SMU Professional Certificate in Governance, IT Risk Management & Compliance (IBF Level 2)

Programme Code: P160331HMW


As organizations embrace digitalization to transform business and operations, it is critical to develop policies, procedures and controls to manage technology related risks. The frequency and scale of cyber attacks and breaches have escalated. The disruptions to systems and operations can greatly damage an organization’s reputation, public trusts and bottom line.

It is imperative for professionals in technology & operations (T&O) to be able to develop and implement effective controls to manage operational risk, activate technology disaster plans to ensure business continuity. 

This 3-day certification program adopts an experiential learning approach. Participants works on an extended case study to implement risk management controls to comply with regulatory requirements and industry best practices.

Next Course Starts On01 Aug 2018 (Wed) See Full Schedule
Fee SGD3210.00* (as low as SGD321.00* after maximum funding) Learn more

3 Days


Singapore Management University

Learning Objectives
  • Determine and justify risk tolerance & appetite
  • Assess risk and select risk treatment option
  • Develop and test business continuity plan & remedial actions
  • Design risk reporting process & tools
  • Apply data protection principles to device policies & processes
  • Use the Six Sigma approach to manage compliance risk
  • Enhance professional excellence with small group coaching
  • Expand perspectives through peer interactions & review 


Risk Identification & Assessment

  • Determine risk appetite & tolerance
  • Identify risk factors & scenarios
  • Assess risk using risk models
  • Case study activities

Risk Response Options & Action Plan

  • Weigh risk response options
  • Prioritize based on quick wins & business case
  • Develop & execute risk action plan
  • Define monitoring metric & threshold
  • Define key risk indicators & triggers
  • Case study activities

Reporting, Escalation & Risk Ownership

  • Assign risk ownership
  • Escalate risk along the three lines of defense
  • Design risk tools 
  • Develop business continuity plan
  • Manage crisis & response to breaches
  • Case study activities

Compliance Risk Management

  • Know the regulatory requirements & landscape
  • Case study activities

Who Should Attend

  • Professionals with minimum 3 years relevant experience in IT risk management & security related function (e.g. security engineer, senior information security officer, senior risk officer, senior compliance or control officer, security administrator)
  • Participants who have completed IBF Standards Technology Level 1 program or show proof of competency at Level 1


Upon successful completion of the course, paticipants will be awarded the SMU Professional Certificate in Governance, IT Risk Management and compliance (IBF Level 2). 

Fees and Funding

Program  Fee

S$3,000 (excluding GST)

Net fee payable upfront for eligible self-sponsored applicants:

Singaporeans and PRs
S$900 (excl. GST)

Singaporeans aged 40 years and above
S$300 (excl. GST)

Application form for self sponsored applicants, please click here.

IBF-STS Funding
IBF-STS Funding of 70% is available to eligible institutions and qualified individuals, subject to meeting the attendance requirement and passing of assessment. The IBF-STS funding is subject to a cap of S$7,000 per participant per programme. Singapore Citizens aged 40 years old and above are eligible for 90% co-funding of direct training costs, subject to the existing grant caps. For terms and conditions, please click here:


Start Date(s)
Intake Information

1 - 3 Aug 2018

Program is held from 9am - 5pm

Speaker/Trainer Bio

Leonard Ong has over 15 years of information and corporate security experiences gained in telecommunication, enterprise and banking industries. He held various roles within the security profession, with responsibilities in information security, corporate security, project management, consulting and business development. Currently Associate Director at Merck, Leonard also serves on the ISACA Board of Directors.


Share this course