Take the opportunity of being present in Oslo to attend the following DHIS2 Academies after the Annual Conference is over:
DHIS2 Academy: Security Auditing
Friday 14 June, University of Oslo
The Security Auditing Academy aims at providing participants with key principles on security auditing and assessment in the context of DHIS2 and applicable standards and regulations. Participants will get in-depth training on security audit planning and preparation, DHIS2 threat landscape and risk assessment, Audit procedures, DHIS2 Compliance and more.
Course topics
Security audit planning, scoping, and preparation
DHIS2 threat landscape and risk assessment
Audit procedures, checklists, and evidence collection
Dive-in: checking DHIS2 compliance with ISO 27001
Dive-in: checking DHIS2 compliance with privacy regulation
Security assessment tools and automation
Audit report, communication with stakeholders and remediation
Learning Objectives
Understand the principles of security auditing in the context of DHIS2 and applicable standards and regulations
Develop hands-on skills in utilizing security assessment tools to conduct efficient audits
Learn to interpret findings and prepare audit report
Complexity
Intermediate / Advanced
Participants profile:
DHIS2 implementation experts responsible for technical and regulatory compliance
DHIS2 system administrators and security officers
IT architects and interoperability experts
General IT and information security auditors
DHIS2 Academy: Implementing Integrated Information Systems & Security Compliance Management
17 – 20 June, University of Oslo
This course is meant to provide users with tools to understand the benefits of an integrated information system and how DHIS2 can be utilized to implement an integrated system in practice. We will:
Identify the different types of routine data that contribute to an integrated system and discuss how this data can be captured and analyzed in DHIS2.
Discuss implementation considerations including planning and budgeting, infrastructure, security and capacity building.
Identify frameworks for assessing your system and developing long-term work plans.
Define what a typical integrated information systems lifecycle looks like
Learning Objectives - Implementing Integrated Information Systems:
Understand what an integrated information system is
Identify the different types of routine data that contribute to an information system and can be captured and analyzed in DHIS2
Discuss implementing the principles of information system design in DHIS2 through focusing on the use of data
Discuss implementation considerations related to planning and budgeting, capacity building, devices and infrastructure
Discuss frameworks for assessing your system and developing long term work plans through identification of an information systems lifecycle
In addition to the core 3-day course on implementing integrated information systems, we will be adding an additional day to focus on security compliance management. This extra day on security will discuss principles of risk management, security and privacy risks, security strategy and policies, privacy and data protection and security implementation planning.
Learning Objectives - Security Compliance Management:
Define risk management, security and privacy risks, and the technology threat landscape
Review security strategies and policies
Identify how to make security-aware choices, manage incident responses and crises
Review common compliance requirements, documentation frameworks, mandatory management and control actions
Review security budget planning
Define best practices for hiring security teams and communication with stakeholders
Prerequisites: This Academy is a combination of technical and non-technical content. Participants should ideally attend in manager/implementer teams.
Participants profile: This Academy targets:
Operational Leads: You act as the lead project manager and will liaise with senior stakeholders to determine the vision of the HMIS. You are responsible for coordinating projects with internal and external partners and responsible for ensuring the implementation of an integrated design within the HMIS, considering approaches for long-term sustainability and how DHIS2 will function within an overall health information architecture.
Implementers: You are responsible for operationalizing and scaling up the DHIS2 configuration. You work with all other roles in order to understand a program's requirements and develop solutions to meet them. This includes adding additional functionality, integrating new programs, modifying routines to incorporate DHIS2 and supporting users to use the application. Processes and procedures, including upgrade procedures, managing metadata and users, etc. is often also drafted by the implementation team.
DHIS2 Trainers: You support the training of staff to use DHIS2, developing training material, documentation and job aids for use within the implementation. You can operate at various levels, focusing on fundamental concepts including data-entry, to more advanced concepts such as data use or system administration. Trainer's will typically overlap with another role, using their expertise from other roles to inform the content that is presented during training.
Program Managers: You coordinate various project's within the specific program you are responsible for. You are often responsible for the outcomes of these projects and for reporting progress directly within your organization (such as a government ministry). You have a broad understanding of your programs monitoring and evaluation needs, including the inputs and outputs required to manage the program effectively. Program manager's should work with the operational lead responsible for implementing DHIS2 in order to communicate their specific requirements. This can be one of their staff or a coordinating body, such as the Health Information Systems unit.
(Optional) Subject matter experts: You have experience on how services are delivered within various settings (schools, health facilities, etc.) and understand the types of information that is required to effectively monitor and evaluate a program's delivery. You will be able to assist with the review and analysis of data, support the implementation of indicator frameworks and contribute to identifying and defining the types of analysis the program should routinely have access to.