Building up information security according to ISO 27005 Training Course

This instructor-led live training in Portugal (online or onsite) is designed for intermediate-level IT auditors who wish to effectively incorporate AI tools into their audit practices.

By the end of this training, participants will be able to:

• Understand the fundamental concepts of artificial intelligence and its application within IT auditing.
• Leverage AI technologies, including machine learning, NLP, and RPA, to enhance the efficiency, accuracy, and scope of audits.
• Conduct risk assessments using AI tools to facilitate continuous monitoring and proactive risk management.
• Incorporate AI into the planning, execution, and reporting phases of audits, thereby improving overall IT audit effectiveness.

This instructor-led, live training in Portugal (online or onsite) is tailored for advanced-level security analysts who wish to elevate their skills in utilizing advanced Micro Focus ArcSight ESM content to improve an organization's ability to detect, respond, and mitigate cyber threats with greater precision and speed.

By the end of this training, participants will be able to:

• Optimize the use of Micro Focus ArcSight ESM to enhance monitoring and threat detection capabilities.
• Construct and manage advanced ArcSight variables to refine event streams for more precise analysis.
• Develop and implement ArcSight lists and rules for effective event correlation and alerting.
• Apply advanced correlation techniques to identify complex threat patterns and reduce false positives.

Description:

Basel III represents a global regulatory framework governing bank capital adequacy, stress testing, and liquidity risk. Initially established by the Basel Committee on Banking Supervision in 2010–11, the implementation timeline for the Accord has been extended to 31st March 2019. Basel III enhances banking resilience by boosting liquidity requirements and reducing leverage.
Unlike its predecessors, Basel III introduces differentiated reserve requirements for various deposit types and borrowings, functioning alongside rather than replacing Basel I and Basel II. Navigating this complex and evolving regulatory landscape can be challenging; our training program is designed to equip you with the tools to manage potential changes and their impact on your institution. As an accredited training partner of the Basel Certification Institute, we guarantee that our materials and instruction are current, effective, and of the highest quality.

Objectives:

• Prepare participants for the Certified Basel Professional Examination.
• Provide practical strategies and techniques for defining, measuring, analyzing, improving, and controlling operational risk within banking organizations.

Target Audience:

• Board members with risk oversight responsibilities
• Chief Risk Officers (CROs) and Heads of Risk Management
• Members of Risk Management teams
• Compliance, legal, and IT support staff
• Equity and Credit Analysts
• Portfolio Managers
• Rating Agency Analysts

Overview:

• Introduction to Basel norms and amendments to the Basel Accord (III)
• Regulations governing market, credit, counterparty, and liquidity risk
• Stress testing methodologies for various risk measures, including formulation and delivery
• The anticipated impact of Basel III on the international banking sector, with practical application demonstrations
• Rationale for the New Basel Norms
• Key features of the Basel III Norms
• Objectives of The Basel III Norms
• Basel III – Timeline

Target Audience:

This course is designed for individuals with an interest in information security, whether they are considering it as a professional career path or seeking to enhance their general business knowledge.

The certification is suitable for anyone who needs to understand the principles of Information Security Management. It is particularly valuable for those interested in information security as a potential career or as a complementary skill set within their broader business expertise. The course provides a solid foundational base upon which further qualifications can be developed, or it offers a comprehensive general understanding that enables organisations to begin protecting their information appropriately.

Learning Outcomes:

Upon completion, candidates should be able to demonstrate:

• Knowledge of the core concepts related to information security management.
• An understanding of current national legislation and regulations that impact information security management.
• Awareness of existing national and international standards, frameworks, and organisations that support information security management.
• A comprehension of the current business and technical environments in which information security management operates.
• Knowledge of the categorisation, operation, and effectiveness of controls of various types and characteristics.

This instructor-led, live training in Portugal (online or onsite) is aimed at advanced-level professionals who wish to gain a comprehensive understanding of fraud examination concepts and prepare for the Certified Fraud Examiner (CFE) exam.

By the end of this training, participants will be able to:

• Gain comprehensive knowledge of fraud examination principles and the fraud examination process.
• Learn to identify, investigate, and prevent various types of financial fraud schemes.
• Understand the legal environment related to fraud, including the legal elements of fraud, relevant laws, and regulations.
• Acquire practical skills in conducting fraud investigations, including evidence collection, interviewing techniques, and data analysis.
• Learn to design and implement effective fraud prevention and deterrence programs within organizations.
• Gain confidence and knowledge to successfully pass the Certified Fraud Examiner (CFE) exam.

Description:

This intensive four-day event (CGEIT training) serves as the definitive preparation for the examination, meticulously designed to ensure you pass the rigorous CGEIT exam on your first attempt.
The CGEIT qualification is an internationally recognised symbol of excellence in IT governance, awarded by ISACA. It is tailored for professionals responsible for managing IT governance or holding significant advisory or assurance responsibilities in this field.
Attaining CGEIT status will enhance your recognition within the marketplace and increase your influence at the executive level.

Objectives:

This seminar is designed to prepare delegates for the CGEIT examination by enabling them to supplement their existing knowledge and understanding, thereby better equipping them to pass the exam as defined by ISACA.

Target Audience:

Our training course is intended for IT and business professionals with substantial IT governance experience who are undertaking the CGEIT exam.

This instructor-led, live training in Portugal (online or onsite) is targeted at intermediate-level cybersecurity professionals seeking to deepen their understanding of GRC frameworks and apply them to secure and compliant business operations.

Upon completion of this training, participants will be able to:

• Comprehend the core components of cybersecurity governance, risk, and compliance.
• Perform risk assessments and formulate risk mitigation strategies.
• Implement compliance measures and manage regulatory obligations.
• Develop and enforce security policies and procedures.

This course offers an expert introduction to the newly enacted Accessibility Law, equipping developers with the practical skills needed to design, develop, and maintain fully accessible applications. Beginning with a contextual discussion on the law's significance and implications, the curriculum rapidly transitions into hands-on coding practices, tools, and testing techniques to ensure compliance and inclusivity for users with disabilities.

Course Objective:

To equip participants with a foundational understanding of GRC processes and capabilities, along with the essential skills needed to integrate governance, performance management, risk management, internal control, and compliance activities effectively.

Course Overview:

• Key GRC terminology and definitions
• Core principles of GRC
• Essential components, practices, and activities
• The interplay between GRC and related disciplines

This instructor-led live training in Portugal (online or onsite) is targeted at developers and administrators seeking to develop software and products that are HiTRUST compliant.

By the end of this training, participants will be able to:

• Understand the core concepts of the HiTrust CSF (Common Security Framework).
• Identify the HITRUST CSF administrative and security control domains.
• Learn about the different types of HiTrust assessments and scoring.
• Understand the certification process and requirements for HiTrust compliance.
• Know the best practices and tips for adopting the HiTrust approach.

The ISO/IEC 27002 Lead Manager training equips you with the essential expertise and knowledge required to assist organisations in implementing and managing Information Security controls, as outlined in ISO/IEC 27002.

Upon completing this course, you will be eligible to take the exam and apply for the “PECB Certified ISO/IEC 27002 Lead Manager” credential. This PECB Lead Manager Certification demonstrates that you have mastered the principles and techniques for implementing and managing Information Security Controls in accordance with ISO/IEC 27002.

Who should attend?

• Managers or consultants aiming to implement an Information Security Management System (ISMS) based on ISO/IEC 27001 and ISO/IEC 27002
• Project managers or consultants looking to master the Information Security Management System implementation process
• Professionals responsible for information security, compliance, risk, and governance within an organisation
• Members of information security teams
• Expert advisors in information technology
• Information Security officers
• Privacy officers
• IT professionals
• CTOs, CIOs and CISOs

Learning objectives

• Gain mastery in implementing Information Security controls by adhering to the framework and principles of ISO/IEC 27002
• Develop a comprehensive understanding of the concepts, approaches, standards, methods, and techniques necessary for the effective implementation and management of Information Security controls
• Comprehend the interrelationships between components of Information Security controls, including responsibility, strategy, acquisition, performance, conformance, and human behaviour
• Appreciate the significance of information security within the broader strategy of an organisation
• Mastery of implementing information security management processes
• Expertise in formulating and implementing security requirements and objectives

Educational approach

• This training integrates both theoretical and practical components
• Lecture sessions supplemented with examples derived from real-life cases
• Practical exercises based on case studies
• Review exercises designed to aid exam preparation
• Practice tests that mirror the format of the certification exam

General Information

• Certification fees are included in the exam price
• Training material comprising over 500 pages of information and practical examples will be provided to participants
• Participants will receive a certificate of participation awarding 31 CPD (Continuing Professional Development) credits
• In the event of an unsuccessful exam result, you may retake the exam free of charge within 12 months

Information security threats and attacks are constantly evolving and becoming more sophisticated. The most effective defence against these risks is the proper implementation and management of information security controls and best practices. Furthermore, robust information security is a key expectation and requirement for customers, legislators, and other interested parties.

This training course is designed to prepare participants to implement an Information Security Management System (ISMS) in accordance with ISO/IEC 27001. It aims to provide a comprehensive understanding of ISMS best practices and establish a framework for its ongoing management and improvement.

Upon completing the training course, you may sit for the exam. If you pass successfully, you can apply for the 'PECB Certified ISO/IEC 27001 Lead Implementer' credential, which validates your ability and practical knowledge to implement an ISMS based on the requirements of ISO/IEC 27001.

Who Should Attend?

• Project managers and consultants involved in or concerned with the implementation of an ISMS
• Expert advisors seeking to master the implementation of an ISMS
• Individuals responsible for ensuring conformity to information security requirements within an organisation
• Members of an ISMS implementation team

General Information

• Certification fees are included in the exam price
• Training material containing over 450 pages of information and practical examples will be distributed
• A participation certificate granting 31 CPD (Continuing Professional Development) credits will be issued
• If the exam is not passed, you may retake it within 12 months free of charge

Educational Approach

• This training course includes essay-type exercises, multiple-choice quizzes, examples, and best practices utilised in the implementation of an ISMS.
• Participants are encouraged to communicate with each other and engage in discussions when completing quizzes and exercises.
• The exercises are based on a case study.
• The structure of the quizzes mirrors that of the certification exam.

Learning Objectives

This training course will help you:

• Gain a comprehensive understanding of the concepts, approaches, methods, and techniques used for the implementation and effective management of an ISMS
• Recognise the correlation between ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks
• Understand the operation of an information security management system and its processes based on ISO/IEC 27001
• Learn how to interpret and implement the requirements of ISO/IEC 27001 within the specific context of an organisation
• Acquire the necessary knowledge to support an organisation in effectively planning, implementing, managing, monitoring, and maintaining an ISMS

Target Audience

This course is designed for all staff members who need a practical grasp of Compliance principles and effective Risk Management strategies.

Course Format

The training employs a blended learning methodology that incorporates:

• Guided discussions
• Slide-based presentations
• Case studies
• Real-world examples

Course Objectives

Upon completion of this course, participants will be able to:

Gain a comprehensive understanding of the fundamental aspects of Compliance, alongside national and international initiatives focused on managing associated risks.

Articulate how organizations and their teams can establish a robust Compliance Risk Management Framework.

Outline the responsibilities of the Compliance Officer and the Money Laundering Reporting Officer, and comprehend how these roles fit within the broader business structure.

Identify key risk areas within Financial Crime, particularly regarding international operations, offshore centres, and high-net-worth clients.

Open Source Software (OSS) Management involves supervising the entire lifecycle of open-source components within an organization to guarantee secure, compliant, and efficient utilization.

This instructor-led training, available online or on-site, targets intermediate IT professionals looking to implement best practices for managing open-source software in corporate and government settings.

Upon completing this course, participants will be equipped to:

• Develop robust OSS policies and governance structures.
• Utilize SBOM and SCA tools to identify, monitor, and manage open-source dependencies.
• Reduce risks linked to licensing issues and security vulnerabilities.
• Optimize OSS adoption to boost innovation and achieve cost efficiencies.

Course Format

• Engaging lectures and group discussions.
• Case studies and scenario-based activities.
• Practical demonstrations using OSS management tools.

Customization Options

• The course can be customized to align with specific organizational OSS policies and toolchains. Please get in touch to arrange.

This instructor-led, live Payment Card Industry Professional training in Portugal (online or onsite) offers a professional qualification for industry practitioners seeking to demonstrate their expertise and comprehension of the PCI Data Security Standard (PCI DSS).

Upon completion of this training, participants will be able to:

• Grasp the payment process and the PCI standards established to safeguard it.
• Comprehend the roles and responsibilities of entities within the payment industry.
• Gain a thorough insight into and understanding of the 12 PCI DSS requirements.
• Showcase knowledge of PCI DSS and its application to organizations involved in the transaction process.