DESCRIPTION
The Assessing Information Security Value workshop provides practical guidance on how to assess the value of information and apply appropriate security controls.
Participants will learn how to evaluate business impact, determine security classifications, and document assessment outcomes in line with jurisdictional requirements.
The workshop focuses on real-world examples, clear roles and responsibilities, and practical messaging to support consistent, defensible information security decisions across the organisation.
LEARNING OUTCOMES
At the end of this workshop, you should be able to:
-
Access relevant jurisdictional information security guidance and resources
-
Understand and apply core information security concepts and terminology
-
Explain the business value and purpose of information security assessments
-
Identify what information requires assessment and when assessments are required
-
Perform a Business Impact Level (BIL) assessment and determine security classifications
-
Record assessment outcomes in an Information Asset Register (IAR)
-
Use practical examples and contextualised BIL tables to assess information consistently
-
Understand assessment roles and responsibilities
-
Communicate clear messages about information security value to stakeholders
WHO SHOULD ATTEND
This workshop is suitable for anyone involved in creating, managing, assessing, or using information, including:
-
Information and data asset owners
-
Business and system owners
-
Information security, risk, and governance professionals
-
Policy, compliance, and assurance staff
-
Project managers and delivery teams
-
Advisors supporting information classification and risk assessmentsNo prior information security expertise is required.
-
Note that active participation is essential to benefit from the session fully, and no recordings will be provided in order to preserve the workshop's integrity and interactivity.
