As the foundation session of our risk management training courses (including information security and business continuity), this 3-day risk management strategy training and policy workshop session provides thorough coverage of the ISO 31000 and 31010 standards, as well as setting out advice on the implementation of an ERM initiative. The purpose of the training is to:

• Describe the principles and processes of risk management;
• Provide a thorough overview of the requirements of ISO 31000, ISO 31010, and 27005;
• Give practical guidance on designing and implementing a suitable enterprise risk management framework;
• Establish a firm program starting point by using ISO standards 31000, 31010, and 27005 to build out the initial ERM core policy
• Establish a well-developed risk assessment and risk treatment methodology based upon ISO 31010 and ISO 27005 best practices; and
• Provides pre-requisite training for professional certification as an ISO 31000 Certified Internal Controls Risk Analyst™ (CICRA™).

Board members and C-suite executives learn how ISO 31000 ERM can be leveraged to establish better corporate governance, as well as to provide required risk assessments and risk controls for ISO 9001 Quality Management, ISO 14001 Environmental Management, ISO 27001 Information Security, ISO 22301 Business Continuity/Disaster Recovery, ISO 37001 Anti-Bribery and Anti-Corruption, ISO 45001 OHS, and other ISO organizational management systems.

• Learn ISO leadership requirements for board oversight and C-suite executives
• Learn how to properly scope the risk management program
• Establish formal roles and responsibilities to manage operational risk throughout the enterprise
• Establish risk context criteria for risk acceptance, risk evaluation, and business impact 

Get trained and certified in establishing, managing, operating, and auditing an ISO 19600 Compliance Management System 

Every day, organizations face the ever-increasing need to manage and fulfil regulatory and industry requirements to allow them to conduct business. "Compliance" is no longer simply a legal concern isolated to a legal compliance unit. After all, how the organization operates determines its ability to comply with external stakeholder requirements. This means that compliance requirements permeate all business activities - from procurement, to human resource management, to information management, to manufacturing processes, to environmental management - and on and on. Since complying with one requirement can impact compliance with another requirement, compliance with all of the various requirements in total gets quite complicated. Compliance must be very carefully designed, managed, and monitored - throughout the organization. 

Upon completion of this training and certificate program, you will: 

• Understand the principles and processes of risk governance and management;
• Get a thorough overview of the requirements of ISO 19600:2014;
• Get practical guidance on designing and implementing a suitable compliance management framework;
• Establish a firm program starting point by using ISO standard 19600 to build out the initial Compliance Management core policy. Soft-copy editable templates are provided in the instructor-led class:
  • Complete ISO 19600 Compliance Management System Policy 
  • Procedure for Training and Development Needs Analysis document 
  • ERM Program project kick-off document 
  • Leverage ISO best practices to properly manage and monitor compliance requirements 
  • Leverage ISO best practices to implement controls to ensure compliance with stakeholder requirements
  • Establish compliance monitoring, communication, and reporting 

This 2-day ISO 27001 training and certification workshop provides thorough coverage of the ISO 27000 standards, as well as setting out advice on the implementation of an information security initiative. The purpose of the course is to:

• Describe the principles and processes of information security governance and management;
• Provide thorough coverage of the requirements of ISO 27001;
• Give practical guidance on designing a suitable framework;
• Give practical advice on implementing information security management;
• Prepare you for your ISO 27001 certification exams required for Certified Internal Controls Architect (CICA) professional credentialing;
• Establish a firm program starting point by using ISO 27001, ISO 27002, and 27003 to build out the initial Information Security Management core policy; and
• Partially satisfy the pre-requisite training necessary for professional certification as an ISO 27001 Certified Internal Controls Architect (CICA™).

Based upon the ISO 27001 related auditing standards ISO 27007:2011 and 19011:2011, this one-day course will provide an intensive overview of how to manage an internal audit of an organization's risk management program in along with its corresponding information security management system. It will also provide valuable guidance on conducting the internal audits, on establishing and validating the competence of ISMS auditors, and prepare you for your ISO 27001 lead auditor certification exams required for the well-recognized ISO 27001 Lead Auditor professional certification.

This course  is applicable to those needing to understand or conduct internal or external audits of a risk management system supporting an ISMS, or how to manage an ISO 27001 ISMS audit program. This is the only ISO 27001 Lead Auditor training and professional examination program to incorporate ISO's 27007 standard as core content within its program. Building upon the foundation understanding of the ISO 27005 risk management framework and ISO 27001 framework validated by the Certified Internal Controls Architect credential , the ISO 27001 Lead Auditor certification certifies your ability to audit the formal structure, governance, and policy of an ISO 27001 conforming Information Security Management System (ISMS). Furthermore, the ISO 27001 Lead Auditor certification ensures that you are qualified to assure strategic objectives according to core ISO 27001, 27002, 27003, and 27005 best practices. This IRMCB course partially satisfies the prerequisite training necessary for certification as an ISO 27001 Lead Auditor.

The NIST Cybersecurity Framework provides a policy framework of computer security guidance for how private sector organizations in the United States and around the world can assess and improve their ability to prevent, detect, and respond to cyber attacks. The framework has been translated to many languages, and is used by the governments of Japan and Israel, among others.

An Accessible and Powerful Framework

The NIST CSF is now the go-to playbook for countless organizations for building a robust data protection strategy. It’s structured along five core functions — Identify, Protect, Detect, Respond and Recover — each of which captures and curates the essential goals and actions that should be prioritized across the cybersecurity lifecycle.

This 2-day ISO 22301 business continuity training and policy workshop provides participants with a solid understanding of business continuity management. It is based on industry best practice and guidelines for business continuity and reviews the ISO 22301 Standard for business continuity management. Practical exercises and instructor-led discussions will help students understand the benefits of business continuity management in an organization.

This business continuity training will:

• Describe the principles and processes of business continuity management and governance;
• Provide thorough coverage of the requirements of ISO 22301;
• Give practical guidance on designing a suitable framework and business continuity management strategy;
• Give practical advice on setting up and operating business continuity management;
• Partially satisfy the prerequisite training for eligibility to be certified as an ISO 22301 Certified Business Continuity Strategist™ (CBCS™); and
• Establish a firm program starting point by using ISO 22301 to build out the initial Business Continuity Management core policy.

Building upon the foundation understanding of the ISO 22301 Business Continuity Management System (BCMS) platform learned in "Policy Workshop: ISO 22301 Business Continuity Management", this IRMCB course provides participants with the knowledge, methods, and skills to put the previous course's strategy into practice. It is based on industry best practice and guidelines for business continuity based upon the ISO 22301 and 22313 standards. Again, practical exercises and instructor-led discussions will help students understand the techniques to deploy, test, and maintain business continuity management in an organization. This course will partially satisfy the prerequisite training necessary for eligibility for certification as a Certified ISO 22301 Business Continuity Manager™ (CBCM™).

This five-day workshop will enable participants to:

• Plan, deploy, manage, and manage Anti-bribery Management System in accordance with ISO 37001
• Understand the approaches, methods, measures and techniques required for the effective management of Anti-bribery Management System
• Identifying risk and opportunities associated with an organization
• Support an organization in establishing, implementing, managing and maintaining the Anti-bribery Management System as specified in ISO 37001
• Advise organizations on the anti-bribery good practices
• Prepare an organization for an ISO 37001 audit
• Become eligible for professional certification as a Certified ISO 37001 Anti-Bribery & Corruption Manager™ 

This three-day workshop will enable participants to:

• Assess an organization's current capabilities to properly prevent, detect, investigate, and recover losses resulting from internal fraud or abuse;
• Detect a wide variety internal fraud and corruption, including (but not limited to) purchasing and acquisition fraud, payroll fraud, check fraud, reporting fraud, and abuse of company assets;
• Effectively investigate suspicions of internal fraud or abuse to support recovery of losses, possible termination or disciplinary proceedings, or even potential prosecution; and
• Partially satisfy the prerequisite training necessary to be eligible for certification as a Certified Fraud Control Manager™.

This two-day workshop will give participants the knowledge and skills you need to effectively interview and interrogate witnesses, conspirators, and perpetrators potentially involved with incidents of fraud or abuse. Set into a practical workshop format, important concepts are reinforced through your in-class analysis of real videotaped interviews from actual investigations of two cases of internal employee fraud. This session partially satisfies the prerequisite training necessary to be eligible for certification as a Certified Fraud Control Manager ™.

Advance your career by achieving the gold standard of information security professional designations, Certified Information Systems Security Professional certification by (ISC)2.

Earning the CISSP proves you have what it takes to effectively design, implement and manage a best-in-class cybersecurity program. With a CISSP, you validate your expertise and become an (ISC)² member, unlocking a broad array of exclusive resources, educational tools, and peer-to-peer networking opportunities.

Prove your skills, advance your career, and gain the support of a community of cybersecurity leaders here to support you throughout your career.

Prepare with trusted CISSP exam expert Allen Keele. Anytime, anywhere.

The CISA certification is world-renowned as the standard of achievement for those who audit, control, monitor and assess an organization’s information technology and business systems. The recent quarterly IT Skills and Certifications Pay Index (ITSCPI) from Foote Partners ranked CISA among the most sought-after and highest-paying IT certifications. This certification is a must have for entry to mid-career IT professionals looking for leverage in career growth.

ISACA’s Certified Information Security Manager® (CISM®) certification indicates expertise in information security governance, program development and management, incident management and risk management. If you are a mid-career IT professional aspiring to senior management roles in IT security and control, CISM can get you the visibility you need

ISACA’s Certified in Risk and Information Systems Control™ (CRISC®) certification indicates expertise in identifying and managing enterprise IT risk and implementing and maintaining information systems controls. Gain instant recognition and credibility with CRISC and boost your career! If you are a mid-career IT professional with a focus on IT and cyber risk and control, CRISC can get you the leverage you need to grow in your career.

As organizations migrate to the cloud, they need information security professionals who are cloud-savvy. The CCSK certificate is widely recognized as the standard of expertise for cloud security and gives you a cohesive and vendor-neutral understanding of how to secure data in the cloud. The CCSK credential is the foundation to prepare you to earn additional cloud credentials specific to certain vendors or job functions.

Earning the CCSK will provide you with the knowledge to effectively develop a holistic cloud security program relative to globally accepted standards. It covers key areas, including best practices for IAM, cloud incident response, application security, data encryption, SecaaS, securing emerging technologies, and more.

Prepare with trusted CISSP exam expert Allen Keele. Anytime, anywhere.