SMU Certificate in IT Risk, Governance & Security (IBF Level 1)

Programme Code: P160527EFY


Essentials of IT Risk & Governance

Recent high-profile cyber crimes and IT breaches across the globe have made headline news. With digitalization rapidly transforming the financial services industry, managing technology risk is now a business priority.

It is critical for banking professionals to understand and manage IT risks, threats and vulnerabilities, to safeguard business continuity and reputation. Benchmarked to industry standards and best practices, the 2-day SMU Certificate in IT Risk, Governance & Security (IBF Level 1) certification program provides the fundamental framework to identify risks and implement controls against potential security concerns. 

Next Course Starts OnTo be advised See Full Schedule
Fee SGD1605.00* (as low as SGD160.50* after maximum funding) Learn more

2 Days


Singapore Management University

Learning Objectives
  • Understand governance principles & risk management concept
  • Know the major risk exposures for Technology & Operations (T&O)
  • Be familiar with regulatory framework applicable to T&O
  • Identify relevant network security controls to mitigate risks
  • Assess new threats against established security controls
  • Perform security standards and compliance reviews


Governance and Management Oversight

  • Principles of governance & enterprise risk management
  • IT governance & risk considerations
  • Key governance operations, documents & risk management policies
Managing Contingency Risk
  • Business continuity plan (BCP) vs Disaster recovery plan (DRP)
  • Recovery time objectives (RTO) & recovery point objectives (RPO)
  • Business impact & RTO
Internal Controls
  • Preventive, detective & corrective controls
  • Types of control & their limitations
  • Technology risk management guidelines

Cyber Risk, Threats & Vulnerabilities

  • Vulnerability element – operating system, application, database & network
  • Threat source & categories
  • CIA framework – confidentiality, integrity & availability
Cyber Security Components
  • Technical safeguards
  • Data safeguards
  • Human safeguards
Cyber Security Frameworks & Standards
  • CoBIT 5, ISO, ITIL, NIST, etc
  • Key regulations – MAS Technology Risk Management (TRM) Guidelines
  • Security standards baseline review

Cyber Security Attack & Defence Modelling

  • Case study

Who Should Attend

  • New hires and entry level professionals in financial services or IT risk and security related disciplines
  • Middle office staff such as product controllers, risk managers, auditors and compliance officers seeking to gain foundation knowledge in IT risk and security


Participants who complete and pass the assessment will receive the SMU Certificate in IT Risk, Governance & Security (IBF Level 1).

Fees and Funding

Program  Fee

S$1,500 (excluding GST)


Net fee payable upfront for eligible self-sponsored applicants:

Singaporeans and PRs
S$450 (excl. GST)

Singaporeans aged 40 years and above
S$150 (excl. GST)

Application form for self sponsored applicants, please click here.

IBF-STS Funding
IBF-STS Funding of 70% is available to eligible institutions and qualified individuals, subject to meeting the attendance requirement and passing of assessment. The IBF-STS funding is subject to a cap of S$7,000 per participant per programme. Singapore Citizens aged 40 years old and above are eligible for 90% co-funding of direct training costs, subject to the existing grant caps. For terms and conditions, please click here:


Intake Information


Program is held from 9am - 5pm

Speaker/Trainer Bio

Leonard Ong has over 15 years of information and corporate security experiences gained in telecommunication, enterprise and banking industries. He held various roles within the security profession, with responsibilities in information security, corporate security, project management, consulting and business development. Currently Associate Director at Merck, Leonard also serves on the ISACA Board of Directors.


Share this course