Search Results

9 Products Found:

Our Price: $1,995.00

SKU: 29100-CLPI-LI-V |

MASTERING THE IMPLEMENTATION AND MANAGEMENT OF A PRIVACY FRAMEWORK (5 DAY COURSE FOR VIRTUAL PARTICIPANTS ONLY)

SUMMARY
This five-day intensive course enables Virtual Participants to develop the necessary expertise to support an organization in implementing and managing a Privacy Framework based on ISO 29100, the Generally Accepted Privacy principles and guidance from international information commissioners. Participants will gain a thorough understanding of how to design, build and lead organizations privacy programs covering business processes, ICT systems and services, through the use of best practices. The training provides a privacy framework which specifies a common privacy terminology, defines the actors and their roles in processing personally identifiable information (PII), describes privacy safeguarding considerations and provides references to known privacy principles for information technology. Based on this knowledge delegates will have the skills to build privacy frameworks that allow their organisation to maintain compliance to the many privacy directives and laws worldwide.

Who Should Attend?
▶▶ Project managers or consultants wanting to prepare and to support organizations on implementing and managing a Privacy Framework
▶▶ Security auditors who wish to fully understand the Privacy Framework implementation process
▶▶ Experienced IT security management professionals
▶▶ IT security professionals interested in earning Privacy Management Framework certification
▶▶ Privacy Officers, Data Protection Officers, and Compliance professionals with an interest in privacy legislation and risk
▶▶ Security professionals with front-line experience
▶▶ Information security staff
▶▶ Expert advisors in information technology
▶▶ Persons and organizations involved in tasks where privacy controls are required for the processing of PII
▶▶ Legal practitioners who wish to understand the practical aspects of privacy frameworks

Learning Objectives

▶▶ To understand the core competences on Privacy Framework
▶▶ To gain a comprehensive understanding of the concepts, approaches, standards, methods and techniques required for the effective protection of personally identifiable information (PII)
▶▶ To define privacy safeguarding requirements related to PII within an ICT environment
▶▶ To understand the relationship between the components of Privacy Framework with existing security standards and various applicable laws
▶▶ To acquire necessary expertise in privacy governance, specifically in personally identifiable information governance
▶▶ To acquire necessary expertise in privacy risk management compliance connected with personally identifiable information
▶▶ To develop knowledge and skills required to advise for improve organizations’ privacy programs through the use of best practices
▶▶ To improve the capacity for analysis of privacy incident management
▶▶ To understand the relationship between the components of Privacy Framework with existing security standards and various applicable laws and directives


Course Agenda

Day 1 - Introduction to Privacy Framework concepts as recommended by ISO 29100

▶▶ Introduction to Privacy Framework concepts as recommended by ISO 29100
▶▶ Privacy Framework based on ISO 29100 and regulatory framework
▶▶ Fundamental Principles of Privacy
▶▶ Privacy Legislation US & Europe including the existing and new EU directives
▶▶ Writing a business case and a project plan for the implementation of a Privacy Framework
▶▶ Initiating the Privacy Framework implementation

Day 2 - Planning the implementation of the Privacy Framework

▶▶ Preliminary analysis of Existing Controls
▶▶ Leadership and approval of the Privacy Framework project
▶▶ Defining the scope of a Privacy Framework
▶▶ Development of a Privacy policy
▶▶ Selection of the approach and methodology for risk assessment
▶▶ Control Statement and management decision to implement the Privacy Framework
▶▶ Definition of the organizational structure of Privacy

Day 3 - Implementing a Privacy Framework

▶▶ Implementation of a document management framework
▶▶ Design of controls and writing procedures and specific policies
▶▶ Implementation of privacy controls
▶▶ Development of a training and awareness program and communicating about the privacy to Development of a training and awareness program and communicating about privacy
▶▶ Incident management
▶▶ Operations Management

Day 4 - Privacy Framework measurement and continuous improvement
▶▶ Monitoring, Measurement, Analysis and Evaluation
▶▶ Internal Audit
▶▶ Management Review
▶▶ Treatment of problems and points of concern
▶▶ Continual improvement
▶▶ Competence and evaluation of implementers

Day 5 - Certification Exam

A certificate will be issued to participants who successfully pass the exam and comply with all the other requirements related to the selected credential. Please see the course flyer or brochure for details on the "other requirements".


General Information:

▶Certification fees are included in the exam price


▶▶Participant manuals contains over 450 pages of information and practical examples


▶▶A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued to participants


▶▶In case of failure of the exam, participants are allowed to retake the exam for free under certain conditions


WHY CHOOSE GRCme University and PECB?
The GRC Sphere, working in conjunction with PECB, is a certification body for persons, management systems, and products on a wide range of international standards. As a global provider of training, examination, audit, and certification services, we offer our expertise across multiple fields. We help organizations to show commitment and competence with internationally recognized standards by providing this assurance through the education, evaluation and certification against rigorous, internationally recognized competence requirements. With a global coverage across 150 countries worldwide, our mission is to provide our clients comprehensive services that inspire trust, continual improvement, demonstrate recognition, and benefit society as a whole.

PLEASE MAKE SURE TO VISIT OUR GRCme UNIVERSITY LOCATION ON THE WEB TO DOWNLOAD ANY OF OUR CURRICULA OR COURSE DESCRIPTIONS IN .PDF FORMAT.
THERE ARE NO MEMBER FEES TO ACCESS THIS FREE INFORMATION.
http://www.grcsphere.org/

Our Price: $2,795.00

SKU: 29100-CLPI-LI |

MASTERING THE IMPLEMENTATION AND MANAGEMENT OF A PRIVACY FRAMEWORK

SUMMARY
This five-day intensive course enables participants to develop the necessary expertise to support an organization in implementing and managing a Privacy Framework based on ISO 29100, the Generally Accepted Privacy principles and guidance from international information commissioners. Participants will gain a thorough understanding of how to design, build and lead organizations privacy programs covering business processes, ICT systems and services, through the use of best practices. The training provides a privacy framework which specifies a common privacy terminology, defines the actors and their roles in processing personally identifiable information (PII), describes privacy safeguarding considerations and provides references to known privacy principles for information technology. Based on this knowledge delegates will have the skills to build privacy frameworks that allow their organisation to maintain compliance to the many privacy directives and laws worldwide.

Who Should Attend?
▶▶ Project managers or consultants wanting to prepare and to support organizations on implementing and managing a Privacy Framework
▶▶ Security auditors who wish to fully understand the Privacy Framework implementation process
▶▶ Experienced IT security management professionals
▶▶ IT security professionals interested in earning Privacy Management Framework certification
▶▶ Privacy Officers, Data Protection Officers, and Compliance professionals with an interest in privacy legislation and risk
▶▶ Security professionals with front-line experience
▶▶ Information security staff
▶▶ Expert advisors in information technology
▶▶ Persons and organizations involved in tasks where privacy controls are required for the processing of PII
▶▶ Legal practitioners who wish to understand the practical aspects of privacy frameworks

Learning Objectives

▶▶ To understand the core competences on Privacy Framework
▶▶ To gain a comprehensive understanding of the concepts, approaches, standards, methods and techniques required for the effective protection of personally identifiable information (PII)
▶▶ To define privacy safeguarding requirements related to PII within an ICT environment
▶▶ To understand the relationship between the components of Privacy Framework with existing security standards and various applicable laws
▶▶ To acquire necessary expertise in privacy governance, specifically in personally identifiable information governance
▶▶ To acquire necessary expertise in privacy risk management compliance connected with personally identifiable information
▶▶ To develop knowledge and skills required to advise for improve organizations’ privacy programs through the use of best practices
▶▶ To improve the capacity for analysis of privacy incident management
▶▶ To understand the relationship between the components of Privacy Framework with existing security standards and various applicable laws and directives


Course Agenda

Day 1 - Introduction to Privacy Framework concepts as recommended by ISO 29100

▶▶ Introduction to Privacy Framework concepts as recommended by ISO 29100
▶▶ Privacy Framework based on ISO 29100 and regulatory framework
▶▶ Fundamental Principles of Privacy
▶▶ Privacy Legislation US & Europe including the existing and new EU directives
▶▶ Writing a business case and a project plan for the implementation of a Privacy Framework
▶▶ Initiating the Privacy Framework implementation

Day 2 - Planning the implementation of the Privacy Framework

▶▶ Preliminary analysis of Existing Controls
▶▶ Leadership and approval of the Privacy Framework project
▶▶ Defining the scope of a Privacy Framework
▶▶ Development of a Privacy policy
▶▶ Selection of the approach and methodology for risk assessment
▶▶ Control Statement and management decision to implement the Privacy Framework
▶▶ Definition of the organizational structure of Privacy

Day 3 - Implementing a Privacy Framework

▶▶ Implementation of a document management framework
▶▶ Design of controls and writing procedures and specific policies
▶▶ Implementation of privacy controls
▶▶ Development of a training and awareness program and communicating about the privacy to Development of a training and awareness program and communicating about privacy
▶▶ Incident management
▶▶ Operations Management

Day 4 - Privacy Framework measurement and continuous improvement
▶▶ Monitoring, Measurement, Analysis and Evaluation
▶▶ Internal Audit
▶▶ Management Review
▶▶ Treatment of problems and points of concern
▶▶ Continual improvement
▶▶ Competence and evaluation of implementers

Day 5 - Certification Exam

A certificate will be issued to participants who successfully pass the exam and comply with all the other requirements related to the selected credential. Please see the course flyer or brochure for details on the "other requirements".

General Information:

▶Certification fees are included in the exam price


▶▶Participant manuals contains over 450 pages of information and practical examples


▶▶A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued to participants


▶▶In case of failure of the exam, participants are allowed to retake the exam for free under certain conditions


WHY CHOOSE GRCme University and PECB?
The GRC Sphere, working in conjunction with PECB, is a certification body for persons, management systems, and products on a wide range of international standards. As a global provider of training, examination, audit, and certification services, we offer our expertise across multiple fields. We help organizations to show commitment and competence with internationally recognized standards by providing this assurance through the education, evaluation and certification against rigorous, internationally recognized competence requirements. With a global coverage across 150 countries worldwide, our mission is to provide our clients comprehensive services that inspire trust, continual improvement, demonstrate recognition, and benefit society as a whole.

PLEASE MAKE SURE TO VISIT OUR GRCme UNIVERSITY LOCATION ON THE WEB TO DOWNLOAD ANY OF OUR CURRICULA OR COURSE DESCRIPTIONS IN .PDF FORMAT.
THERE ARE NO MEMBER FEES TO ACCESS THIS FREE INFORMATION.
http://www.grcsphere.org/

Our Price: $2,795.00

SKU: 27001-MS |

ISO / IEC 27001 INFORMATION SECURITY MANAGEMENT SYSTEM CERTIFICATION

BUILD A REPUTATION AS A COMPANY THAT KEEPS ITS INFORMATION SAFE WITH THE ISO/IEC 27001 CERTIFICATION

SUMMARY
The ISO/IEC 27001 Information Security Management standard helps organizations to keep their information assets secure, by building an information infrastructure against the risks of loss, damage or any other threat.

Companies that certify their management system against ISO/IEC 27001 validate that the security of financial information, intellectual property, employee details, or information entrusted from third parties is being successfully managed and continually improved in accordance with widely accepted best practices and the standard’s framework.

BENEFITS OF ISO/IEC 27001 CERTIFICATION TO YOUR ORGANIZATION:
• Provides senior management involved in information security with an efficient management process
• Provides you with a competitive advantage due to customer trust and market share
• Reduces costs due to incident and threat minimization
• Demonstrated compliance with customer, regulatory and/or other requirements
• Sets out areas of responsibility across the organization
• Communicates a positive message to staff, customers, suppliers and stakeholders
• Integration between business operations and information security
• Alignment of information security with the organization’s objectives
• Seizing opportunities to put forward true value through enhancement of marketing

BENEFITS OF ISO/IEC 27001 CERTIFICATION TO YOUR CUSTOMERS:
• Keeps intellectual property and valuable information secure
• Provides customers and stakeholders with confidence in how you manage risk related to information security
• Secures exchange of information
• Ensures that you are meeting your legal obligations
• Manages and minimizes risk exposure
• Cost savings for rework, damages and waste

UNDERSTANDING THE CERTIFICATION PROCESS
ISO/IEC 27001 certification (also known as “registration”) is granted by a third-party, such as PECB, upon verifying through an audit that the organization is in compliance with the requirements of the ISO/IEC 27001 standard. This certification is then maintained through scheduled annual surveillance audits by the registrar, with re-certification of the Information Security performed on a triannual basis.


Step 1. Pre-Audit (Optional)- It must be done at least 3 months before Certification Audit


Step 2. Audit Plan - Plan for audit has to be mutually agreed


Step 3. Audit Stage 1 & 2 - Non-conformities must be closed at least 3 months after audit conclusions


Step 4. Initial Certification - Certificate will be issued within 2 weeks after successful audit closing
Once certification has been obtained, the organization will be subjected to two surveillance audits within 24 months from the initial certification:

• Surveillance Audit Stage 1 - No longer than 12 months from the initial certification audit
• Surveillance Audit Stage 2 - No longer than 12 months from the 1st surveillance audit

WHY CHOOSE GRCme University and PECB?
The GRC Sphere, working in conjunction with PECB, is a certification body for persons, management systems, and products on a wide range of international standards. As a global provider of training, examination, audit, and certification services, we offer our expertise across multiple fields. We help organizations to show commitment and competence with internationally recognized standards by providing this assurance through the education, evaluation and certification against rigorous, internationally recognized competence requirements. With a global coverage across 150 countries worldwide, our mission is to provide our clients comprehensive services that inspire trust, continual improvement, demonstrate recognition, and benefit society as a whole. 


PLEASE MAKE SURE TO VISIT OUR GRCme UNIVERSITY LOCATION ON THE WEB TO DOWNLOAD ANY OF OUR CURRICULA OR COURSE DESCRIPTIONS IN .PDF FORMAT. THERE ARE NO MEMBER FEES TO ACCESS THIS FREE INFORMATION.
http://www.grcsphere.org/ 

Our Price: $1,995.00

SKU: 27002-Lead Mgr-V |

MASTERING THE FUNDAMENTAL PRINCIPLES, CONCEPTS AND IMPLEMENTATION OF THE BEST PRACTICES OF INFORMATION SECURITY CONTROLS WITHIN THE PROCESS OF IMPLEMENTING AN INFORMATION SECURITY MANAGEMENT SYSTEM (ISMS) BASED ON ISO/IEC 27002. (5 DAY COURSE FOR VIRTUAL PARTICIPANTS ONLY)

SUMMARY
This five day intensive course enables the participants to develop the expertise needed to support an organization in implementing and managing the information security controls of an Information Security Management System (ISMS) based on ISO/IEC 27001. Participants will also be given a thorough grounding in the best practices used to implement information security controls from all the areas of ISO/IEC 27002. This training is consistent with the project management practices established in ISO 10006 (Quality Management Systems - Guidelines for Quality Management in Projects). It is also fully compatible with ISO 27003 (Guidelines for the Implementation of an ISMS), ISO 27004 (Measurement of Information Security) and ISO/IEC 27005 (Risk Management in Information Security).

Who Should Attend?
▶Managers or consultants wanting to implement an Information Security Management System (ISMS)
▶▶Project managers or consultants wanting to master the Information Security Management System implementation process
▶▶Persons responsible for the information security or conformity in an organization
▶▶Members of information security teams
▶▶Expert advisors in information technology
▶▶Technical experts wanting to prepare for an Information Security Audit function
▶▶Persons responsible to develop their own information security management guidelines


Learning Objectives
▶To gain a comprehensive understanding of the concepts, approaches, standards, methods and techniques related to an ISMS and the required information security controls
▶▶To understand the initiation, implementation, maintenance and improvement of the ISMS within an organization
▶▶To acquire the necessary expertise to manage a team implementing ISO/IEC 27002
▶▶To develop the knowledge and skills required to advise organizations on best practices in the management of information security controls
▶▶To improve the capacity for analysis and decision making in the context of information security controls


Course Agenda

Day 1
- Introduction to Information Security controls and ISO/IEC 27002


▶▶Course objective and structure
▶▶Standard and regulatory framework
▶▶Fundamental Principles of Information Security
▶▶Information Security Management System
▶▶Information security policies
▶▶Organization of information security

Day 2
- Human resources, Asset Management and Access Control


▶▶Human resources security
▶▶Asset Management
▶▶Access Control

Day 3
- Operations and communications security as required by ISO/IEC 27001


▶▶Cryptography
▶▶Physical and Environmental Security
▶▶Operations Security
▶▶Communications security
▶▶Incident Management
▶▶Information Security Aspects of Business Continuity Management
▶▶Compliance
▶▶Golden Rules and Conclusion
▶▶Applying for certification and closing of the training
▶▶Certification Exam


Day 4
- Continuous improvement and preparation for certification


▶▶System acquisition, development and maintenance
▶▶Supplier Relationships
▶▶Information security Incident Management
▶▶Information security aspects of business continuity management
▶▶Compliance
▶▶Golden Rules and Conclusion
▶▶Lead Manager Certification Scheme
▶▶Closing the Training

Day 5 - Certification Exam


WHY CHOOSE GRCme University and PECB?

The GRC Sphere, working in conjunction with PECB, is a certification body for persons, management systems, and products on a wide range of international standards. As a global provider of training, examination, audit, and certification services, we offer our expertise across multiple fields. We help organizations to show commitment and competence with internationally recognized standards by providing this assurance through the education, evaluation and certification against rigorous, internationally recognized competence requirements. With a global coverage across 150 countries worldwide, our mission is to provide our clients comprehensive services that inspire trust, continual improvement, demonstrate recognition, and benefit society as a whole.

PLEASE MAKE SURE TO VISIT OUR GRCme UNIVERSITY LOCATION ON THE WEB TO DOWNLOAD ANY OF OUR CURRICULA OR COURSE DESCRIPTIONS IN .PDF FORMAT.
THERE ARE NO MEMBER FEES TO ACCESS THIS FREE INFORMATION.
http://www.grcsphere.org/

Our Price: $2,795.00

SKU: 27002-Lead Mgr |

MASTERING THE FUNDAMENTAL PRINCIPLES, CONCEPTS AND IMPLEMENTATION OF THE BEST PRACTICES OF INFORMATION SECURITY CONTROLS WITHIN THE PROCESS OF IMPLEMENTING AN INFORMATION SECURITY MANAGEMENT SYSTEM (ISMS) BASED ON ISO/IEC 27002.

SUMMARY
This five day intensive course enables the participants to develop the expertise needed to support an organization in implementing and managing the information security controls of an Information Security Management System (ISMS) based on ISO/IEC 27001. Participants will also be given a thorough grounding in the best practices used to implement information security controls from all the areas of ISO/IEC 27002. This training is consistent with the project management practices established in ISO 10006 (Quality Management Systems - Guidelines for Quality Management in Projects). It is also fully compatible with ISO 27003 (Guidelines for the Implementation of an ISMS), ISO 27004 (Measurement of Information Security) and ISO/IEC 27005 (Risk Management in Information Security).

Who Should Attend?
▶Managers or consultants wanting to implement an Information Security Management System (ISMS)
▶▶Project managers or consultants wanting to master the Information Security Management System implementation process
▶▶Persons responsible for the information security or conformity in an organization
▶▶Members of information security teams
▶▶Expert advisors in information technology
▶▶Technical experts wanting to prepare for an Information Security Audit function
▶▶Persons responsible to develop their own information security management guidelines


Learning Objectives
▶To gain a comprehensive understanding of the concepts, approaches, standards, methods and techniques related to an ISMS and the required information security controls
▶▶To understand the initiation, implementation, maintenance and improvement of the ISMS within an organization
▶▶To acquire the necessary expertise to manage a team implementing ISO/IEC 27002
▶▶To develop the knowledge and skills required to advise organizations on best practices in the management of information security controls
▶▶To improve the capacity for analysis and decision making in the context of information security controls


Course Agenda

Day 1
- Introduction to Information Security controls and ISO/IEC 27002


▶▶Course objective and structure
▶▶Standard and regulatory framework
▶▶Fundamental Principles of Information Security
▶▶Information Security Management System
▶▶Information security policies
▶▶Organization of information security

Day 2
- Human resources, Asset Management and Access Control


▶▶Human resources security
▶▶Asset Management
▶▶Access Control

Day 3
- Operations and communications security as required by ISO/IEC 27001


▶▶Cryptography
▶▶Physical and Environmental Security
▶▶Operations Security
▶▶Communications security
▶▶Incident Management
▶▶Information Security Aspects of Business Continuity Management
▶▶Compliance
▶▶Golden Rules and Conclusion
▶▶Applying for certification and closing of the training
▶▶Certification Exam


Day 4
- Continuous improvement and preparation for certification


▶▶System acquisition, development and maintenance
▶▶Supplier Relationships
▶▶Information security Incident Management
▶▶Information security aspects of business continuity management
▶▶Compliance
▶▶Golden Rules and Conclusion
▶▶Lead Manager Certification Scheme
▶▶Closing the Training

Day 5 - Certification Exam


WHY CHOOSE GRCme University and PECB?

The GRC Sphere, working in conjunction with PECB, is a certification body for persons, management systems, and products on a wide range of international standards. As a global provider of training, examination, audit, and certification services, we offer our expertise across multiple fields. We help organizations to show commitment and competence with internationally recognized standards by providing this assurance through the education, evaluation and certification against rigorous, internationally recognized competence requirements. With a global coverage across 150 countries worldwide, our mission is to provide our clients comprehensive services that inspire trust, continual improvement, demonstrate recognition, and benefit society as a whole.

PLEASE MAKE SURE TO VISIT OUR GRCme UNIVERSITY LOCATION ON THE WEB TO DOWNLOAD ANY OF OUR CURRICULA OR COURSE DESCRIPTIONS IN .PDF FORMAT.
THERE ARE NO MEMBER FEES TO ACCESS THIS FREE INFORMATION.
http://www.grcsphere.org/

4 Pages Found:

"In organizations that actively encourage the identification and adoption of best practices, a corporate culture springs up that is dedicated to fast learning."
“The ability to learn faster than your competitorsmay be the only sustainable competitive advantage.” - Arie De Geus Royal Dutch / Shell
"Innovative adaptation is a key strength of many high-performing organizations." Transforming the Vision and Value of GRC
"Organizations that instill a dedicated strategy to innovate through adaptation of best practices, become high-charged learning laboratories."