ICTTF Certified Cyber Risk Officer (Singapore)

Course level : Level 4 - Intermediate

Increasing in sophistication, frequency, and persistence, cyber risks are growing more dangerous and diverse, threatening to disrupt our interconnected global financial systems and the institutions that operate and support those systems.

We have partnered with the International Cyber Threat Task Force (ICTTF) to offer this new introductory programme providing a uniquely comprehensive awareness of Cyber Risk Management as a Cyber Risk Officer.

The CCRO (Certified Cyber Risk Officer Course) will aid any key cyber risk management stakeholders, including first and second line managers professionals, and anyone interested in entering this field, in applying the knowledge to their roles, to meet legal and regulatory requirements. It achieves this by bringing students on a journey in holistically understanding the threat landscape and how to develop and support and appropriate strategy and framework aligned with the business strategy of the financial entity they are protecting.

The syllabus modules include high-level fundamental “educational elements” specifically designed for the financial sector private and public entities so they may to apply the content to their specific operational and threat landscape, role in the sector, and legal and regulatory requirements.

Learning outcomes

By attending this programme, you will

Understand the cyber threat landscape
Gain the knowledge, skills and confidence you require to protect the digital assets of your organisation
Support the efforts of or lead the implementation of a cyber risk framework

This course brings you on a journey and commences with how to analyse the inherent cyber risk of your organisation. That includes areas such as:

Organisational Characteristics
Governance Structure
Technology Structure and Systems
Product / Service Delivery Channels
External Cyber Threats

We then gain an understanding of the current cyber risk status of the organisation holistically by exploring key control areas such as:

Cyber Risk Management and Oversight
Cyber Incident Management and Resilience
Cybersecurity Controls
Threat Intelligence and Collaboration
External Dependency –Vendor / Partner Risk

There is a focus on CRQ (Cyber Risk Quantification), meaningful metrics and how to support and develop a cyber strategy that supports your ERM (Enterprise Risk Management) program and business strategy. Security standards, legal and compliance requirements are addressed throughout the material. By the end of the course you will have gained the appropriate knowledge to build, implement or support a risk management framework for your organisation.

Programme overview

The syllabus assumes a non-technical student and covers a range of topics from identification of cyber risks through to risk management options:

Understanding cyber risks and a little technology
Cyber strategy – the business case
Cyber risk quantification and metrics
Cyber leadership and culture
Cyber risk and the law
Cyber resilience and incident management
Third party cyber risk – vendors and remote workers
Putting it together: developing a cyber risk strategy

Download the full course syllabus here

Course format

Course Format

This course is delivered by ICTTF who provide all course materials and student communications.

Online course delivered over 8 weeks
Pre-course orientation module to ensure understanding of key milestones and how assessments are calculated
Online training material includes interactive media such as videos, infographics and activities
Collaborative learning through discussion forums
Continuous assessment throughout the course

Recommended study hours:


Self-Study	Recommended 8-10 hours a week
Face to face workshops	4 hours (1 hour x 4 modules)
Invigilated exam	8 x MCQ Exams (1 per module)

How will you be assessed?

7 essay assignments. One assignment for each of the seven (7) modules.
8 x multiple choice questions examinations

Who is this course for?

This course is suitable for any key cyber risk management stakeholder including first and second line managers who need to understand the threat so they can take practical action to mitigate the risk, and anyone interested in entering this field.

Designation awarded

Certification lasts for three years from the date awarded.

From June 2023 a recertification exam will be available online at www.icttf.org. There will be a fee of €500 for the recertification exam or any resits required.

Funding available for students in Singapore

This programme has been accredited under the IBF Standards, and is eligible for funding under the IBF Standards Training Scheme (IBF-STS), subject to all eligibility criteria being met.

Candidates are advised to assess the suitability of the programme and its relevance to participants’ business activities or job roles. Find out more about IBF Certification here.

IBF-STS provides 80%* funding for direct training costs subject to a cap of S$7,000 per candidate per programme subject to all eligibility criteria being met.