BCS Foundation Certificate in Information Security Management Principles (CISMP) Training Course

Description:

Basel III represents a global regulatory framework governing bank capital adequacy, stress testing, and liquidity risk. Initially established by the Basel Committee on Banking Supervision in 2010–11, the implementation timeline for the Accord has been extended to 31st March 2019. Basel III enhances banking resilience by boosting liquidity requirements and reducing leverage.
Unlike its predecessors, Basel III introduces differentiated reserve requirements for various deposit types and borrowings, functioning alongside rather than replacing Basel I and Basel II. Navigating this complex and evolving regulatory landscape can be challenging; our training program is designed to equip you with the tools to manage potential changes and their impact on your institution. As an accredited training partner of the Basel Certification Institute, we guarantee that our materials and instruction are current, effective, and of the highest quality.

Objectives:

• Prepare participants for the Certified Basel Professional Examination.
• Provide practical strategies and techniques for defining, measuring, analyzing, improving, and controlling operational risk within banking organizations.

Target Audience:

• Board members with risk oversight responsibilities
• Chief Risk Officers (CROs) and Heads of Risk Management
• Members of Risk Management teams
• Compliance, legal, and IT support staff
• Equity and Credit Analysts
• Portfolio Managers
• Rating Agency Analysts

Overview:

• Introduction to Basel norms and amendments to the Basel Accord (III)
• Regulations governing market, credit, counterparty, and liquidity risk
• Stress testing methodologies for various risk measures, including formulation and delivery
• The anticipated impact of Basel III on the international banking sector, with practical application demonstrations
• Rationale for the New Basel Norms
• Key features of the Basel III Norms
• Objectives of The Basel III Norms
• Basel III – Timeline

Who is it for:

This qualification is designed for security professionals seeking to grasp the technical and business dimensions of their role, as well as anyone aspiring to work in security architecture.

• System Administrators aiming to transition into security architecture roles
• Technical architects looking to specialise in security architecture

Additionally, this certificate provides a complimentary certification for individuals who have attained or are pursuing CCP status in Information Assurance.

What will I learn:

Upon completion, candidates will be able to:

• Analyze the business environment and identify information risks relevant to the systems.
• Describe and implement security design principles.
• Identify information risks emerging from potential solution architectures.
• Design alternative architectures or countermeasures to mitigate identified information risks.
• Ensure that proposed architectures and countermeasures effectively address the identified information risks.
• Apply standard security techniques and architectures to mitigate security risks.
• Develop new architectures that mitigate risks associated with emerging technologies and business practices.
• Provide consultancy and advice to clarify Information Assurance and architectural challenges.
• Configure ICT systems in compliance with approved security architectures.

Target Audience:

This course is designed for anyone interested in information security, whether to pursue it as a career or to enhance their general business knowledge.

This certificate is ideal for individuals who need to understand Information Security Management Principles, as well as those interested in information security either as a potential career path or as a valuable addition to their business expertise. It establishes a solid foundation for further qualifications and provides a comprehensive overview to help organisations ensure their information is adequately protected.

Learning Outcomes:

Participants will be able to demonstrate:

• A clear understanding of the concepts related to information security management.
• Knowledge of current national legislation and regulations that impact information security management.
• Awareness of national and international standards, frameworks, and organisations that facilitate information security management.
• An understanding of the current business and technical environments in which information security management operates.
• Knowledge of the categorisation, operation, and effectiveness of various types and characteristics of controls.

Note: This is the four-day course, which adds one extra day to the standard delivery to allow more time for exam preparation and practice exercises.

Target Audience:

This certification is designed for professionals engaged in the fields of information security and information assurance.

Learning Outcomes:

Upon completion, candidates will demonstrate the ability to:

• Articulate how effective information risk management delivers significant business value.
• Utilize and explain information risk management terminology with clarity.
• Perform threat and vulnerability assessments, business impact analyses, and risk assessments.
• Apply the fundamental principles of controls and risk treatment.
• Present findings in a structured format suitable for developing a risk treatment plan.
• Implement information classification schemes effectively.

This instructor-led, live training in Portugal (online or onsite) is aimed at advanced-level professionals who wish to gain a comprehensive understanding of fraud examination concepts and prepare for the Certified Fraud Examiner (CFE) exam.

By the end of this training, participants will be able to:

• Gain comprehensive knowledge of fraud examination principles and the fraud examination process.
• Learn to identify, investigate, and prevent various types of financial fraud schemes.
• Understand the legal environment related to fraud, including the legal elements of fraud, relevant laws, and regulations.
• Acquire practical skills in conducting fraud investigations, including evidence collection, interviewing techniques, and data analysis.
• Learn to design and implement effective fraud prevention and deterrence programs within organizations.
• Gain confidence and knowledge to successfully pass the Certified Fraud Examiner (CFE) exam.

Description:

This intensive four-day event (CGEIT training) serves as the definitive preparation for the examination, meticulously designed to ensure you pass the rigorous CGEIT exam on your first attempt.
The CGEIT qualification is an internationally recognised symbol of excellence in IT governance, awarded by ISACA. It is tailored for professionals responsible for managing IT governance or holding significant advisory or assurance responsibilities in this field.
Attaining CGEIT status will enhance your recognition within the marketplace and increase your influence at the executive level.

Objectives:

This seminar is designed to prepare delegates for the CGEIT examination by enabling them to supplement their existing knowledge and understanding, thereby better equipping them to pass the exam as defined by ISACA.

Target Audience:

Our training course is intended for IT and business professionals with substantial IT governance experience who are undertaking the CGEIT exam.

This instructor-led, live training in Portugal (online or onsite) is targeted at intermediate-level cybersecurity professionals seeking to deepen their understanding of GRC frameworks and apply them to secure and compliant business operations.

Upon completion of this training, participants will be able to:

• Comprehend the core components of cybersecurity governance, risk, and compliance.
• Perform risk assessments and formulate risk mitigation strategies.
• Implement compliance measures and manage regulatory obligations.
• Develop and enforce security policies and procedures.

This course offers an expert introduction to the newly enacted Accessibility Law, equipping developers with the practical skills needed to design, develop, and maintain fully accessible applications. Beginning with a contextual discussion on the law's significance and implications, the curriculum rapidly transitions into hands-on coding practices, tools, and testing techniques to ensure compliance and inclusivity for users with disabilities.

Course Objective:

To equip participants with a foundational understanding of GRC processes and capabilities, along with the essential skills needed to integrate governance, performance management, risk management, internal control, and compliance activities effectively.

Course Overview:

• Key GRC terminology and definitions
• Core principles of GRC
• Essential components, practices, and activities
• The interplay between GRC and related disciplines

This instructor-led live training in Portugal (online or onsite) is targeted at developers and administrators seeking to develop software and products that are HiTRUST compliant.

By the end of this training, participants will be able to:

• Understand the core concepts of the HiTrust CSF (Common Security Framework).
• Identify the HITRUST CSF administrative and security control domains.
• Learn about the different types of HiTrust assessments and scoring.
• Understand the certification process and requirements for HiTrust compliance.
• Know the best practices and tips for adopting the HiTrust approach.

The ISO/IEC 27002 Lead Manager training equips you with the essential expertise and knowledge required to assist organisations in implementing and managing Information Security controls, as outlined in ISO/IEC 27002.

Upon completing this course, you will be eligible to take the exam and apply for the “PECB Certified ISO/IEC 27002 Lead Manager” credential. This PECB Lead Manager Certification demonstrates that you have mastered the principles and techniques for implementing and managing Information Security Controls in accordance with ISO/IEC 27002.

Who should attend?

• Managers or consultants aiming to implement an Information Security Management System (ISMS) based on ISO/IEC 27001 and ISO/IEC 27002
• Project managers or consultants looking to master the Information Security Management System implementation process
• Professionals responsible for information security, compliance, risk, and governance within an organisation
• Members of information security teams
• Expert advisors in information technology
• Information Security officers
• Privacy officers
• IT professionals
• CTOs, CIOs and CISOs

Learning objectives

• Gain mastery in implementing Information Security controls by adhering to the framework and principles of ISO/IEC 27002
• Develop a comprehensive understanding of the concepts, approaches, standards, methods, and techniques necessary for the effective implementation and management of Information Security controls
• Comprehend the interrelationships between components of Information Security controls, including responsibility, strategy, acquisition, performance, conformance, and human behaviour
• Appreciate the significance of information security within the broader strategy of an organisation
• Mastery of implementing information security management processes
• Expertise in formulating and implementing security requirements and objectives

Educational approach

• This training integrates both theoretical and practical components
• Lecture sessions supplemented with examples derived from real-life cases
• Practical exercises based on case studies
• Review exercises designed to aid exam preparation
• Practice tests that mirror the format of the certification exam

General Information

• Certification fees are included in the exam price
• Training material comprising over 500 pages of information and practical examples will be provided to participants
• Participants will receive a certificate of participation awarding 31 CPD (Continuing Professional Development) credits
• In the event of an unsuccessful exam result, you may retake the exam free of charge within 12 months

Information security threats and attacks are constantly evolving and becoming more sophisticated. The most effective defence against these risks is the proper implementation and management of information security controls and best practices. Furthermore, robust information security is a key expectation and requirement for customers, legislators, and other interested parties.

This training course is designed to prepare participants to implement an Information Security Management System (ISMS) in accordance with ISO/IEC 27001. It aims to provide a comprehensive understanding of ISMS best practices and establish a framework for its ongoing management and improvement.

Upon completing the training course, you may sit for the exam. If you pass successfully, you can apply for the 'PECB Certified ISO/IEC 27001 Lead Implementer' credential, which validates your ability and practical knowledge to implement an ISMS based on the requirements of ISO/IEC 27001.

Who Should Attend?

• Project managers and consultants involved in or concerned with the implementation of an ISMS
• Expert advisors seeking to master the implementation of an ISMS
• Individuals responsible for ensuring conformity to information security requirements within an organisation
• Members of an ISMS implementation team

General Information

• Certification fees are included in the exam price
• Training material containing over 450 pages of information and practical examples will be distributed
• A participation certificate granting 31 CPD (Continuing Professional Development) credits will be issued
• If the exam is not passed, you may retake it within 12 months free of charge

Educational Approach

• This training course includes essay-type exercises, multiple-choice quizzes, examples, and best practices utilised in the implementation of an ISMS.
• Participants are encouraged to communicate with each other and engage in discussions when completing quizzes and exercises.
• The exercises are based on a case study.
• The structure of the quizzes mirrors that of the certification exam.

Learning Objectives

This training course will help you:

• Gain a comprehensive understanding of the concepts, approaches, methods, and techniques used for the implementation and effective management of an ISMS
• Recognise the correlation between ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks
• Understand the operation of an information security management system and its processes based on ISO/IEC 27001
• Learn how to interpret and implement the requirements of ISO/IEC 27001 within the specific context of an organisation
• Acquire the necessary knowledge to support an organisation in effectively planning, implementing, managing, monitoring, and maintaining an ISMS

Target Audience

This course is designed for all staff members who need a practical grasp of Compliance principles and effective Risk Management strategies.

Course Format

The training employs a blended learning methodology that incorporates:

• Guided discussions
• Slide-based presentations
• Case studies
• Real-world examples

Course Objectives

Upon completion of this course, participants will be able to:

Gain a comprehensive understanding of the fundamental aspects of Compliance, alongside national and international initiatives focused on managing associated risks.

Articulate how organizations and their teams can establish a robust Compliance Risk Management Framework.

Outline the responsibilities of the Compliance Officer and the Money Laundering Reporting Officer, and comprehend how these roles fit within the broader business structure.

Identify key risk areas within Financial Crime, particularly regarding international operations, offshore centres, and high-net-worth clients.

Open Source Software (OSS) Management involves supervising the entire lifecycle of open-source components within an organization to guarantee secure, compliant, and efficient utilization.

This instructor-led training, available online or on-site, targets intermediate IT professionals looking to implement best practices for managing open-source software in corporate and government settings.

Upon completing this course, participants will be equipped to:

• Develop robust OSS policies and governance structures.
• Utilize SBOM and SCA tools to identify, monitor, and manage open-source dependencies.
• Reduce risks linked to licensing issues and security vulnerabilities.
• Optimize OSS adoption to boost innovation and achieve cost efficiencies.

Course Format

• Engaging lectures and group discussions.
• Case studies and scenario-based activities.
• Practical demonstrations using OSS management tools.

Customization Options

• The course can be customized to align with specific organizational OSS policies and toolchains. Please get in touch to arrange.

This instructor-led, live Payment Card Industry Professional training in Portugal (online or onsite) offers a professional qualification for industry practitioners seeking to demonstrate their expertise and comprehension of the PCI Data Security Standard (PCI DSS).

Upon completion of this training, participants will be able to:

• Grasp the payment process and the PCI standards established to safeguard it.
• Comprehend the roles and responsibilities of entities within the payment industry.
• Gain a thorough insight into and understanding of the 12 PCI DSS requirements.
• Showcase knowledge of PCI DSS and its application to organizations involved in the transaction process.