Log in

  Institute of


Business Analysis Everywhere

Log in

Workshop - Information Security Risk Analysis - 24-Feb-2018 9AM

  • 24 Feb 2018
  • 9:00 AM - 5:00 PM
  • 146 Kendal Avenue, Toronto, ON - George Brown College Casa Loma Campus


Registration is closed

IIBA Toronto Presents

Information Security Risk Analysis

Cybersecurity - Managing Risk in our fast changing information age. Develop a strategy to mitigate risk and implement security controls.



This workshop provides participants with the fundamentals of information security risk management, and cost/benefit analysis of implementing security controls.


The workshop is supplemented by a case study that will allow the participants to

  1. conduct a risk analysis using the Harmonized Threat Risk Assessment process 
  2. and conduct a cost benefit analysis of implementing a security control



By taking the workshop, the participate will:

  • Understand when a Threat Risk Assessment (TRA) should be conducted within the lifecycle of an Information Technology (IT) service
  • How TRAs fits into an information security risk management life cycle

  • Understand how to prioritize information security control requirements based on risk level

  • Experience conducting a TRA, so to obtain an understanding of some of the challenges of conducting a TRA

  • Understand how to apply the concept of cost/benefit analysis towards determining the economic value of an information security control

  • Experience conducting a cost benefit analysis on an information security control, so that one obtains an understanding of some of the challenges of doing so.

    Those involved in business analysis, financial analysis, risk management, and IT project management will have an opportunity to understand how to determine what information security controls are appropriate to a business process or an IT system.




    • Information Security Risk Management

    • Information Security Risk Analysis

    • Asset Classification

    • Cost / Benefit Analysis

    Harmonized Threat Risk Assessment

    • Develop an inventory of assets

    • Classify assets

    • Identify and assess threats

    • Identify and assess vulnerabilities

    • Identify relevant controls

    • Calculate risk levels

    Cost / Benefit Analysis

    • Risk Strategy (Accept, Transfer, Avoid, Mitigate)

    • Determine the cost of a security control

    • Determine the Annual Loss Expectancy

    • Determine the overall benefit of a security control



      John Wang
      Information Security Consultant

      John Wang has over 30 years experience in Telecommunications, Financial Services, and Information Security Consulting including Strategy, Sales, Technical Service, Engineering, and Product Management.


      In addition to having his own information security consulting business, providing consulting services on information security governance, security risk assessment, and security policy and procedure development, John teaches information security at George Brown college.


      Class time duration: 6.00 hours

      IIBA CDU credits: 6.00 credits

      Chapter Member Price: $249

      Non-Member Price: $299

      Payment Policy

      Workshop fees must be paid upon registration in the workshop prior to attending. Pricing, registration terms, and conditions are subject to change without notice.

      For credit card payments, charges will be in the currency of the country where the class takes place and will be converted by the credit card company. IIBA Toronto Chapter is not responsible for fluctuations due to exchange rates. Taxes will be applied to the payment where applicable.

      IIBA Toronto Chapter reserves the right to make changes to the workshop program described or to cancel the workshop at any time without notice or liability. The Chapter's sole liability will be limited to the refund of registration fees paid in respect of the workshop and the Chapter shall not be responsible for any incidental or consequential loss arising whatsoever. The Chapter will endeavor to give enrollees as much advance notice as possible of any change to the workshop program or registrant’s enrollment.

      Registration Fee

      The registration fee covers workshop materials only. Refreshments and lunch is not included and is the responsibility of the registrant. Parking is not included.

      Refund Policy

      Cancellations will be allowed prior to 10 days of the workshop start date and a full refund will be issued. Cancellations will not be permitted within 10 days of the workshop start date; however, substitutions will be permitted. It is up to the registrant to find and arrange a substitute. The Chapter will process the substitution by changing the registrant name but is not responsible for any financial transactions between the registrants.

      No refunds will be issued within 10 days of the workshop start date. If a registrant does not attend the workshop and has not given adequate notification, it will result in full forfeiture of the registration fee.

      If you are unable to attend the workshop, or have comments or questions, please contact


      Should you have any questions or need assistance, please contact us at

      Secondary navigation G - Navigation links, Secondary menu.

      This website is being
      modified to a new look and functionality. Keep scrolling. 

      Powered by Wild Apricot Membership Software