifications, and managing these requirements effectively," says Rosewarne.
Some of the international standards, legislation and frameworks covered in the training include:
* Basel II
* BS 25999
* COBIT
* COSO
* Health Insurance Portability and Accountability Act (HIPAA)
* ISO 13335 - IT security management
* ISO 27001 / ISO 17799
* ITIL
* ISO 20000
* Payment Card Industry (PCI) data security standard
* SOX
* And 15 others . . .
Local legislation and frameworks covered include:
* King II Report on Corporate Governance
* Compliance duties when communicating and transacting electronically
* Records Management
* Electronic Communications and Transactions Act 25 of 2002
* Regulation of Interception of Communications Act 70 of 2002
* Protection of Personal Information Bill
* Companies Act 1973 (as amended up to and including the Companies Amendment Act 20 of 2004)
* Promotion of Access to Information Act 2 of 2000
* JSE Listing Requirements
Companies are advised to send mixed teams of risk, compliance, legal and information security staff on the workshops to gain the most benefit.
"This is where the Analytix approach is gaining popularity among many organisations in Africa. We are able to provide specialised training to understand best practice and then the consulting services to ensure it is efficiently applied within each unique environment," states Rosewarne proudly.
Share
Analytix is a South African provider of specialist training and consultancy services within the governance, risk management and compliance arena. Analytix assists organisations with finding solutions to management challenges, such as corporate and IT governance, information security, business continuity management, IT service management, risk management and performance management.
Our services are underpinned by internationally accepted IT management practices based on a range of de facto industry standards, including COBIT, COSO, ISO 17799, ISO 27001, BS 25999, ISO 20000, ITIL and the Balanced Scorecard.
Since 2001, Analytix has been involved with education and assistance to over 260 organisations with the practical implementation of IT governance and related approaches and techniques such as COBIT and ISO 17799.
Editorial contacts