Applying Quantification to APRA CPS 234

Instructor: Denny Wan
Product ID: 706616
Training Level: Intermediate
  • Duration: 120 Min
APRA CPS 234 demands managing cyber risk under Enterprise Risk Management (ERM). This webinar explains how to apply NISTIR 8286, connecting cybersecurity to ERM, to address this requirement.
Purchase option for this webinar is currently unavailable. Please contact our Customer Care for more info.

Customer Care

Fax: +1-650-362-2367

Email: [email protected]

Read Frequently Asked Questions

Why Should You Attend:

  1. Do you need to explain sufficiency of the cyber risk program to the board?
  2. Is your cyber risk program part of ERM and managed according to the corporate risk appetite statement?
  3. Are you confident your supplier is compliant with your CPS 234 obligations?
  4. Do you want to learn how to drive 'good risk' to deliver tangible value from the cyber risk program?
  5. Want to learn how to transition from qualitative risk analysis to quantitative risk analysis in order to measure sufficiency of the cyber risk program.

By attending this webinar, you will learn the key concepts to address the above cyber risk management challenges through step-by-step instructions and practical hands on examples.

APRA CPS 234 makes business boards responsible for the sufficiency of their cyber risk programs. This regulatory requirement compels boards to include cyber risk management as part the Enterprise Risk Management (ERM) programs. This webinar explains how to apply the new NIST standard NISTIR 8286, connecting cybersecurity to ERM, to address this requirement through step-by-step instructions and practical hands- on examples.

Areas Covered in the Webinar:

  • The history and structure of APRA CPS 234 standard
  • Mapping to guidance in APRA CPG 234
  • Reporting and notification requirements
  • Materiality considerations
  • 3rd party service providers compliance requirements
  • Introduction to NISTIR 8286 - connecting cybersecurity to Enterprise Risk Management (ERM)
  • Managing cyber risks in accordance with Risk Appetite Statements
  • Understand Risk Appetite and Risk Tolerance
  • Quantifying Risk Appetite Statement using the Open Group FAIR Cyber Risk Quantification framework
  • Practical case studies

Who Will Benefit:

  • Chief Risk Officer (CRO)
  • Chief Information Officer (CIO)
  • Chief Information Security Officer (CISO)
  • IT Manager
  • IT Risk Manager
  • IT Risk Analyst
  • IT Auditor
  • IT security administrator
  • Supply Chain Risk Manager
  • Risk Compliance Officer
Instructor Profile:
Denny Wan

Denny Wan
Founder and Co-chair, FAIR Institute

Denny Wan is a recognized cyber security expert specializing in the NIST endorsed Open Group FAIR (Factor Analysis of Information Risk) cyber risk quantification framework. He is a certified ISO27001 Lead Auditor, PCI QSA and CISSP. FAIR analysis expresses cyber risk in financial terms, enabling the business board to assess the sufficiency of their security capabilities as required under APRA CPS 234. Denny extends his FAIR experts to apply to the NISTIR 8286 standard, empowering risk managers to connect cybersecurity to Enterprise Risk Management. This approach is also useful for managing 3rd party supplier risks under APRA CPS 234. He is the founder and co-chair of the Sydney Chapter of the FAIR Institute and Australian. His expertise in IT security audit and cyber risk quantification enables him to create a balanced approach in tackling the compliance challenge of APRA CPS 234 from a business perspective.

Follow us :

More Trainings by Expert

Applying Quantification to NISTIR 8286

Refund Policy

Registrants may cancel up to two working days prior to the course start date and will receive a letter of credit to be used towards a future course up to one year from date of issuance. ComplianceOnline would process/provide refund if the Live Webinar has been cancelled. The attendee could choose between the recorded version of the webinar or refund for any cancelled webinar. Refunds will not be given to participants who do not show up for the webinar. On-Demand Recordings can be requested in exchange.

Webinar may be cancelled due to lack of enrolment or unavoidable factors. Registrants will be notified 24hours in advance if a cancellation occurs. Substitutions can happen any time.

If you have any concern about the content of the webinar and not satisfied please contact us at below email or by call mentioning your feedback for resolution of the matter.

We respect feedback/opinions of our customers which enables us to improve our products and services. To contact us please email [email protected] call +1-888-717-2436 (Toll Free).

Product Reviews

This product hasn't received any reviews yet. Be the first to review this product! Write review

Best Sellers
You Recently Viewed
    Loading