Secure System

Development Life Cycle

(SDLC)
January 22, 23 & 24, 2018 • 8:30 am – 5:30 pm
ISACA Manila Professional Development Center

Resource Speaker: Danny C. Cheng

CISM, CRISC, Cobit5 (F), ISO 27001:2013 Implementation and Audit

REGISTER NOW and Earn 24 CPE Credits!

For inquiry and reservation, kindly call at T/F (02) 894-2533
Email us at staff@isaca-manila.org
 Secure System Development Life Cycle (SDLC)
January 22, 23 & 24, 2018

TARGET PARTICIPANTS: SOFTWARE REQUIREMENTS:

1. System Developers / Programmers / Analysts / • Please install XAMPP, JDK 1.7/1.8, Netbeans 8.2 and
Testers Eclipse IDE, and Web Browser.
2. ITIL Practitioners who deals with developers • For Netbeans please download the complete version
3. Auditors (both quality and security) and use custom install to include Apache Tomcat.
4. INFOSEC Practitioners • Other software will be installed as needed during the
training.
COURSE OUTLINE:
Day 2
Day 1 Security in Design
Overview of Secure SDLC - Conceptual / Theory Based • Practices in Security based on architecture
• Review of SDLC o Web Applications
• Introduction to Information Security o Mobile Applications
• Overview of System Architectures in relation to o Cloud Computing
Information Security o Service Oriented Architecture
• Ways of Managing Information Security for SDLC • Threat Modeling
• Information Security and Compliance in SDLC • Vulnerability Assessment
• Information Security and Privacy in SDLC

Secure Coding Practices - Implementation Phase in Day 3

SDLC Security in Software and Requirements Analysis
• Implementing OWASP Top 10 Practices • Security and Privacy Requirements
• Implementing CERT Top 10 Coding Practices • Quality Gates
• Static Code Analyzer • Bug Bars
• Use of Approved Tools • Security and Privacy Risk Assessments
• Deprecate Unsafe Functions • Performance Requirements
• Incident Response Plan
 Secure System Development Life Cycle (SDLC)
January 22, 23 & 24, 2018

RESOURCE SPEAKER:
Danny C. Cheng
CISM, CRISC, Cobit5 (F), ISO 27001:2013 Implementation and Audit

Danny has more than 15 years of cumulative experience in the IT industry. His experience covers web
application development, mobile application development, software engineering, secure development,
information security management, business continuity and disaster recovery planning, and IT
governance. He has worked with a wide range of organizations both public and private and has served
as the lead implementer for ISO 27001:2013 for a non-voice BPO. He is currently the department chair
of the Information Technology Department of De La Salle University Manila.
Danny earned his degrees in Bachelor of Science in Computer Science and Master of Science in
Computer Science from De La Salle University Manila and is currently pursuing his PhD in Computer
Science degree in the same university. He is a Certified Information Security Manager (CISM), Certified in
Risk and Information Systems Control (CRISC), COBIT5 Foundation Certificate holder, and ISO 27001:2013
Implementation and Audit Training Certificate holder. He is a Board of Trustee for ISACA Manila Chapter
currently chairing the Academe committee.

COURSE FEES (NON VAT): For inquiry and reservation, kindly call at T/F: (02) 894-2533
ISACA Members — P13,500.00 E-mail us at secretariat@isaca-manila.org or
Non Members — P19,500.00 staff@isaca-manila.org
 REGISTRATION FORM
Secure System Development Life Cycle (SDLC)
January 22, 23 & 24, 2018 | 8:30 am - 5:30 pm
FAX NO.: (02) 894.2533 / 09260045004
NAME MEMBERSHIP
________________________________
 ISACA Member (Php13,500) *___________
COMPANY NAME:
______________________________________________  Non Member (Php19,500)
Pls. specify membership no.
PAYMENT: (pls. check one) Company Personal
COMPANY ADDRESS:
______________________________________________
CONTACT DETAILS:
CURRENT FIELD OF EMPLOYMENT & YEARS OF EXPERIENCE
PROFESSIONAL ACTIVITY _______________________________________
____________________________________ --------------------------------
EMAIL ADDRESS:
REMARKS (SPECIAL ARRANGEMENT—PHYSICAL DISABILITIES, FOOD PREFERENCE, ETC.)
_______________________________________
_____________________________________________

• Fees, speakers and date are subject to change
• Please make your checks payable to “ISACA Manila Chapter”
• Training Fee is inclusive of Training Kit, Refreshments and Training
certificate
• Any cancellations received within the last ten calendar days would be
liable for 50% of the course fees.
• Registered attendees who are unable to attend the above course can
send replacements subject to one week’s notification.
• Cancellations must be received in writing at least one week prior to
course commencement. No-shows would be fully charged
· - - - - - - - - - - - - - - - - - - - - - -- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
I agree to pay the total amount due above for my registration. I have read,
accept and agree to abide by all the terms and conditions stated on this
document.
Name/Representative:________________________________________
Signature :________________________________________
PRIVACY NOTICE & CONSENT
PRIVACY NOTICE
We are committed to respecting your privacy and we recognize the
importance of protecting the information collected about you. All of the
personal information that you have submitted during the registration shall
only be processed in relation to your attendance to this event (i.e., processing
of payments, issuance of certificate and sending of any announcements).
All the information that you have provided in relation to this event shall be
protected with reasonable and appropriate measures, and shall only be
retained as long as necessary in its processing.
If you wish to be opted out from the processing of your information, please do
let us know by sending an email to secretariat@isaca-manila.org.
I have read, accept and agree to the privacy policy of ISACA Manila Chapter.
________________________
Signature over printed name