*SMU Certificate in IT Risk, Governance and Security (IBF Level 1) - Class confirmed

Recent high-profile cyber crimes and IT breaches across the globe have made headline news. With digitilization rapidly transforming the financial services industry, managing technology risk is now a business priority.

It is critical for banking professionals to understand and manage IT risks, threats and vulnerabilities, to safeguard business continuity and reputation.

Benchmarked to industry standards and best practices, this 2-day certification program provides the fundamental framework to identify risks and implement controls against potential security concerns. 


Programme CodeSMU Certificate in IT Risk, Governance and Security (IBF Level 1): P160527EFY

Programme Objectives

  • Understand governance principles & risk management concept

  • Know major risk exposures for Technology & Operations (T&O)

  • Identify tools and controls to mitigate risks

  • Be familiar with regulatory framework applicable to T&O

  • Develop awareness of IT risks, threats & vulnerabilities

  • Identify relevant network security controls to mitigate risks

  • Assess new threats against established security controls

  • Learn good security practices and standards

  • Understand the intent and objectives of security reviews

  • Perform security standards and compliance reviews

Who Should Attend 

  • New hires and entry level professionals in financial services or IT risk and security related disciplines 

  • Middle office staff such as product controllers, risk managers, auditors and compliance officers seeking to gain foundation knowledge in IT risk and security 


Governance and Management Oversight

  • Principles of governance & enterprise risk management

  • IT governance & risk considerations

  • Key governance operations, documents & risk management policies


Managing Contingency Risk

  • Business continuity plan (BCP) vs Disaster recovery plan (DRP)

  • Recovery time objectives (RTO) & recovery point objectives (RPO)

  • Business impact & RTO


Internal Controls

  • Preventive, detective & corrective controls

  • Types of control & their limitations

  • Technology risk management guidelines


Risk, Threats & Vulnerabilities

  • Vulnerability element – operating system, application, database & network

  • Threat source & categories

  • CIA framework – confidentiality, integrity & availability


Cyber Security Components

  • Technical safeguard

  • Data safeguards

  • Human safeguards


Cyber Security Frameworks & Standards

  • CoBIT 5, ISO, ITIL, NIST, etc

  • Key regulations – MAS Technology Risk Management (TRM) Guidelines

  • Security standards baseline review


Cyber Security Attack & Defence Modelling

  • Case study

Assessment & Certification

Participants who complete and pass the assessment will receive the SMU Certificate in IT Risk, Governance and Security (IBF Level 1). This programme is one of five accredited modules that stacks up to the SMU Professional Certificate in Technology and Operations (IBF Level 1) and the “IBF Qualified” certification by the Institute of Banking & Finance. 

Type of Course



Finance, Financial IT and Risk Management

Fees & Funding

SGD $1,500 (excl. GST)

Net fee payable upfront for eligible self-sponsored applicants:

Singaporeans and PRs
S$450 (excl. GST)

Singaporeans aged 40 years and above
S$150 (excl. GST)

Terms & conditions apply


IBF-STS Funding
IBF-STS Funding of 70% is available to eligible institutions and qualified individuals subject to a cap of S$7,000 per participant per programme. Singapore Citizens aged 40 years old and above are eligible for 90% co-funding of direct training costs, subject to the existing grant caps. For terms and conditions, please click here: https://www.ibf.org.sg/programmes/Pages/IBF-STS.aspx


SkillsFuture Credit
Singapore Citizens aged 25 and above, and self-funding may use their SkillsFuture Credit (up to S$500) to defray part of the course fee. Please click User Guide on how to submit your claim. SkillsFuture Credit claims may be submitted by logging in via MySkillsFuture.sg.

Union Training Assistance Program (UTAP)
NTUC members are eligible for UTAP funding at 50% of the unfunded course fee capped at $250 every year. For application, terms and conditions, please click here.


The programme is designed for T&O professionals seeking to advance their careers and for new entrants aspiring to embark on T&O careers in the wholesale treasury markets.

Course Dates

1 & 2 Mar 2018
Thu & Fri 09:00 - 17:00

Contact Us

For enquiries, please contact Chiew Yee at 6828 0971, Jaclyn at 6828 0254 or email fti@smu.edu.sg

Programme Policies

Please click here for the programme policies, terms and conditions. 

Trainer’s Biography

Leonard Ong has over 15 years of information and corporate security experiences gained in telecommunication, enterprise and banking industries. He held various roles within the security profession, with responsibilities in information security, corporate security, project management, consulting and business development. Currently Associate Director at Merck, Leonard also serves on the ISACA Board of Directors.