Select Page
Understanding Data Loss Prevention (DLP)

Understanding Data Loss Prevention (DLP)

Understanding Data Loss Prevention (DLP)

All training runs from 9:00 to 16:30 every day.

About the Data Loss Prevention (DLP) Course

Data Loss is one of the biggest security challenges faced by companies today. This pose significant risks to the organization in terms of compliance to regulations, financial and reputational risk that can result from a breach of confidential data. Organization needs to find ways to protect their data and keep the customer’s data secure through. Data Loss Prevention (DLP) systems is one of the method used for this. It helps organizations to identify, monitor, and protect data in use and in transit.

The workshop will focus on the following topics:

  • Overview of data prevention.
  • The need for data loss prevention.
  • The risk of Data Loss to the organization.
  • A look at leading data loss prevention systems.
  • Understand and learn to implement Data Loss Prevention Solutions to meet the data protection needs.
  • Implement DLP systems with Security Information and Events Management (SIEM) systems.

The Online Classroom includes:

  • Access to recordings and course content for 360 days.
  • Interactive flash cards to reinforce learning
  • Independent reading and learning activities
  • Case studies and real-world scenarios
  • Knowledge checks after each domain
  • Post-course assessment questions to gauge exam readiness

Target Audience

This training course is intended for professionals who would like to keep up to date with the new technology and apply them in real life environment.

  • CISO’s
  • Security Risk Managers
  • Security Engineers
  • Information Security Managers.
  • Information Security Directors.
  • All other security professionals who want to be kept up to date.

 

ISO 27001 Lead Auditor

ISO 27001

Lead Auditor

TRAINING SCHEDULE

ISO 27001 Lead Auditor 4 Days

DATE

20-23 April 2021

TRAINING TYPE

Virtual

ENROLL BELOW

All training runs from 9:00 to 16:30 every day.

About the ISO 27001 Lead Auditor Course

This certification covers the international standard published by the International Standardization Organization (ISO), that describes how to manage information security in a company. ISO 27001 can be implemented in any kind of organization, profit or non-profit, private, small or large government owned. It also enables companies to become certified, which means that an independent certification body has confirmed that an organization has implemented information security compliant with ISO 27001.

During this training course, you will acquire the knowledge and skills to plan and carry out internal and external audits in compliance with ISO 19011 and ISO/IEC 17021-1 certification process. Based on practical exercises, you will be able to master audit techniques and become competent to manage an audit program, audit team, communication with customers, and conflict resolution.

After acquiring the necessary expertise to perform this audit, you can sit for the exam and apply for a “PECB Certified ISO/IEC 27001 Lead Auditor” credential. By holding a PECB Lead Auditor Certificate, you will demonstrate that you have the capabilities and competencies to audit organizations based on best practices. This training is based on both theory and best practices used in ISMS audits. Lecture sessions are illustrated with examples based on case studies. Practical exercises are based on a case study which includes role-playing and discussions. Practice tests are similar to the Certification Exam.

Course Description

  • Understand the operations of an Information Security Management System based on ISO/IEC 27001
  • Acknowledge the correlation between ISO/IEC 27001, ISO/IEC 27002 and other standards and regulatory frameworks
  • Understand an auditor’s role to: plan, lead and follow-up on a management system audit in accordance with ISO 19011
  • Learn how to lead an audit and audit team
  • Learn how to interpret the requirements of ISO/IEC 27001 in the context of an ISMS audit
  • Acquire the competencies of an auditor to: plan an audit, lead an audit, draft reports, and follow-up on an audit in compliance with ISO 19011
Introduction to Information Security Management Systems (ISMS) and ISO/IEC 27001
  • Course objectives and structure
  • Standards and regulatory frameworks
  • Certification process
  • Fundamental principles of Information Security Management Systems
  • Information Security Management Systems (ISMS)
Audit principles, preparation and launching of an audit
  • Fundamental audit concepts and principles
  • Evidence based audit approach
  • Initiating the audit
  • Stage 1 audit
  • Preparing the stage 2 audit (on-site audit)
  • Stage 2 audit (Part 1)
On-site audit activities
  • Stage 2 audit (Part 2)
  • Communication during the audit
  • Audit procedures
  • Creating audit test plans
  • Drafting audit findings and non-conformity reports
Closing the audit
  • Documentation of the audit and the audit quality review
  • Closing the audit
  • Evaluating action plans by the auditor
  • Benefits of the initial audit
  • Managing an internal audit program
  • Competence and evaluation of auditors
  • Closing the training

The Online Classroom includes:

  • Access to recordings and course content for 360 days.
  • Interactive flash cards to reinforce learning
  • Independent reading and learning activities
  • Case studies and real-world scenarios
  • Knowledge checks after each domain
  • Post-course assessment questions to gauge exam readiness

Target Audience

This training course is intended for professionals who are working in the field of information security and would like to use ISO/IEC 27001 International Standard to assess an organization’s ability to meet their own information security requirements.

  • Internal auditors
  • Auditors wanting to perform and lead Information Security Management System (ISMS) certification audits
  • Project managers or consultants wanting to master the Information Security Management System audit process
  • CxO and Senior Managers responsible for the IT governance of an enterprise and the management of its risks
  • Members of an information security team
  • Expert advisors in information technology
  • Technical experts wanting to prepare for an Information security audit function

 

ISO 27001 Information Security Management Lead Implementer

ISO 27001 Information Security Management Lead Implementer

TRAINING SCHEDULE

ISO 27001 Information Security Management Lead Implementer 5 Days
ISO 27001 Information Security Management Lead Implementer (1 day a Week X 5 weeks)

DATE

TBD
TBD

Training Type

Virtual
Virtual

Enroll

All training runs from 9:00 to 16:30 every day.

About the ISO 27001 Lead Implementer Course

ISO/IEC 27001 Lead Implementer five-day intensive course enables the participants to develop an expertise to support an organization in implementing and managing an Information Security Management System (ISMS) as specified in ISO/IEC 27001. Participants will also master the best practices for implementing information security controls from eleven areas of ISO/IEC 27002:2005.

The Online Classroom includes:

  • Access to recordings and course content for 360 days.
  • Interactive flash cards to reinforce learning
  • Independent reading and learning activities
  • Case studies and real-world scenarios
  • Knowledge checks after each domain
  • Post-course assessment questions to gauge exam readiness

Course Description

Key Features of the ISO 27001 Lead Implementer Training:

  • Understanding the application of an Information Security Management System in the ISO/IEC 27001 context
  • Mastering the concepts, approaches, standards, methods and techniques allowing an effective management of an Information Security Management System
  • Understand the relationship between an Information Security Management System, including risk management and controls, and compliance with the requirements of different stakeholders of the organization
  • Acquiring expertise to support an organization in implementing, managing and maintaining an ISMS as specified in ISO/IEC 27001
  • Acquiring the expertise necessary to manage a team in implementing the ISO/IEC 27001:2005 standard
  • Develop personal skills and knowledge required to advise organizations on best practices in management of information security
  • Improve the capacity for analysis and decision-making in a context of information security management
Introduction to Information Security Management System (ISMS) concepts as required by ISO 27001; initiating an ISMS
  • Introduction to the management systems and the process approach
  • Presentation of the ISO 27000 family standards and regulatory framework
  • Fundamental principles of Information Security
  • Preliminary analysis and determining the level of maturity based on ISO 21827
  • Writing a business case and a project plan for the implementation of an ISMS
Planning the implementation of an ISMS based on ISO 27001
  • Defining the scope of an ISMS
  • Drafting an ISMS and Information Security policies
  • Selection of the approach and methodology for risk assessment
  • Risk management: identification, analysis and treatment of risk (based on ISO 27005)
  • Drafting the statement of applicability
Implementing an ISMS based on ISO 27001
  • Implementation of a document management framework
  • Design of and implementation of controls
  • Information Security training, awareness and communication program
  • Incident management (drawing on guidance from ISO 27035)
  • Operations management of an ISMS
Control, monitor and measure an ISMS and the certification audit of the ISMS in accordance with ISO 27001
  • Monitoring the ISMS controls
  • Development of metrics, performance indicators and dashboards in accordance with ISO 27004
  • ISO 27001 internal audit
  • Management review of an ISMS
  • Implementation of a continual improvement program
  • Preparing for an ISO 27001 certification audit

Domain 1: Fundamental principles and concepts in information security

Main Objective: To ensure that the ISO 27001 Lead Implementer candidate can understand, interpret and illustrate the main Information Security concepts related to an Information Security Management System (ISMS)

Domain 2: Information Security Control Best Practice based on ISO 27002

Main Objective: Main Objective: To ensure that the ISO 27001 Lead Implementer candidate can understand, interpret and provide guidance on how to implement and manage Information Security controls best practices based on ISO 27002

Domain 3: Planning an ISMS based on ISO 27001

Main Objective: Main Objective: To ensure that the ISO 27001 Lead Implementer candidate can plan the implementation of an ISMS in preparation for an ISO 27001 certification

Domain 4: Implementing an ISMS based on ISO 27001

Main Objective: To ensure that the ISO 27001 Lead Implementer candidate can implement the processes and security controls of an ISMS required for an ISO 27001 certification

Domain 5: Performance evaluation, monitoring and measurement of an ISMS based on ISO 27001

Main Objective: To ensure that the ISO 27001 Lead Implementer candidate can evaluate, monitor and measure the performance of an ISMS in the context of an ISO 27001 certification

Domain 6: Continuous improvement of an ISMS based on ISO 27001

Main Objective: To ensure that the ISO 27001 Lead Implementer candidate can provide guidance on the continuous improvement of an ISMS in the context of ISO 27001

Domain 7: Preparation for an ISMS certification audit

Main Objective: To ensure that the ISO 27001 Lead Implementer candidate can prepare and assist an organization for the certification of an ISMS against the ISO 27001 standard

Target Audience

This training course is intended for professionals who are working in the field of information security and would like to use ISO/IEC 27001 International Standard to assess an organization’s ability to meet their own information security requirements.

  • Internal auditors
  • Auditors wanting to perform and lead Information Security Management System (ISMS) certification audits
  • Project managers or consultants wanting to master the Information Security Management System audit process
  • CxO and Senior Managers responsible for the IT governance of an enterprise and the management of its risks
  • Members of an information security team
  • Expert advisors in information technology
  • Technical experts wanting to prepare for an Information security audit function