Our digital footprint continues to expand exponentially as organizations now store more information about individuals and record our interactions. Managing how that information is stored, shared, accessed and controlled is complex, complicated to manage and prone to risk.
Risk isn’t restricted to the digital domain either as breaches can occur in unexpected ways such as photographs of highly sensitive information being captured by the press and publicized, to devices with private data becoming lost or stolen.
Organizations today need to be equipped to manage the security of their information or risk exposing themselves to culpability, criminality and liability.
ISO/IEC 27001:2013 is the current international standard that sets out the requirements to establish, implement and continually improve an information security management system.
A management system based on this standard will take into account the needs and objectives of the organization, the security requirements, the business processes, the size and structure of the organization and it can adapt to changes in these areas over time.
An effective management system will also enhance stakeholder confidence when looking at a business’s ability to adequately protect its information assets.
Our courses follow a structure to help you familiarize yourself with the standard in the Requirements course to learning how to implement an ISMS in an organization. To check your ISMS conforms with the standard, we can teach you how to audit or lead a team to conduct the auditing of it. We also have courses for individuals and lead auditors handling the transition from the previous version of the standard, ISO/IEC 27001:2005 to the current version, ISO/IEC 27001:2013.
ISO 27001:2013 Requirements Training Course
- Understand ISO/IEC 27001:2013 requirements
View details for ISO 27001:2013 Requirements Training Course
Implementing ISO/IEC 27001:2013
- Learn how to implement an ISMS based on ISO/IEC 27001:2013
- Be able to implement based on your organization needs
View details for Implementing ISO/IEC 27001:2013
ISO/IEC 27001:2013 Internal Auditor
- Learn how to plan, execute and report on an audit of an Information Security Management System in your organization
View details for ISO/IEC 27001:2013 Internal Auditor
ISO/IEC27001 Auditor/ Lead Auditor
- Learn how to lead, plan, execute and report on an audit of an ISMS with ISO/IEC 27001:2013
View details for ISO/IEC27001 Auditor/ Lead Auditor
Introduction to Cloud Security and CSA STAR Certification
- Obtain an overview of the cloud and cloud services
- Recognize the need for adequate security when using cloud services
- Be aware of how the Cloud Controls Matrix (CCM) can be used to assess cloud security compliance and robustness of your cloud security operations
- Apprehend the role of ISO/IEC 27001 certification in CSA STAR Certification
View details for Introduction to Cloud Security and CSA STAR Certification
Auditing Cloud Security for STAR Certification
- Learn how to audit a cloud service provider's cloud security, assessing compliance with the Cloud Security Alliance (CSA) Cloud Control Matrix ( CCM) and determining a maturity level for their security controls.
View details for Auditing Cloud Security for STAR Certification
Advanced Cloud Security Auditing for CSA STAR Certification
- Define the specific control areas of the CCM and differentiate between them
- Describe what maturity is and how the STAR certification maturity model works
- Apply the maturity model when auditing a provider’s security controls
- Calculate a maturity score for each CCM control area
- Derive a provider’s maturity level from the maturity scores
- Demonstrate how to recommend STAR certification
View details for Advanced Cloud Security Auditing for CSA STAR Certification
Payment Card Industry Data Security Standard ( PCI -DSS) Awareness Course
This1 day PCI DSS Training is primarily aimed at enabling you to understand PCI DSS Standard in your organization.
View details for Payment Card Industry Data Security Standard ( PCI -DSS) Awareness Course
Payment Card Industry Data Security Standard ( PCI -DSS) Implementation Course
This 2 day PCI DSS v3.2 Training is primarily aimed at enabling you to understand and implement PCI DSS Standard successfully in your organization.
View details for Payment Card Industry Data Security Standard ( PCI -DSS) Implementation Course
Implementing ISO/IEC 27017:2015
The purpose of this course is to assist students with adequate knowledge and skills, encourage enterprises to achieve the purpose of cloud services on personal data protection and information security management.
View details for Implementing ISO/IEC 27017:2015
Implementing ISO/IEC 27018:2014
ISO/IEC 27018:2014 establishes commonly accepted control objectives, controls and guidelines for implementing measures to protect Personally Identifiable Information (PII) in accordance with the privacy principles in ISO/IEC 29100 for the public cloud computing environment.
View details for Implementing ISO/IEC 27018:2014
EU General Data Protection Regulation (GDPR) Foundation training course
Our one-day foundation training course to the General Data Protection Regulation (GDPR) will help you understand how it could apply to your organization and the potential benefits.
View details for EU General Data Protection Regulation (GDPR) Foundation training course