Search Results

14 Products Found:

Our Price: $1,995.00

SKU: 29100-CLPI-LI-V |

MASTERING THE IMPLEMENTATION AND MANAGEMENT OF A PRIVACY FRAMEWORK (5 DAY COURSE FOR VIRTUAL PARTICIPANTS ONLY)

SUMMARY
This five-day intensive course enables Virtual Participants to develop the necessary expertise to support an organization in implementing and managing a Privacy Framework based on ISO 29100, the Generally Accepted Privacy principles and guidance from international information commissioners. Participants will gain a thorough understanding of how to design, build and lead organizations privacy programs covering business processes, ICT systems and services, through the use of best practices. The training provides a privacy framework which specifies a common privacy terminology, defines the actors and their roles in processing personally identifiable information (PII), describes privacy safeguarding considerations and provides references to known privacy principles for information technology. Based on this knowledge delegates will have the skills to build privacy frameworks that allow their organisation to maintain compliance to the many privacy directives and laws worldwide.

Who Should Attend?
▶▶ Project managers or consultants wanting to prepare and to support organizations on implementing and managing a Privacy Framework
▶▶ Security auditors who wish to fully understand the Privacy Framework implementation process
▶▶ Experienced IT security management professionals
▶▶ IT security professionals interested in earning Privacy Management Framework certification
▶▶ Privacy Officers, Data Protection Officers, and Compliance professionals with an interest in privacy legislation and risk
▶▶ Security professionals with front-line experience
▶▶ Information security staff
▶▶ Expert advisors in information technology
▶▶ Persons and organizations involved in tasks where privacy controls are required for the processing of PII
▶▶ Legal practitioners who wish to understand the practical aspects of privacy frameworks

Learning Objectives

▶▶ To understand the core competences on Privacy Framework
▶▶ To gain a comprehensive understanding of the concepts, approaches, standards, methods and techniques required for the effective protection of personally identifiable information (PII)
▶▶ To define privacy safeguarding requirements related to PII within an ICT environment
▶▶ To understand the relationship between the components of Privacy Framework with existing security standards and various applicable laws
▶▶ To acquire necessary expertise in privacy governance, specifically in personally identifiable information governance
▶▶ To acquire necessary expertise in privacy risk management compliance connected with personally identifiable information
▶▶ To develop knowledge and skills required to advise for improve organizations’ privacy programs through the use of best practices
▶▶ To improve the capacity for analysis of privacy incident management
▶▶ To understand the relationship between the components of Privacy Framework with existing security standards and various applicable laws and directives


Course Agenda

Day 1 - Introduction to Privacy Framework concepts as recommended by ISO 29100

▶▶ Introduction to Privacy Framework concepts as recommended by ISO 29100
▶▶ Privacy Framework based on ISO 29100 and regulatory framework
▶▶ Fundamental Principles of Privacy
▶▶ Privacy Legislation US & Europe including the existing and new EU directives
▶▶ Writing a business case and a project plan for the implementation of a Privacy Framework
▶▶ Initiating the Privacy Framework implementation

Day 2 - Planning the implementation of the Privacy Framework

▶▶ Preliminary analysis of Existing Controls
▶▶ Leadership and approval of the Privacy Framework project
▶▶ Defining the scope of a Privacy Framework
▶▶ Development of a Privacy policy
▶▶ Selection of the approach and methodology for risk assessment
▶▶ Control Statement and management decision to implement the Privacy Framework
▶▶ Definition of the organizational structure of Privacy

Day 3 - Implementing a Privacy Framework

▶▶ Implementation of a document management framework
▶▶ Design of controls and writing procedures and specific policies
▶▶ Implementation of privacy controls
▶▶ Development of a training and awareness program and communicating about the privacy to Development of a training and awareness program and communicating about privacy
▶▶ Incident management
▶▶ Operations Management

Day 4 - Privacy Framework measurement and continuous improvement
▶▶ Monitoring, Measurement, Analysis and Evaluation
▶▶ Internal Audit
▶▶ Management Review
▶▶ Treatment of problems and points of concern
▶▶ Continual improvement
▶▶ Competence and evaluation of implementers

Day 5 - Certification Exam

A certificate will be issued to participants who successfully pass the exam and comply with all the other requirements related to the selected credential. Please see the course flyer or brochure for details on the "other requirements".


General Information:

▶Certification fees are included in the exam price


▶▶Participant manuals contains over 450 pages of information and practical examples


▶▶A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued to participants


▶▶In case of failure of the exam, participants are allowed to retake the exam for free under certain conditions


WHY CHOOSE GRCme University and PECB?
The GRC Sphere, working in conjunction with PECB, is a certification body for persons, management systems, and products on a wide range of international standards. As a global provider of training, examination, audit, and certification services, we offer our expertise across multiple fields. We help organizations to show commitment and competence with internationally recognized standards by providing this assurance through the education, evaluation and certification against rigorous, internationally recognized competence requirements. With a global coverage across 150 countries worldwide, our mission is to provide our clients comprehensive services that inspire trust, continual improvement, demonstrate recognition, and benefit society as a whole.

PLEASE MAKE SURE TO VISIT OUR GRCme UNIVERSITY LOCATION ON THE WEB TO DOWNLOAD ANY OF OUR CURRICULA OR COURSE DESCRIPTIONS IN .PDF FORMAT.
THERE ARE NO MEMBER FEES TO ACCESS THIS FREE INFORMATION.
http://www.grcsphere.org/

Our Price: $2,795.00

SKU: 29100-CLPI-LI |

MASTERING THE IMPLEMENTATION AND MANAGEMENT OF A PRIVACY FRAMEWORK

SUMMARY
This five-day intensive course enables participants to develop the necessary expertise to support an organization in implementing and managing a Privacy Framework based on ISO 29100, the Generally Accepted Privacy principles and guidance from international information commissioners. Participants will gain a thorough understanding of how to design, build and lead organizations privacy programs covering business processes, ICT systems and services, through the use of best practices. The training provides a privacy framework which specifies a common privacy terminology, defines the actors and their roles in processing personally identifiable information (PII), describes privacy safeguarding considerations and provides references to known privacy principles for information technology. Based on this knowledge delegates will have the skills to build privacy frameworks that allow their organisation to maintain compliance to the many privacy directives and laws worldwide.

Who Should Attend?
▶▶ Project managers or consultants wanting to prepare and to support organizations on implementing and managing a Privacy Framework
▶▶ Security auditors who wish to fully understand the Privacy Framework implementation process
▶▶ Experienced IT security management professionals
▶▶ IT security professionals interested in earning Privacy Management Framework certification
▶▶ Privacy Officers, Data Protection Officers, and Compliance professionals with an interest in privacy legislation and risk
▶▶ Security professionals with front-line experience
▶▶ Information security staff
▶▶ Expert advisors in information technology
▶▶ Persons and organizations involved in tasks where privacy controls are required for the processing of PII
▶▶ Legal practitioners who wish to understand the practical aspects of privacy frameworks

Learning Objectives

▶▶ To understand the core competences on Privacy Framework
▶▶ To gain a comprehensive understanding of the concepts, approaches, standards, methods and techniques required for the effective protection of personally identifiable information (PII)
▶▶ To define privacy safeguarding requirements related to PII within an ICT environment
▶▶ To understand the relationship between the components of Privacy Framework with existing security standards and various applicable laws
▶▶ To acquire necessary expertise in privacy governance, specifically in personally identifiable information governance
▶▶ To acquire necessary expertise in privacy risk management compliance connected with personally identifiable information
▶▶ To develop knowledge and skills required to advise for improve organizations’ privacy programs through the use of best practices
▶▶ To improve the capacity for analysis of privacy incident management
▶▶ To understand the relationship between the components of Privacy Framework with existing security standards and various applicable laws and directives


Course Agenda

Day 1 - Introduction to Privacy Framework concepts as recommended by ISO 29100

▶▶ Introduction to Privacy Framework concepts as recommended by ISO 29100
▶▶ Privacy Framework based on ISO 29100 and regulatory framework
▶▶ Fundamental Principles of Privacy
▶▶ Privacy Legislation US & Europe including the existing and new EU directives
▶▶ Writing a business case and a project plan for the implementation of a Privacy Framework
▶▶ Initiating the Privacy Framework implementation

Day 2 - Planning the implementation of the Privacy Framework

▶▶ Preliminary analysis of Existing Controls
▶▶ Leadership and approval of the Privacy Framework project
▶▶ Defining the scope of a Privacy Framework
▶▶ Development of a Privacy policy
▶▶ Selection of the approach and methodology for risk assessment
▶▶ Control Statement and management decision to implement the Privacy Framework
▶▶ Definition of the organizational structure of Privacy

Day 3 - Implementing a Privacy Framework

▶▶ Implementation of a document management framework
▶▶ Design of controls and writing procedures and specific policies
▶▶ Implementation of privacy controls
▶▶ Development of a training and awareness program and communicating about the privacy to Development of a training and awareness program and communicating about privacy
▶▶ Incident management
▶▶ Operations Management

Day 4 - Privacy Framework measurement and continuous improvement
▶▶ Monitoring, Measurement, Analysis and Evaluation
▶▶ Internal Audit
▶▶ Management Review
▶▶ Treatment of problems and points of concern
▶▶ Continual improvement
▶▶ Competence and evaluation of implementers

Day 5 - Certification Exam

A certificate will be issued to participants who successfully pass the exam and comply with all the other requirements related to the selected credential. Please see the course flyer or brochure for details on the "other requirements".

General Information:

▶Certification fees are included in the exam price


▶▶Participant manuals contains over 450 pages of information and practical examples


▶▶A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued to participants


▶▶In case of failure of the exam, participants are allowed to retake the exam for free under certain conditions


WHY CHOOSE GRCme University and PECB?
The GRC Sphere, working in conjunction with PECB, is a certification body for persons, management systems, and products on a wide range of international standards. As a global provider of training, examination, audit, and certification services, we offer our expertise across multiple fields. We help organizations to show commitment and competence with internationally recognized standards by providing this assurance through the education, evaluation and certification against rigorous, internationally recognized competence requirements. With a global coverage across 150 countries worldwide, our mission is to provide our clients comprehensive services that inspire trust, continual improvement, demonstrate recognition, and benefit society as a whole.

PLEASE MAKE SURE TO VISIT OUR GRCme UNIVERSITY LOCATION ON THE WEB TO DOWNLOAD ANY OF OUR CURRICULA OR COURSE DESCRIPTIONS IN .PDF FORMAT.
THERE ARE NO MEMBER FEES TO ACCESS THIS FREE INFORMATION.
http://www.grcsphere.org/

Our Price: $559.00

SKU: 27005-IN |
PECB CERTIFIED ISO / IEC 27005 INTRODUCTION COURSE

LEARN THE BEST PRACTICES AND IMPLEMENTATION OF RISK MANAGEMENT BASED ON ISO / IEC 27005

SUMMARY
This one day course allows the participants to familiarize themselves with the fundamentals of risk management related to information security using the standard ISO/IEC 27005:2011 as a reference framework. Participants will see different parts of a risk management program and the implementation stages of an optimal risk assessment. It should be noted that this course fits perfectly into the framework of a process of implementation of ISO/IEC 27001.

PREREQUISITES: None

EXAMINATION AND CERTIFICATION: None

Who Should Attend:

▶▶ IT professionals wishing to obtain a comprehensive understanding of risk management within an organization
▶▶ Staff implementing or seeking to comply with ISO/IEC 27001 or involved in a risk management program
▶▶ Member of the information security team
▶▶ Professionals wanting to gain a comprehensive knowledge of ISO/IEC 27005

Learning Objectives:

▶ To understand the basics of the implementation, management and maintenance of an ongoing risk management program
▶▶To introduce the concepts, approaches, standards, methods and techniques allowing an effective management of risk
▶▶ To interpret the requirements of ISO/IEC 27001 on information security risk management
▶▶ To understand the relationship between the information security risk management, the security controls and the compliance with the requirements of different stakeholders of an organization

Course Agenda:

▶ Concepts and definitions related to risk management
▶▶ Standards, frameworks and methodologies in risk management
▶▶ Implement a risk management program
▶▶ Risk identification and risk analysis
▶▶ Risk evaluation and risk treatment
▶▶ Acceptance of risk and management of residual risks
▶▶ Communicating, monitoring and controlling risk


General Information
▶ A student manual containing over 100 pages of information and practical examples are given to the participants
▶▶ A participation certificate of 7 CPD (Continuing Professional Development) credits is awarded to the participants

WHY CHOOSE GRCme University and PECB?
The GRC Sphere, working in conjunction with PECB, is a certification body for persons, management systems, and products on a wide range of international standards. As a global provider of training, examination, audit, and certification services, we offer our expertise across multiple fields. We help organizations to show commitment and competence with internationally recognized standards by providing this assurance through the education, evaluation and certification against rigorous, internationally recognized competence requirements. With a global coverage across 150 countries worldwide, our mission is to provide our clients comprehensive services that inspire trust, continual improvement, demonstrate recognition, and benefit society as a whole.

PLEASE MAKE SURE TO VISIT OUR GRCme UNIVERSITY LOCATION ON THE WEB TO DOWNLOAD ANY OF OUR CURRICULA OR COURSE DESCRIPTIONS IN .PDF FORMAT.
THERE ARE NO MEMBER FEES TO ACCESS THIS FREE INFORMATION.
http://www.grcsphere.org/

Our Price: $395.00

SKU: 27005-IN-V |
PECB CERTIFIED ISO / IEC 27005 INTRODUCTION COURSE (1 DAY COURSE FOR VIRTUAL PARTICIPANTS ONLY)

LEARN THE BEST PRACTICES AND IMPLEMENTATION OF RISK MANAGEMENT BASED ON ISO / IEC 27005

SUMMARY
This one day course allows the Virtual Participants to familiarize themselves with the fundamentals of risk management related to information security using the standard ISO/IEC 27005:2011 as a reference framework. Participants will see different parts of a risk management program and the implementation stages of an optimal risk assessment. It should be noted that this course fits perfectly into the framework of a process of implementation of ISO/IEC 27001.

PREREQUISITES: None

EXAMINATION AND CERTIFICATION: None

Who Should Attend:

▶▶ IT professionals wishing to obtain a comprehensive understanding of risk management within an organization
▶▶ Staff implementing or seeking to comply with ISO/IEC 27001 or involved in a risk management program
▶▶ Member of the information security team
▶▶ Professionals wanting to gain a comprehensive knowledge of ISO/IEC 27005

Learning Objectives:

▶ To understand the basics of the implementation, management and maintenance of an ongoing risk management program
▶▶To introduce the concepts, approaches, standards, methods and techniques allowing an effective management of risk
▶▶ To interpret the requirements of ISO/IEC 27001 on information security risk management
▶▶ To understand the relationship between the information security risk management, the security controls and the compliance with the requirements of different stakeholders of an organization

Course Agenda:

▶ Concepts and definitions related to risk management
▶▶ Standards, frameworks and methodologies in risk management
▶▶ Implement a risk management program
▶▶ Risk identification and risk analysis
▶▶ Risk evaluation and risk treatment
▶▶ Acceptance of risk and management of residual risks
▶▶ Communicating, monitoring and controlling risk


General Information
▶ A student manual containing over 100 pages of information and practical examples are given to the participants
▶▶ A participation certificate of 7 CPD (Continuing Professional Development) credits is awarded to the participants

WHY CHOOSE GRCme University and PECB?
The GRC Sphere, working in conjunction with PECB, is a certification body for persons, management systems, and products on a wide range of international standards. As a global provider of training, examination, audit, and certification services, we offer our expertise across multiple fields. We help organizations to show commitment and competence with internationally recognized standards by providing this assurance through the education, evaluation and certification against rigorous, internationally recognized competence requirements. With a global coverage across 150 countries worldwide, our mission is to provide our clients comprehensive services that inspire trust, continual improvement, demonstrate recognition, and benefit society as a whole.

PLEASE MAKE SURE TO VISIT OUR GRCme UNIVERSITY LOCATION ON THE WEB TO DOWNLOAD ANY OF OUR CURRICULA OR COURSE DESCRIPTIONS IN .PDF FORMAT.
THERE ARE NO MEMBER FEES TO ACCESS THIS FREE INFORMATION.
http://www.grcsphere.org/

Our Price: $2,795.00

SKU: 27001-ISE-MS |
ISO / IEC 27001 Information Security Essentials (ISE) Certification

Increase your company value with cost efficiency under ISE Certification by showing compliance to major Information Security requirements.

Summary
Certification under ISE is granted to the companies that show their conformance towards the implementation of the ISO/IEC 27001. Importantly, PECB is willing to give this certification to companies that are in the process of meeting the entire criteria of the ISO/IEC 27001 in the near future. With this certification, companies will show compliance to the key clauses and controls implemented in their management system, such as:

  • Knowing the context of the organization
  • Building communication channels
  • Ensuring management’s support for the implementation
  • Operational planning for the information security risk assessment and treatment
  • Asset management
  • Access control approach
  • Physical and environmental security
  • Operations security
  • Incident management and information security business continuity


What is the ISE About?
ISE comprises the controls from ISO/IEC 27001 which allow various departments of your company to implement essential information security controls with less guidance from management – without jeopardizing the fundamental ideas behind the ISO/IEC 27001 framework. Implementing the PECB ISE framework and obtaining the certification for your organization are the right steps towards demonstrating that you are serious about practicing information security and can address the challenges involved in an efficient way.

The design objectives for this new certification scheme:
  • Easy to implement
  • Reduced management involvement
  • Leverage existing ISO/IEC 27001 skills of your staff
  • Certifiable


BENEFITS OF THE ISE CERTIFICATION
  • Reduced implementation efforts through reduced number of controls
  • Less than half of the costs compared to the ISO/IEC 27001 implementation and certification
  • No extra training necessary for already certified ISO/IEC 27001 implementers and auditors through 100% compatibility with ISO/IEC 27001
  • Reduced training costs for staff not familiar with ISO/IEC 27001
  • No voided implementation efforts when moving to full blown ISO/IEC 27001
  • Marketing advantage through international recognition of the certificate
  • Very feasible step stone to achieve full ISO/IEC 27001 certification



CERTIFICATION PROCESS
ISE certification (also known as “registration”) is granted by a third-party, such as PECB, upon verifying through an audit that the organization has fulfilled the considered essential clauses. This certification is then maintained through scheduled annual surveillance audits by the registrar, with re-certification of the Information Security performed on a triannual basis.

Step 1. Pre-Audit (Optional) – It must be done at least 3 months before Certification Audit


Step 2. Audit Plan – Plan for audit has to be mutually agreed


Step 3. Audit Stage 1 & 2 – Non-conformities must be closed at least 3 months after audit conclusions


Step 4. Initial Certification – Certificate will be issued within 2 weeks after successful audit closing

Once certification has been obtained, the organization will be subjected to two surveillance audits within 24 months from the initial certification:

- Surveillance Audit Stage 1 – No longer than 12 months from the initial certification audit

- Surveillance Audit Stage 2 – No longer than 12 months from the 1st surveillance audit

WHY CHOOSE GRCme University and PECB?
The GRC Sphere, working in conjunction with PECB, is a certification body for persons, management systems, and products on a wide range of international standards. As a global provider of training, examination, audit, and certification services, we offer our expertise across multiple fields. We help organizations to show commitment and competence with internationally recognized standards by providing this assurance through the education, evaluation and certification against rigorous, internationally recognized competence requirements. With a global coverage across 150 countries worldwide, our mission is to provide our clients comprehensive services that inspire trust, continual improvement, demonstrate recognition, and benefit society as a whole. 


PLEASE MAKE SURE TO VISIT OUR GRCme UNIVERSITY LOCATION ON THE WEB TO DOWNLOAD ANY OF OUR CURRICULA OR COURSE DESCRIPTIONS IN .PDF FORMAT. THERE ARE NO MEMBER FEES TO ACCESS THIS FREE INFORMATION.
http://www.grcsphere.org/ 

16 Pages Found:

Our GRCme Brain Trust Partners represent the leading product and professional services firms from around the globe and spanning the application domains of Governance Risk Compliance (GRC) and ...
Welcome to GRCme University | |
Welcome to GRCme University
Welcome to GRCme University Introduction
The Common Controls Hub is now available for our Members.
"In organizations that actively encourage the identification and adoption of best practices, a corporate culture springs up that is dedicated to fast learning."
"Fast learning organizations are capable of fast change and creative evolution."
"At General Electric and other modern learning labs, employees are encouraged to borrow and implant excellent ideas that are not trademarked, patented or proprietary."
"By adopting a ‘we-can-learn-from-anyone’ attitude, a company can transform the organization to forge its strategy and develop a value-driven culture."
“The ability to learn faster than your competitorsmay be the only sustainable competitive advantage.” - Arie De Geus Royal Dutch / Shell
Here are some examples of typical areas to that our Members are interested in developing Key Performance Indicator's (KPI's) for. These offer our Members a huge opportunity to determine their ...
"Fast learning is a unique organizational competency. It’s the ultimate source of long term, sustainable competitive advantage."
"Fast learning organizations are capable of fast change and creative evolution."
"Fast learning is a unique organizational competency. It’s the ultimate source of long term, sustainable competitive advantage."
"Organizations that instill a dedicated strategy to innovate through adaptation of best practices, become high-charged learning laboratories."