Skip to content Skip to navigation

SMU Certificate in IT Risk, Governance and Security (IBF Level 1)

Recent high-profile cyber crimes and IT breaches across the globe have made headline news. With digitalization rapidly transforming the financial services industry, managing technology risk is now a business priority.

It is critical for banking professionals to understand and manage IT risks, threats and vulnerabilities, to safeguard business continuity and reputation. Benchmarked to industry standards and best practices, the 2-day SMU Certificate in IT Risk, Governance & Security (IBF Level 1) certification program provides the fundamental framework to identify risks and implement controls against potential security concerns.  


Programme Length

2 Days
Weekday 09:00 - 17:00

Areas of Study
  • Understand governance principles & risk management concept
  • Know the major risk exposures for Technology & Operations (T&O)
  • Be familiar with regulatory framework applicable to T&O
  • Identify relevant network security controls to mitigate risks
  • Assess new threats against established security controls
  • Perform security standards and compliance reviews
Schedule 1 & 2 Mar 2018

Governance and Management Oversight 

  • Principles of governance & enterprise risk management
  • IT governance & risk considerations
  • Key governance operations, documents & risk management policies 

Managing Contingency Risk

  • Business continuity plan (BCP) vs Disaster recovery plan (DRP)
  • Recovery time objectives (RTO) & recovery point objectives (RPO)
  • Business impact & RTO

Internal Controls

  • Preventive, detective & corrective controls
  • Types of control & their limitations
  • Technology risk management guidelines

Cyber Risk, Threats & Vulnerabilities

  • Vulnerability element – operating system, application, database & network
  • Threat source & categories
  • CIA framework – confidentiality, integrity & availability

Cyber Security Components

  • Technical safeguard
    • AAA concept
    • Encryption
    • Firewalls
    • Malware protection
    • Application design
  • Data safeguards
    • Access control
    • Logging
    • Data loss prevention
    • Penetration testing
    • Security analyzers
  • Human safeguards
    • account administration
    • password management

Cyber Security Frameworks & Standards

  • CoBIT 5, ISO, ITIL, NIST, etc
  • Key regulations – MAS Technology Risk Management (TRM) Guidelines
  • Security standards baseline review

Cyber Security Attack & Defence Modelling

  • Case study

S$1,500 (excl. GST)

Net fee payable upfront for eligible self-sponsored applicants:

Singaporeans and PRs
S$450 (excl. GST)

Singaporeans aged 40 years and above
S$150 (excl. GST)

Terms & conditions apply

Who Should Attend
  • New hires and entry level professionals in financial services or IT risk and security related disciplines
  • Middle office staff such as product controllers, risk managers, auditors and compliance officers seeking to gain foundation knowledge in IT risk and security 

Last updated on 26 Dec 2017.



SMU Academy - Financial Services
Singapore Management University

Phone: +65 6828 0563
Fax:+65 6828 0429