IT SECURITY IS CRITICAL TO THE INFRASTRUCTURE OF THE OIL AND NATURAL GAS INDUSTRY, AND THIS CONFERENCE WILL REFLECT ON THE LATEST ISSUES AND STRATEGIES ENHANCING OPERATIONS. THIS CONFERENCE PROVIDES AN EXCELLENT OPPORTUNITY TO NETWORK WITH IT SECURITY PROFESSIONALS, AND TO CANDIDLY SHARE IDEAS AND TO DISCUSS THE CHALLENGES FACING THE INDUSTRY. THESE SESSIONS, ESSENTIAL TO IT SECURITY, ARE CHOSEN AND PRESENTED BY RECOGNIZED MEMBERS IN THE FIELD

PHASE NO. ( 1 )
THE COMPANY SECURITY POLICY
1. SECURITY POLICY
1.1. Security Policy Documents
1.2. Review and Evaluation
2. THE COMPANY SECURITY
2.1. Information security infrastructure
2.2. Security of third party access
2.3. Outsourcing
2.4. Partnerships, Joint ventures and Alliances
3. ASSET CLASSIFICATION AND CONTROL
3.1. Accountability for assets
3.2. Fraud policy  
3.3. Information classification
3.4. Asset Protection
4. PERSONNEL SECURITY
4.1. Security in job definition and resourcing
4.2. User training
4.3. Responding to security incidents and malfunctions
4.4. Joiners, Leavers and Travelers
5. PHYSICAL AND ENVIRONMENTAL SECURITY
5.1. Secure Areas Security
5.2. General Controls
6. COMMUNICATIONS AND OPERATIONS MANAGEMENT
6.1. Operational procedures and responsibilities
6.2. System planning and acceptance
6.3. Protection against malicious software
6.4. Housekeeping
6.5. Network management
6.6. Media handling and security
6.7. Exchanges of information and software
7. LOGICAL ACCESS CONTROL
7.1. Business requirement for access control.
7.2. User access management.
7.3. User responsibilities.
7.4. Network access control
7.5. Operating system access control.
7.6. Application access control
7.7. Monitoring system access and use.
7.8. Mobile computing and Teleporting.
7.9. Internet/Intranet access.
8. DEVELOPMENT AND MAINTENANCE
8.1. Security Requirements
8.2. Security in Application Systems
8.3. Cryptographic Controls
8.4. Security of system files.
8.5. Security in Development and support processes.
8.6. Security During Maintenance
9. BUSINESS CONTINUITY Management.
9.1. Aspects of Business Continuity Management.
10. COMPLIANCE.
10.1. Compliance with Legal Requirements.
10.2. Review of security policy and technical compliance.
10.3. Audit Consideration.
Commercial in Confidence
Uncontrolled when Printed
Commercial in Confidence
A .Annex A
B .Annex B.
C .ANNEXES C .CODE OF CONNECTION.
Issue 4.0
C.1 Background's
C.2 Principle of Connection
C.3 End System Security Policies
C.4 The Company Voice and Data Networks Security Requirements.
PHASE NO. ( 2 ) :
1.1 INTRODUCTION TO SECURITY VULNERABILITY ASSESSMENT.
1.2 OBJECTIVES, INTENDED AUDIENCE AND SCOPE OF THE GUIDANCE
1.3 SECURITY VULNERABILITY ASSESSMENT AND SECURITY MANAGEMENT PRINCIPLES.
SECTION 2 SECURITY VULNERABILITY ASSESSMENT CONCEPTS
2.1 INTRODUCTION TO SVA TERMS.
2.2 RISK DEFINITION FOR SVA.
2.3 CONSEQUENCES
2.4 ASSET ATTRACTIVENESS.
2.5 THREAT.
2.6 VULNERABILITY.
2.7 SVA APPROACH.
2.8 CHARACTERISTICS OF A SOUND SVA APPROACH.
2.9 SVA STRENGTHS AND LIMITATIONS.
2.10 RECOMMENDED TIMES FOR CONDUCTING AND REVIEWING THE SVA.
2.11 VALIDATION AND PRIORITIZATION OF RISKS.
2.12 RISK SCREENING.
SECTION 3 SECURITY VULNERABILITY ASSESSMENT METHODOLOGIES
3.1 OVERVIEW OF THE SVA METHODOLOGY.
3.2 SVA METHODOLOGY.
3.3 STEP 1: ASSETS CHARACTERIZATION.
3.4 STEP 2: THREAT ASSESSMENT.
3.5 SVA STEP 3: VULNERABILITY ANALYSIS
3.6 STEP 4: RISK ANALYSIS/RANKING.
3.7 STEP 5: IDENTIFY COUNTERMEASURES:
3.8 FOLLOW-UP TO THE SVA.
ATTACHMENT 1 – EXAMPLE SVA METHODOLOGY FORMS.
ABBREVIATIONS AND ACRONYMS.
APPENDIX A—SVA SUPPORTING DATA REQUIREMENTS.
APPENDIX B—SVA COUNTERMEASURES CHECKLIST.
APPENDIX C—SVA INTERDEPENDENCIES AND INFRASTRUCTURE CHECKLIST
APPENDIX C1—REFINERY SVA EXAMPLE.
APPENDIX C2—PIPELINE SVA EXAMPLE.
APPENDIX C3—TRUCK TRANSPORTATION SVA EXAMPLE.
APPENDIX C4—RAIL TRANSPORTATION SVA EXAMPLE..
REFERENCES .FIGURES
2.1 Risk Definition.
2.2 SVA Risk Variables.
2.3 Asset Attractiveness Factors.
2.4 Overall Asset Screening Approach
2.5 Recommended Times for Conducting and Reviewing the SVA
3.1 Security Vulnerability Assessment Methodology -Steps .
3.1a Security Vulnerability Assessment Methodology-Step1
3.1b Security Vulnerability Assessment Methodology-Step 2.
3.1c Security Vulnerability Assessment Methodology-Steps 3
3.2 SVA Methodology Timeline
3.3 SVA Team Members
3.4 Sample Objectives Statement.
3.5 Security Events of Concern.
3.6 Description of Step 1 and Sub steps
3.7 Example Candidate Critical Assets..
3.8 Possible Consequences of Security Events
3.9 Example Definitions of Consequences of the Event.
3.10 Description of Step 2 and Sub steps
3.11 Threat Rating Criteria.
3.12 Target Attractiveness Factors (for Terrorism)
3.13 Attractiveness Factors Ranking Definitions (A).
3.14 Description of Step 3 and Sub steps.
3.15 Vulnerability Rating Criteria.
3.16 Description of Step 4 and Sub steps.
3.17 Risk Ranking Matrix
3.18 Description of Step 5 and Sub steps
A SVA Methodology Flow Diagram
METHODOLOGY OF THE COURSE :
•       MOVIE FILMS
•       SLIDES
•       INTERNATIONAL COLORED POSTERS IN ARABIC & ENGLISH WORDS
•       FAVOR HANDOUT WILL HAND OVER FROM THE COMPANY
 

T MANAGEMENT
IT SECURITY PROFESSIONALS OFFICERS
SYSTEM ADMINISTRATORS
DATABASE ADMINISTRATORS
DATA PRIVACY SPECIALISTS
APPLICATION SUPPORT PERSONNEL
LEGAL
HUMAN RESOURCES PROFESSIONALS
IT AUDITORS
COMPLIANCE OFFICERS
CORPORATE SECURITY PROFESSIONALS
ANYONE INTERESTED IN LEARNING ABOUT COMPANY OF THE ART SECURITY PRACTICES AND THEIR PRACTICAL IMPLEMENTATION AS WELL AS SECURING THEIR ENTERPRISE AND ITS CORE PROCESSES.
BASIC TOPICS , MAY INCLUDE  ENDS  

INCREASE SECURITY SKILLS AND INFORMATION ON OIL FACILITIES TO MEET ANY
UNCONTROLLED RISK.
CONDUCT TRIAMINIC IN NEW STANDARD PHILOSOPHY.
TAKING OPPORTUNITY FOR PREPARING SECURITY STAFF, PERSONS & OFFICERS
WITH NEW REQUIRES SKILLS.
ADHERENCE TO COMPANY SECURITY POLICY IN REGARDLESS
ENSURE THAT SECURITY STAFF HAVE A GOOD INFORMATION FOR CRITICAL SITUATION
APPLYING NEW &MODERN SECURITY SYSTEMS AT DEFERMENTS SITE .
CREATE HIGH QUALITY SYSTEM IN ACCORDANCE IN NEW &IMPROVEMENT STANDARDS
FOR THE LEADERS.
MEET THE INTERNATIONAL REQUIREMENT STANDARDS IN SECURITY
UNDERTAKEN THE VALUE OF RECURRENCES PETROLEUM FACILITIES ALL TIME
PROVIDE PARTICIPANTS MAY ATTEND THE COURSE WITH HIGH SECURITY TECHNOLOGY
AS SEARCHED AND DESIGNED.
HIGHLIGHTING ON RISK ASSESSMENT MAY NEEDS.
TRAIN SECURITY OFFICERS BASICALLY.
PROVIDES SECURITY OFFICERS WITH HAIGH RISE INFORMATION

INCREASE SECURITY SKILLS AND ATTITUDE AMONG SECURITY OFFICERS &ENSURING THAT WILL BE APPLE TO ANY CRITICAL &UNCONTROLLED SITUATION AT SITE
PROTECT OIL FACILITIES WITH NEW, DEEP INFORMATION IN REGARDLESS
REDUCE RISK AND HAVING THE PROPER KNOWLEDGE OF ASSESSMENT MAY REQUIRES
ADHERENCE TO THE INTERNATIONAL FAVOR SECURITY STANDARDS AS DESIGNED AND BUILT TO OIL FACILITIES.
CORRECT BAD INFORMATION.
IMPROVE PRACTICAL APPLICATIONS TO THE ATTENDEES.
EXECUTIVE COMPANY POLICY IN HIGH PERFORMANCE.
KEEPING COMPANY REPUTATION SUCCESSFULLY, WITH GOOD ENVIRONMENT.
CONTROLLING RISK OF TERRORIST ATTACKS.
PREVENT PROBLEMS MAY CREATE, AMONG INDIVIDUALS EASLY.
ENSURE THAT DAY WORKS WILL FLOW SECURELY ALL TIME.
PROTECT COMPANY PROPERTIES IN GOOD OPERATIONAL CONDITION AGAINST INTERRUPTERS, PAD ELEMENTS.
LEARN, KNOW, HOW CONDUCT INVESTIGATION SECURELY