What: ISACA Pune meet. Risk Assessment by Dr. Pramod Damle
When: Saturday, 16th January, 6pm-8:30pm
Where: Damle Hall, Behind IndSearch Institute, Off Law College Road, Shivajinagar
Registration and Fees: Free for all to attend. No registration required
Risk Assessment (RA) is an integral part of information security program for any organization. It presupposes business impact analysis and embraces all the major assets/ operations. The RA process consists of a detailed study of the threats and vulnerabilities and the resultant exposure the organization faces. It opens the choices of risk treatment (RT) like mitigation, acceptance, transference etc. Hence, a successful RA focuses the limited resources of an organization on the proper risk treatment and thus brings down the residual risk to the level of acceptable risk, thus in turn paving way for the information security governance.
About the Speaker – Dr. Pramod Damle
Dr. Damle is a freelance adviser, evangelist and researcher in information security governance, and has been a member of ISACA, Pune chapter from 2000. For the past 25 years, he has been balancing his IT career between practice and preaching. On the one hand he has contributed to IT missions of MNCs like State Bank of India, Oil India Ltd, Parametric Technologies, L&T, etc., while on the other hand he has been catering to academia like IIMs, IGNOU, Pune university, Symbiosis, etc. at PG/ Doctoral level. He also teaches several IT certification programs of ISACA, ISC2, ISO, QAI. Earlier Dr. Damle worked as IT manager at Bank of Maharashtra, Director at MODVIN, Professor and IT Head at YASHADA and head of education services at MIEL, where he architected one year full-time post-graduate program in information security management (PRISM) that is being run domestically and abroad.
With articles/ research papers for ‘Control’, Computers Today, etc. and a few IT books to his credit, he has designed a series of PC-based games on serious IT topics. Dr. Damle has earned various degrees in Maths, Laws, Commerce, Computers and professional certifications like ISO9001 Tick IT Lead Auditor, ISO27001 Lead Auditor, CAIIB, CISA, CISM, CISSP, SSCP, CSSLP, GIAC GSLC, PMP and PhD in information security.