ISO/IEC 27002 Introduction Training Course

There is an international focus on combating money laundering. Compliance officers, AML Officers, MLROs, KYC analysts, auditors, and managers need to understand how to ensure adherence to Subsidiary 373.01, the Prevention of Money Laundering and Funding of Terrorism Regulations (PMLFTR).

Under the PMLFTR, all subject persons, including those in the regulated financial services sector, are required to appoint a Money Laundering Reporting Officer (MLRO).

This practical course provides you with the knowledge and essential guidance needed to approach AML compliance within your organization, with particular emphasis on the regulatory environment in Malta.

Description:

Basel III is a global regulatory standard for bank capital adequacy, stress testing, and market liquidity risk. Initially agreed upon by the Basel Committee on Banking Supervision in 2010–2011, the implementation of The Accord has been extended to March 31, 2019. Basel III enhances bank capital requirements by increasing liquidity and reducing leverage.
Unlike Basel I and II, Basel III requires different levels of reserves for various forms of deposits and other types of borrowings. It complements rather than replaces the earlier accords.
Navigating this complex and evolving landscape can be challenging. Our course and training will help you manage these changes and their impact on your institution effectively. We are accredited by and a training partner of the Basel Certification Institute, ensuring that our training and materials are up-to-date and effective.

Objectives:

• To prepare for the Certified Basel Professional Examination.
• To develop practical strategies and techniques for defining, measuring, analyzing, improving, and controlling operational risk within a banking organization.

Target Audience:

• Board members with risk responsibilities
• Chief Risk Officers (CROs) and Heads of Risk Management
• Members of the Risk Management team
• Compliance, legal, and IT support staff
• Equity and Credit Analysts
• Portfolio Managers
• Rating Agency Analysts

Overview:

• An introduction to Basel norms and amendments to the Basel Accord (III)
• Regulations for market, credit, counterparty, and liquidity risk
• Stress testing methodologies, including how to formulate and deliver stress tests
• The potential impact of Basel III on the international banking industry, with practical demonstrations of its application
• The need for new Basel norms
• An overview of the Basel III norms
• The objectives of the Basel III norms
• The timeline for Basel III implementation

Description:

This four-day event (CGEIT training) offers comprehensive preparation for the exam, ensuring that you pass the challenging CGEIT exam on your first attempt.
The CGEIT qualification is an internationally recognized symbol of excellence in IT governance, awarded by ISACA. It is tailored for professionals responsible for managing IT governance or those with significant advisory or assurance responsibilities in this area.
Achieving CGEIT status will enhance your recognition in the industry and increase your influence at the executive level.

Objectives:

This seminar has been designed to prepare participants for the CGEIT examination by enhancing their existing knowledge and understanding, ensuring they are well-prepared to pass the exam as defined by ISACA.

Target Audience:

Our training course is aimed at IT and business professionals with significant experience in IT governance who are preparing to take the CGEIT exam.

Learning Objectives

This COBIT 2019 Foundation course serves as an introduction to COBIT 2019 and aims to help you understand how an integrated business framework for the governance and management of enterprise IT can be leveraged to achieve seamless IT-business integration, cost reductions, and increased productivity. The key areas covered in this course include:

• Introduction to the new framework
• Key concepts and terminology
• Governance and Framework Principles
• Components of the governance system
• Governance and management objectives
• Performance management
• Designing a customized governance system

This instructor-led, live training in Slovakia (online or onsite) is aimed at payment services compliance professionals who wish to create, implement, and enforce a compliance program within an organization.

By the end of this training, participants will be able to:

• Understand the rules set forth by government regulators for payment service providers.
• Create the internal policies and procedures needed to satisfy government regulations.
• Implement a compliance program that adheres to relevant laws.
• Ensures that all corporate processes and procedures comply with the compliance program.
• Uphold the business's reputation while protecting it from lawsuits.

Course Goal:

To ensure that participants gain a fundamental understanding of GRC processes and capabilities, as well as the skills needed to integrate governance, performance management, risk management, internal control, and compliance activities.

Overview:

• Basic terms and definitions in GRC
• Principles governing GRC
• Core components, practices, and activities of GRC
• The relationship between GRC and other disciplines

HIPAA (Health Insurance Portability and Accountability Act of 1996) is a U.S. legislation that sets standards for data privacy and security in the handling and storage of medical information. These guidelines serve as an excellent standard for developing health applications, even outside the United States. HIPAA-compliant applications are widely recognized and trusted on a global scale.

In this instructor-led, live training (remote), participants will gain a foundational understanding of HIPAA through a series of hands-on live-lab exercises.

By the end of this training, participants will be able to:

• Grasp the fundamental principles of HIPAA
• Create health applications that comply with HIPAA standards
• Leverage developer tools for achieving HIPAA compliance

Audience

• Developers
• Product Managers
• Data Privacy Officers

Format of the Course

• The course combines lectures, discussions, and practical exercises with extensive hands-on practice.

Note

• To request a customized training for this course, please contact us to arrange.

Why should you attend?

The ISO/IEC 27001 Foundation training provides a comprehensive introduction to implementing and managing an Information Security Management System (ISMS) as outlined in ISO/IEC 27001. Throughout this course, you will gain a deep understanding of the various components of an ISMS, such as policies, procedures, performance metrics, management commitment, internal audits, management reviews, and continuous improvement.

Upon completing the course, you will be eligible to take the exam and apply for the “PECB Certified ISO/IEC 27001 Foundation” certification. This credential demonstrates that you have a solid grasp of the essential methodologies, requirements, framework, and management approaches specified in the standard.

Who should attend?

• Professionals involved in Information Security Management
• Individuals aiming to acquire knowledge about the core processes of Information Security Management Systems (ISMS)
• Those interested in pursuing a career in Information Security Management

Educational approach

• Lecture sessions are enriched with practical questions and real-world examples
• Practical exercises include case studies and group discussions
• Practice tests mirror the format of the Certification Exam

ISO/IEC 27001 Lead Auditor

The ISO/IEC 27001 Lead Auditor training equips you with the essential expertise to conduct an Information Security Management System (ISMS) audit, leveraging widely recognized auditing principles, procedures, and techniques.

Why should you attend?

Throughout this course, you will gain the knowledge and skills needed to plan and execute both internal and external audits in accordance with ISO 19011 and the ISO/IEC 17021-1 certification process.

Through practical exercises, you will become proficient in audit techniques and develop the competence to manage an audit program, lead an audit team, communicate effectively with clients, and resolve conflicts.

After acquiring the necessary expertise to perform these audits, you can take the exam and apply for the “PECB Certified ISO/IEC 27001 Lead Auditor” credential. Holding a PECB Lead Auditor Certificate will demonstrate your capability and competence to audit organizations based on best practices.

Who should attend?

• Auditors aiming to perform and lead Information Security Management System (ISMS) certification audits
• Managers or consultants seeking to master the ISMS audit process
• Individuals responsible for maintaining compliance with ISMS requirements
• Technical experts preparing for an ISMS audit
• Expert advisors in Information Security Management

Learning objectives

• Understand the operations of an Information Security Management System based on ISO/IEC 27001
• Recognize the relationship between ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks
• Grasp an auditor’s role in planning, leading, and following up on a management system audit according to ISO 19011
• Learn how to lead an audit and manage an audit team
• Understand how to interpret the requirements of ISO/IEC 27001 in the context of an ISMS audit
• Acquire the competencies of an auditor to plan, lead, draft reports, and follow up on audits in compliance with ISO 19011

Educational approach

• The training combines theoretical knowledge with best practices used in ISMS audits
• Lecture sessions are enriched with examples based on case studies
• Practical exercises include role-playing and discussions based on a case study
• Practice tests mirror the Certification Exam format

The ISO/IEC 27002 Lead Manager training equips you with the essential expertise and knowledge needed to support an organization in implementing and managing Information Security controls as outlined in ISO/IEC 27002.

Upon completing this course, you will be eligible to take the exam and apply for the “PECB Certified ISO/IEC 27002 Lead Manager” certification. This certification demonstrates that you have a deep understanding of the principles and techniques required for implementing and managing Information Security Controls based on ISO/IEC 27002.

Who should attend?

• Managers or consultants aiming to implement an Information Security Management System (ISMS) in line with ISO/IEC 27001 and ISO/IEC 27002
• Project managers or consultants looking to master the process of implementing an Information Security Management System
• Individuals responsible for information security, compliance, risk management, and governance within their organization
• Members of information security teams
• Expert advisors in information technology
• Information Security officers
• Privacy officers
• IT professionals
• Chief Technology Officers (CTOs), Chief Information Officers (CIOs), and Chief Information Security Officers (CISOs)

Learning objectives

• Gain expertise in implementing Information Security controls by following the framework and principles of ISO/IEC 27002
• Develop a thorough understanding of the concepts, approaches, standards, methods, and techniques necessary for effectively implementing and managing Information Security controls
• Comprehend the interrelationships between various components of Information Security controls, including responsibility, strategy, acquisition, performance, conformance, and human behavior
• Understand the significance of information security in organizational strategy
• Master the implementation of information security management processes
• Acquire skills in formulating and implementing security requirements and objectives

Educational approach

• This training combines theoretical knowledge with practical application
• Lectures are supplemented with real-world examples to illustrate key concepts
• Practical exercises based on case studies are included to enhance learning
• Review exercises are provided to help prepare for the exam
• A practice test similar to the certification exam is conducted

General Information

• Certification fees are included in the exam price
• Participants will receive training materials containing over 500 pages of information and practical examples
• A participation certificate with 31 CPD (Continuing Professional Development) credits will be issued to participants
• In case of exam failure, you have the option to retake the exam within 12 months at no additional cost

ISO 9001 and ISO 27001 are internationally recognized standards for quality management systems and information security management systems, respectively.

This instructor-led, live training (available online or onsite) is designed for intermediate-level professionals who aim to interpret the ISO 9001 and ISO 27001 standards effectively and conduct internal audits with precision.

By the end of this training, participants will be able to:

• Grasp the principles and requirements outlined in ISO 9001 and ISO 27001.
• Apply the clauses and controls in practical scenarios.
• Plan and execute internal audits that comply with ISO standards.
• Identify areas of nonconformity and suggest appropriate corrective measures.

Format of the Course

• Interactive lectures and discussions.
• Simulated auditing exercises and case studies.
• Practical analysis of quality and security situations.

Course Customization Options

• To request a tailored training program for this course, please contact us to arrange.

Who can attend?

• Auditors looking to perform and lead information security management system (ISMS) audits
• Managers or consultants aiming to master the ISMS audit process
• Individuals responsible for maintaining compliance with ISMS requirements within an organization
• Technical experts preparing for ISMS audits
• Expert advisors in information security management

Learning objectives

By the end of this training course, participants will be able to:

1. Explain the core concepts and principles of an information security management system (ISMS) based on ISO/IEC 27001
2. Interpret the ISO/IEC 27001 requirements for an ISMS from an auditor's perspective
3. Evaluate whether the ISMS conforms to ISO/IEC 27001 requirements, in line with fundamental audit principles and concepts
4. Plan, conduct, and conclude an ISO/IEC 27001 compliance audit, adhering to ISO/IEC 17021-1 requirements, ISO 19011 guidelines, and other best auditing practices
5. Manage an ISO/IEC 27001 audit program effectively

Educational approach

• The training combines theoretical knowledge with practical approaches used in ISMS audits
• Lectures are enriched with examples based on real-world case studies
• Practical exercises involve a case study, including role-playing and discussions
• Practice tests mirror the format of the Certification Exam

Audience

All staff who require a working knowledge of Compliance and Risk Management

Format of the Course

The course combines:

• Facilitated Discussions
• Slide Presentations
• Case Studies
• Practical Examples

Course Objectives

By the end of this course, participants will be able to:

• Understand the key aspects of Compliance and the national and international efforts aimed at managing associated risks
• Define how a company and its employees can establish a Compliance Risk Management Framework
• Explain the roles of the Compliance Officer and Money Laundering Reporting Officer and their integration into business operations
• Gain insight into other critical areas of Financial Crime, particularly in relation to International Business, Offshore Centres, and High-Net-Worth Clients

This instructor-led, live Payment Card Industry Professional training in Slovakia (online or onsite) provides an individual qualification for industry practitioners who wish to demonstrate their professional expertise and understanding of the PCI Data Security Standard (PCI DSS).

By the end of this training, participants will be able to:

• Understand the payment process and the PCI standards designed to protect it.
• Understand the roles and responsibilities for entities involved in the payment industry.
• Have deep insight into, and understanding of, the 12 PCI DSS requirements.
• Demonstrate knowledge of PCI DSS and how it applies to organizations that are involved in the transaction process.

You might be looking to secure your first board seat, or perhaps you have already been appointed to a board role and are preparing for your inaugural meeting. A company may also wish to bring its emerging managers and diverse talents up to speed on the essential knowledge required for effective participation in the boardroom. This one-day program will equip you with everything you need to be confident, informed, and ready to contribute effectively from the moment you step into the boardroom.