What you will learn:

• Understand the FedRAMP
• Study the FedRAMP Security Assessment Framework
  • Categorize
  • Select
  • Implement
  • Assess
  • Authorize
  • Monitor
• Learn about NIST Special Publications history
• Understand NIST 800-53, 800-18, 800-30, 800-37, 800-70, 800-60
• Learn about implementing NIST 800-53 Special Publications

What you will learn:

• Overview of the FCPA
• Study the implications of the FCPA
• Learn about the enforcement and penalties
• Study the U.S. Sentencing guidelines
• Understand the SEC and DOJ FCPA guidance
• Study the DOJ and SEC hallmarks of an effective compliance program
• Learn about the DOJ’s evaluation of compliance programs
• Learn about UK Bribery Act 2010
• Study the UK Bribery Act 2010 provisions
• Study the consequences of non-compliance with the Bribery Act 2020 – Case Study

What you will learn:

• Understand Fraud and Examples of Fraud
• Understand the Different Types of Fraud
• The Scale of the Problem
• Learn about Fraud Triangle Components
• Understand the Fraud Tree
• Learn about Factors Contributing to Fraudulent Behavior or Why People Commit Fraud
• Learn about Who Commits Fraud
• Knowledge of Common Fraud Schemes
• Understand Fraud Response
• Management Preventive Steps

What you will learn:

• Understand Fraud Basics
• Learn Fraud Risk Management Basics
• Understand How to Document Roles and Responsibilities
• Understand the Objectives of Fraud Risk Management Program
• Learn How to Develop a Fraud Risk Management Program
• Understand Fraud Risk Management Framework Basics
• Understand the Importance of Fraud Risk Governance
• Learn How to Plan for Fraud Risk Assessments
• Learn About Effective Fraud Risk Assessment Requirements

What you will learn:

• Learn How to Develop the Fraud Risk Management Program
• Learn How to Plan for Fraud Risk Assessments
• Learn How to Execute Fraud Risk Assessments
• Section I - Fraud Risk Assessment Framework
• Step 1 - Identify Potential Inherent Fraud Risks
• Step 2 - Assess the Likelihood and Impact
• Step 3 - Evaluate Department Likely to Commit Fraud
• Section II - Analysis
• Section III - Reporting the Results
• Understand Fraud Risk Assessment with Practical Examples
• Learn about Prevention, Detection, and Respond Programs for Fraud
• Understand Antifraud Strategy Key Elements
• Learn about Sound Internal Control System Requirements
• Understand Typical Features of the Practical and User-Friendly Hotline and
• Whistleblower Program
• Learn about Investigations Basics, Enforcement, and Corrective Actions

What you will learn:

Understanding the importance of:

• Culture
• Tone at the top
• Code of ethics
• Learn about different fraud case laws associated with culture, tone at the top, and code of ethics
• Learn about global regulations and fraud
• Understand the regulatory requirements

What you will learn:

• Understand the fraud triangle, fraud diamond, and 10-80-10 rule
• Gain knowledge of fraud tree, occupational fraud, and abuse categories
• Learn about corruption, asset misappropriations, and fraudulent financial reporting schemes
• Detailed knowledge of fraud classification categories, subcategories, fraud schemes, and methods used by perpetrators
• Study check fraud, electronic payment tampering, credit card schemes, and financial institution fraud
• To enhance the knowledge of how to catch the perpetrators study section Fraud Management Part VI. The Part VI explains the fraud tree with case law associated with each classification, category, subcategory, and fraud schemes.

What you will learn:

• Fraud tree schemes explained step by step with the help of case studies and case laws associated with each classification, category, subcategory, and fraud schemes
• Learn about fraud prevention programs for each classification
• Understand fraud tree, occupational fraud, and abuse categories
• Learn about corruption and financial statement fraud financial reporting schemes
• Understand fraud classification categories, subcategories, fraud schemes, and methods used by perpetrators

What you will learn:

• Fraud tree schemes explained step by step with the help of case studies and case laws associated with each classification, category, subcategory, and fraud schemes
• Learn about fraud prevention programs for each classification
• Understand fraud tree, occupational fraud, and abuse categories
• Study the asset misappropriations caselaws, schemes and prevention guidance
• Understand fraud classification categories, subcategories, fraud schemes, and methods used by perpetrators

What you will learn:

• Fraud tree schemes explained step by step with the help of case studies and case laws associated with each classification, category, subcategory, and fraud schemes
• Learn about fraud prevention programs for each classification
• Understand fraud tree, occupational fraud, and abuse categories
• Study the asset misappropriations caselaws, schemes and prevention guidance
• Understand fraud classification categories, subcategories, fraud schemes, and methods used by perpetrators

What you will learn:

• Understand the fraud perpetrator characteristics
• Understand how to identify fraud in an organization
• Understand what are the red flags and how to identify them
• Learn to categorize the red flags
• Learn to rank red flags per fraud triangle components and fraud tree
• Learn how to identify corruption red flags and detect corruption fraud
• Learn how to identify financial statement fraud red flags and detect financial statement fraud

What you will learn:

• Asset Misappropriation -->Cash -->Theft of Cash on Hand
• Asset Misappropriation -->Cash -->Theft of Cash Receipts
• Asset Misappropriation -->Cash -->Fraudulent and Disbursement -->Billing Schemes
• Asset Misappropriation -->Cash -->Fraudulent and Disbursement -->Payroll Schemes
• Asset Misappropriation -->Cash -->Fraudulent and Disbursement -->Expense Reimbursement Schemes
• Asset Misappropriation -->Cash -->Fraudulent and Disbursement -->Check Tampering
• Asset Misappropriation -->Cash -->Fraudulent and Disbursement -->Register Disbursements
• Asset Misappropriation -->Inventory and All Other Assets -->Misuse
• Asset Misappropriation -->Inventory and All Other Assets -->Larceny

What you will learn:

• Understand the GDPR driving factors
• Learn about different type of PII data
• Learn about identifiable personal information
• Understand GDPR basics
• Learn about the controllers and processor
• Study GDPR principles
• Understand the six lawful bases for processing

What you will learn:

• Learn about data Subject Rights
• Learn about Accountability and Governance principle
• Understand Privacy by Design
• Learn about the Data Protection Officer Role
• Study the privacy Codes of Conduct principle
• Understand Data Protection Impact Assessments (DPIA)

What you will learn:

• Learn about the Data Protection Officer’s (DPO) – Appointing DPO, DPO responsibilities, etc.
• Learn how to implement GDPR security principal requirements
• Understand rules related to international transfers
• Learn about exemptions rules
• Learn about GDPR data breach communication requirements
• Understand the penalties for violation of GDPR requirements
• Study the principles applicable to use of data for law enforcement purposes
• Learn how to protect children’s data and GDPR requirements
• Study the GDPR 10 step compliance checklist

What you will learn:

• Understand the GDPR articles
• Learn the 10 steps compliance checklist
• Study the GDPR implementation approach
• Learn how to prepare for the project and key concepts
• Learn about data mapping
• Study the readiness assessment, gap assessment, and privacy assessment process
• Learn about data protection by design and by default a key concept
• Learn to implement data subject rights
• Understand the Data Protection Impact Assessment (DPIA) Process
• Learn to amend third-party contracts and review third party procedures
• Study the different steps to ensure the security of personal and sensitive data
• Understand how to handle data breaches
• Study the GDPR compliance audit and training requirement

What you will learn:

• Learn about HIPAA and HITECH
• The Security Rule, The Privacy Rule, The Breach Notification Rule, Omnibus
• Chapter 181, Texas Medical Records Privacy Act
• Understand How Health Care Privacy Laws affect your organization
• Understand HIPAA IT Security Risk Assessment
• Learn about Administrative, Technical and Physical Safeguards
• Learn about Covered Entities
• Learn about Use and Disclosure of PHI
• Understand How HIPAA and HITECH are Related
• Learn about HITECH and Breach Notification

What you will learn:

• Understand what is HITRUST
• Learn about the HITRUST CSF components
• Learn how to calculate HITRUST scores
• Understand the steps in certification plan and plan considerations
• Understand HITRUST Implementation Planning use case and learn to implement
• Learn to calculate risk rating as per HITRUST
• Understand the corrective action plan (CAP) and documentation
• Learn how to calculate the CAP risk rating and prioritization

What you will learn:

• Understand what is HITRUST
• Learn about the HITRUST CSF components
• Learn how to calculate HITRUST scores
• Understand the steps in certification plan and plan considerations
• Understand HITRUST Implementation Planning use case and learn to implement
• Learn to calculate risk rating as per HITRUST
• Understand the corrective action plan (CAP) and documentation
• Learn how to calculate the CAP risk rating and prioritization

What you will learn:

• Understand the need for ISMS
• Learn about ISO 27001certification and ISMS Mandatory Process
• Introduction to implementing ISMS
• Learn how to implement ISO 27001 ISMS 11 Step Program
• Step by Step Guide on implementing ISMS program
• Learn the practical examples and study the documentation samples
• Learn about ISO 27001 Annex A Controls Checklist 14 Domains and 35 Control Objectives
• ISMS Part III includes implementation details for each control objective along guidance

What you will learn:

• Understand the need for ISMS
• Learn about ISO 27001certification and ISMS Mandatory Process
• Introduction to implementing ISMS
• Learn how to implement ISO 27001 ISMS 11 Step Program
• Step by Step Guide on implementing ISMS program
• Learn the practical examples and study the documentation samples
• Learn about ISO 27001 Annex A Controls Checklist 14 Domains and 35 Control Objectives
• ISMS Part III includes implementation details for each control objective along guidance

What you will learn:

• Learn about Incident and Incident Management (IM)
• Understand Critical Success Factors (CSF)
• Understand Key Performance Indicators (KPI) Specific to Incident Management
• Understand Other Process Interfacing with Incident Management
• Learn about ITIL Framework Based Incident Management Process Workflow
• Implementing Incident Management - Detailed Guidance

What you will learn:

• Brief about Incident and Incident Management (IM)
• Incident Management Objectives
• What is a Security Incident Management?
• Incident, Problem, and Service Request
• Incident Management Key Concepts
• Incident Management Process and ITIL
• Incident Management Process Workflow Examples
• Incident Management Process
• Incident Management Process Steps Discussed in Detail

What you will learn:

• Incident Management VS Problem Management
• Cybersecurity Incident Response or Major Incident Response
• Cybersecurity Incident Response Team (CSIRT)
  • CSIRT Basics
  • CSIRT stages
• CSIRT Roles and Responsibilities
• Your Role in CSIRT
  • CSIRT Response Flow - Level 1 incident
  • CSIRT Response Flow - Level 2 and 3 incidents
• Use Cases - Scenarios

What you will learn:

• Learn How to Protect Information
• Understand the Key Security Terms
• Learn about Insider Risk
• Learn about Privately Identifiable Information and Privately Healthcare Information
• Learn about Physical Security, Facility Security and Clean Desk Policies
• Learn about Social Engineering and Phishing
• Learn about Acceptable Personal Use of Corporate Property and Email
• Learn about Malicious Software and Incident Reporting
• Learn about User Id and Password Protection
• Understand Your Responsibility as a User

What you will learn:

• Understand IT Governance considerations in SOX compliance
• Understand Activity/Process Level Considerations in General Control Issues
• Learn about evaluating security administration controls
• Understand the SOX requirement for:
• Application change controls
• Data Backup and Recovery
• Systems Development Life Cycle (SDLC)
• Outsourcing Financial Applications
• Learn about the Role of Application and Data-Owner Processes
• Understand the application-level control considerations
• Understand the process level control considerations

What you will learn:

• Understand IT Governance considerations in SOX compliance
• Understand Activity/Process Level Considerations in General Control Issues
• Learn about evaluating security administration controls
• Understand the SOX requirement for:
• Application change controls
• Data Backup and Recovery
• Systems Development Life Cycle (SDLC)
• Outsourcing Financial Applications
• Learn about the Role of Application and Data-Owner Processes
• Understand the application-level control considerations
• Understand the process level control considerations

What you will learn:

• Learn about ISO 27701 Privacy Information Management System
• Understand the fundamental concepts of ISO/IEC 27701
• Understand the ISO 27701 driving factors
• Identify the relationship between ISO/IEC 27701, ISO/IEC 27001, ISO/IEC 27002
• Learn about the ISO 27701 driving factors and need for ISO 27701
• Learn the ISO 27701 terms and definitions
• Learn about the identifiable personal information
• Learn about a different type of PII data
• Learn about controllers and processors in context of ISO 27701 and comparison with GDPR

What you will learn:

• Learn about ISO 27701 Privacy Information Management System
• Understand the fundamental concepts of ISO/IEC 27701
• Understand the ISO 27701 driving factors
• Identify the relationship between ISO/IEC 27701, ISO/IEC 27001, ISO/IEC 27002
• Learn about the ISO 27701 driving factors and need for ISO 27701
• Learn the ISO 27701 terms and definitions
• Learn about the identifiable personal information
• Learn about a different type of PII data
• Learn about controllers and processors in context of ISO 27701 and comparison with GDPR

What you will learn:

• How do you get malware?
• What malware is and why it is dangerous
• Become familiar with different types of malware and how users can identify them
• How can you tell if you have a malware infection?
• Understand how most malware requires human action to infect a computer
• How to protect against malware?
• How people can avoid malware and what to do (and not to do) if this ever happens

What you will learn:

• Learn about CSF fundamentals
• Learn how to establish or improve your cybersecurity program
• Understand the NIST CSF concept and how to implement with the help of case study
• Understand the practical application of CSF framework’s core, design, functions,
• categories, and subcategories
• Detailed knowledge of functions, categories, and subcategories along with
• informative references from COBIT, ISA, NIST SP 800-53, CIS CSC, ISO 27001, etc.

What you will learn:

• Learn about CSF fundamentals
• Learn how to establish or improve your cybersecurity program
• Understand the NIST CSF concept and how to implement with the help of case study
• Understand the practical application of CSF framework’s core, design, functions,
• categories, and subcategories
• Detailed knowledge of functions, categories, and subcategories along with
• informative references from COBIT, ISA, NIST SP 800-53, CIS CSC, ISO 27001, etc.

What you will learn:

• Need for PCI DSS training
• PCI data security
• Relationship between PCI DSS and PA DSS
• PCI DSS scope
• PCI DSS requirement explained with examples
• Control costs and gain tangible, real-world insights on best practices
• Understand PCI compliance before going through an assessment
• Apply PCI DSS security principles across business

What you will learn:

• Privileged Access Management Overview
• Learn about privileges and how are they created, granted, etc.
• Learn about privileged accounts
• Understand the types of privileged accounts
• Study the privileged service accounts
• Learn about privilege related risks and challenges
• Learn about privileged threat vectors – external and internal
• Understand the benefits of privileged access management
• Learn how hackers compromise the privileged accounts.
• Study the privilege access management best practices

What you will learn:

• Learn about privileges and how are they created, granted, etc.
• Learn about the capabilities of PAM software
• Study the PAM security controls
• Learn about the PAM solution partner considerations
• Study about the PAM baseline and ongoing Improvements
• Study the considerations for selection of PAM
• Learn how to protect privileged accounts

What you will learn:

• Study the FCPA recent cases and takeaways
• Learn about the effective FCPA compliance program
• Study the FCPA program best practices Third Parties Review Transactions Gifts, Meals, Travel and Entertainment
Training Due Diligence Reporting Risk Areas
• Learn about the FCPA enforcement actions and monitory resolutions

What you will learn:

• Understand basic concepts of problem management
• Learn about the roles and responsibilities associated with the problem
• management process
• Understand the input that triggers the problem management process
• Planning for problem management process implementation and training
• Understand the problem management process implementation guide (step by step
• approach)
• Understand process inputs and outputs
• Learn about problem management reporting
• Understand the problem management checklist
• Understand the activities and documentation

What you will learn:

• Understand basic concepts of problem management
• Learn about the roles and responsibilities associated with the problem
• management process
• Understand the input that triggers the problem management process
• Planning for problem management process implementation and training
• Understand the problem management process implementation guide (step by step
• approach)
• Understand process inputs and outputs
• Learn about problem management reporting
• Understand the problem management checklist
• Understand the activities and documentation

What you will learn:

• Risk Identification – Learn to identify risk
• Risk Assessment - How to assess risk?
• Risk Analysis – How to analyze risk?
• Controls – Learn to develop controls
• Risk Treatment – How to treat risk?
• Risk Management Elements – What are the risk management elements?
• Risk Monitoring – How to monitor risk?
• Risk Management Approach – Learn the process?
• Issue Management Remediation

What you will learn:

• Sarbanes-Oxley Act (SOX) basics
• SOX Sections 302, 404, and 906
• SOX Requirements, Risk and Controls, Controls Testing
• SOX and Corporate Governance
• Internal Controls • COSO Framework and Relationship with SOX
• Components of COSO Internal Control-Integrated Framework
• COSO Framework three Dimensions
• Objectives
• Entity and activity level focus
• Internal control
• The types of Internal Controls and Technology Controls
• SOX Requirements for IT controls

What you will learn:

• Understand What is a Framework
• Understand What is an Information Security Framework
• Learn about Types of Security Frameworks
• Learn about Compliance Regulations and Frameworks
• Understand Factors Driving Security Frameworks
• Learn about Various Security Frameworks - ISO, COBIT, NIST, ITIL, COSO, NERC, TY, CYBER, HITRUST, CSF
• Understand the Business Benefits of Security Frameworks?

What you will learn:

• What is FFIEC?
• Learn about FFIEC Cybersecurity Priorities
• Understand FFFIEC CAT Inherent Risk Profile Assessment Categories
• Understand FFIEC Risk Levels
• Learn about Inherent Risk Categories and Ratings
• Understand in detail the FFIEC CAT Maturity Assessment Categories
• Domain 1: Cyber Risk Management and Oversight
• Domain 2: Threat Intelligence and Collaboration
• Domain 3: Cybersecurity Controls
• Domain 4: External Dependency Management
• Domain 5: Cyber Incident Management and Resilience Domains, Assessment
• Factors, Components, and Declaration

What you will learn:

• Role of internal audit in FFIEC risk and maturity
• Understand FFIEC maturity levels
• Learn on how to interpret and analyze assessment results
• Complete case study to provide in-depth understanding and application of principles
• How to calculate risk for technology and connection type
• How to create rating summary
• Learn how to create an inherent risk profile
• Understand cybersecurity maturity level calculation
• Learn to document maturity results based on the maturity input
• Learn to prepare target maturity and maturity result charts
• Learn to prepare a chart of components
• Learn to develop roles and responsibilities of the internal audit function
• Learn to evaluate the cybersecurity maturity assessment

What you will learn:

• What is vendor/third-party risk management (TPRM)?
• What are third parties?
• What are the common concerns of TPRM?
• Why perform a third-party risk assessment?
• What are the factors driving third-party risk assessment?
• Why do I need a Third-party Risk Management Framework?
• Why do I need a TPRM framework?

What you will learn:

• Why do Organizations need a TPRM framework?
• What are the third-party risk categories and common third-party risks?
• What are the Best Practices for a TPRM Framework?
• What are the TPRM Framework Considerations?
• How to build a TPRM framework?
• How to implement a TPRM framework?

What you will learn:

Part I of the series “Cybersecurity Best Practices for Startups and Small Business” you will:
• Know the factors driving cybersecurity and compliance for startups and small businesses
• Study the weaknesses leading to cyberattacks
• Know what cybersecurity and compliance means to your organization
• Understand the concept of capability maturity and scale yours over a period
• Learn what cybersecurity controls mean
• Study Information Security Management System (ISMS), ISMS governance, and risk management
• Understand the cybersecurity best practices for Startups and Small Businesses and Case Studies

What you will learn:

In Part II of the series, you will:
• Understand how insider threat knowledge is an essential component of a comprehensive security program
• Know the insider threat risk and impact and learn how to mitigate those risks
• Study the concept of physical security and how it relates to information security
• Learn how to secure offices, rooms, workplaces, and office equipment
• Understand the importance of cybersecurity training
• Know the sources of security threats and vulnerabilities and many more

What you will learn:

In Part III of the series, you will:
• Learn about the essential considerations when computers leave the corporate security perimeter and people work remotely
• Learn that new risks arise for the company due to remote work
• Learn about the security risks are associated with Bring Your Own Devices (BYOD)
• Learn how to secure the BYOD environment
• Learn about the IT Asset Managment and Backup and Recovery industry best practices Each topic contains case studies. The case studies explain how the suggested security considerations will help protect from cyberattacks.

What you will learn:

Part IV will assist executives to:
• Understand the relevant contextual factors
• Decide the type of insurance policy
• Understand factors driving third-party risk management
• Understand disaster recovery plans, factors driving Disaster Recovery (DR), and DR programs implementation steps
• Learn about Advanced Persistent Threat (APT)

What you will learn:

• Learn about the ethical principles, employees and executives should follow to reinforce professional behavior in the workplace
• Study the best practices for code of conduct
• Understand the difference between Code of Conduct vs. Code of Ethics
• Learn to create a positive working environment of equal opportunity and no retaliation
• Understand how corporations can enforce ethical behavior by using penalties for breaches of the Code of Conduct
• Learn to recognize the actions that may harm the company, such as sharing confidential company, client, and customer information
• Learn about the corporate best practices and employee responsibilities

What you will learn:

• Learn to recognize conflict of interest and handle the conflicts
• Learn how bribes, kickbacks, payments, gifts/entertainment, and money laundering harm employers
• Learn the Foreign Corrupt Practices Act (FCPA) Accounting and Anti Bribery provisions
• Understand the ethical and legal issues involving the use of company assets by employees
• Learn about the facility and physical security perimeter and how badge and visitor’s security works
• Study the best practices for acceptable use of company information resources and social media

What you will learn:

• Learn about the System and Organization Controls (SOC) - SOC 1, SOC 2 and SOC3
• Understand the businesses that should think about SOC 2
• Learn about the driving factors for SOC compliance
• Learn how SOC 2 is different from SOC 1 and other compliance frameworks
• Understand the difference between a Type I and Type II audit
• Learn to decide the type of SOC report the organizations needs to have
• Learn about the factors driving the audit scope
• Understand the foundation of SOC 1®, SOC 2®, and SOC 3® Reports
• Learn about the SOC 2® and SOC 3® Trust Services Principles

What you will learn:

• SOC evolution
• Learn about SOC 2 audit and who can perform the audit
• Learn how to apply relevant SSAE 18 AICPA Standards
• SOC 1, SOC 2, SOC 3, SOC 2 +, SOC for Cyber Security and SOC for Supply Chain Reports
• Understand scope and use
• Learn about the purpose and relevant standards
• Learn about the subject matter and components of the report
• Understand the use case for SOC for Cyber Security and SOC for Supply Chain
• Learn about SOC 2 + Additional Subject Matter Reports
• Learn the about TSC Mapping to Standards and Frameworks

What you will learn:

• SOC evolution
• Learn about SOC 2 audit and who can perform the audit
• Learn how to apply relevant SSAE 18 AICPA Standards
• SOC 1, SOC 2, SOC 3, SOC 2 +, SOC for Cyber Security and SOC for Supply Chain Reports
• Understand scope and use
• Learn about the purpose and relevant standards
• Learn about the subject matter and components of the report
• Understand the use case for SOC for Cyber Security and SOC for Supply Chain
• Learn about SOC 2 + Additional Subject Matter Reports
• Learn the about TSC Mapping to Standards and Frameworks

What you will learn:

• Learn about the System and Organization Controls (SOC) - SOC 1, SOC 2 and SOC3
• Understand the businesses that should think about SOC 2
• Learn about the driving factors for SOC compliance
• Learn how SOC 2 is different from SOC 1 and other compliance frameworks
• Understand the difference between a Type I and Type II audit
• Learn to decide the type of SOC report the organizations needs to have
• Learn about the factors driving the audit scope
• Understand the foundation of SOC 1®, SOC 2®, and SOC 3® Reports
• Learn about the SOC 2® and SOC 3® Trust Services Principles

What you will learn:

• SOC evolution
• Learn about SOC 2 audit and who can perform the audit
• Learn how to apply relevant SSAE 18 AICPA Standards
• SOC 1, SOC 2, SOC 3, SOC 2 +, SOC for Cyber Security and SOC for Supply Chain Reports
• Understand scope and use
• Learn about the purpose and relevant standards
• Learn about the subject matter and components of the report
• Understand the use case for SOC for Cyber Security and SOC for Supply Chain
• Learn about SOC 2 + Additional Subject Matter Reports
• Learn the about TSC Mapping to Standards and Frameworks

What you will learn:

• SOC evolution
• Learn about SOC 2 audit and who can perform the audit
• Learn how to apply relevant SSAE 18 AICPA Standards
• SOC 1, SOC 2, SOC 3, SOC 2 +, SOC for Cyber Security and SOC for Supply Chain Reports
• Understand scope and use
• Learn about the purpose and relevant standards
• Learn about the subject matter and components of the report
• Understand the use case for SOC for Cyber Security and SOC for Supply Chain
• Learn about SOC 2 + Additional Subject Matter Reports
• Learn the about TSC Mapping to Standards and Frameworks

What you will learn:

• Understand SOC evolution
• Practical implementation knowledge of:
• Common Criteria
• Supplemental Criteria
• Learn about Generally Accepted Privacy Principles (GAPP)
• Understand what’s included in SOC report
• Understand what’s included in Management Assertions and Description of the System
• Understand the AICPA new guidelines - Description Criteria 200 (DC 200)

What you will learn:

• The myths and reality of cyberattacks
• The different types of cyberattacks
• What it means for business?
• The information technology, information security, and business management weaknesses • Organization and governance process to manage cyberattacks
• Computer Emergency Response Team (CERT)
• Crisis Management Team (CMT)

What you will learn:

• Understand Cyberattack Examples
• Study Cyberattack Techniques and Vulnerabilities
• Study the Process of Building a CSIRT
• Understand the Models for Institutionalizing Incident Management Capability
• Understand the CSIRT Constituency
• Learn about the Supporting Policies, Procedures, and Guidance
• Learn about CSIRT Formation Process, Stages, and Categories
• Study the CSIRT Workflow Examples, CSIRT Response Flow - Level 1 Incident, and CSIRT Response Flow - Level 2 and 3 Incident

What you will learn:

• Organizations need to know exactly what to look for regarding the network’s security and stability. The course content is divided into five parts that train you on how to fight off sophisticated cyberattacks.
• Cyberattack Prevention Basics
• System Weaknesses that can Cause Cyberattacks
• Methods of Cyberattacks
• Different Causes that can Lead to Cyberattacks
• Architectural Solutions, Next-Gen Techniques, and Zero Trust Principle to Prevent Attacks
• Cyberattacks Detection

What you will learn:

• The organizations need to know what to look for regarding the network's security and stability.The course content divided into five parts will train you on how to fight off sophisticated cyber attacks.
• Study about the cyberattacks detection
• Learn to identify effective techniques and tools for dealing with the threats
• Learn about human factors, training, etc.
• Learn to identify and recognize an attack is underway
• Study about different detection methods – signature recognition, anomaly detection, and heuristic detection
• Learn about managing an unusual volume of alerts, response time, etc.
• Distinguish between the various tools and their properties
• Know what to look for when it comes to the security and stability of the network
• Learn about advanced and next-gen tools and techniques for securing a network
• Learn about cybersecurity tools selection considerations

What you will learn:

• Overview of business process
• Learn about risk
• Study about risk taxonomy
• Learn the five basic steps for risk management
• Understand the component of the enterprise risk management framework
• Learn about the causes for failure of enterprise risk management framework
• Learn to develop a risk management policy
• Learn about the things to avoid while writing a risk management policy
• Understand how to perform risk control self-assessment

What you will learn:

• Overview of business process
• Learn about risk
• Study about risk taxonomy
• Learn the five basic steps for risk management
• Understand the component of the enterprise risk management framework
• Learn about the causes for failure of enterprise risk management framework
• Learn to develop a risk management policy
• Learn about the things to avoid while writing a risk management policy
• Understand how to perform risk control self-assessment

What you will learn:

• Business Process and Lifecycle Overview
• The Element of Control Framework
• The Process Flowcharts with Risk and Controls Mapping
• To Crate Risk and Control Matrix
• The Process of Control
• The Importance of Controls
• COSO Internal Control-Integrated Framework
• Sarbanes Oxley Internal Controls Requirements
• The Overall Approach to IT Risk and Controls
• Information Technology General Controls (ITGC)

What you will learn:

• Business process and lifecycle overview.
• Understand the control fundamentals.
• Learn about control and control activities.
• Study the control environment and internal control system.
• Learn to document controls.
• Study the internal control assertions and understand the information processing objectives.
• Learn about SOX 404 and 302 internal controls reporting requirements.
• Understand control components, control methods, control types, control frequency, control evidence, Et cetera.
• Understand Information Technology General Controls

What you will learn:

The training promotes the objective of informed management for better decision-making. Training provides management and employees with a basic understanding of underlying concepts and recommendations for managing challenges. Each section informed you about additional training requirements and recommended courses. In the next 10 minutes, you will learn:

• What are threats?
• Vulnerabilities on a Network
• Sources of Vulnerabilities
• Recommendation
• Regulatory Requirements
• Case studies

What you will learn:

The training promotes the objective of informed management for better decision-making. Training provides management and employees with a basic understanding of underlying concepts and recommendations for managing challenges. Each section informed you about additional training requirements and recommended courses. In the next 10 minutes, you will learn:
• What is Advanced Persistent Threat?
• Phases of an Advanced Persistent Threat
• Reconnaissance and Initial Access Expand Access
• Data Capture/Exfiltration or Manipulation Track-Covering
• Exit the suggested e-Learning courses that would reduce the insurance cost

What you will learn:

The training promotes the objective of informed management for better decision-making. Training provides management and employees with a basic understanding of underlying concepts and recommendations for managing challenges. Each section informed you about additional training requirements and recommended courses.
In the next 10 minutes, you will learn:
• Securing ICS Infrastructure
• Defense in Depth
• Next-Gen Tools and Techniques
• Zero Trust

What you will learn:

The training promotes the objective of informed management for better decision-making. Training provides management and employees with a basic understanding of underlying concepts and recommendations for managing challenges. Each section informed you about additional training requirements and recommended courses.
In the next 10 minutes, you will learn:
• What is Asset Management?
• Asset Management and Cyber security Recommendations for Asset Management Case Study
• Application/Program Vulnerabilities

What you will learn:

The training promotes the objective of informed management for better decision-making. Traning provides management and employees with a basic understanding of underlying concepts and recommendations for managing challenges. Each section informed you about additional training requirements and recommended courses.
In the next 10 minutes, you will learn:
• What is a disaster?
• What is Disaster Recovery?
• Backup and Recovery
• Protecting Backup Data

What you will learn:

The training promotes the objective of informed management for better decision-making. Training provides management and employees with a basic understanding of underlying concepts and recommendations for managing challenges. Each section informed you about additional training requirements and recommended courses.
In the next 10minutes, you will learn:
• What is the importance of a breach notification?
• What is a data breach?
• In what circumstances would notification of a data breach be required and to whom?
• Suggested e-Learning courses to enhance the knowledge.
(Note - The suggested e-Learning program is a two-part series.)

What you will learn:

The training promotes the objective of informed management for better decision-making. Training provides management and employees with a basic understanding of underlying concepts and recommendations for managing challenges. Each section informed you about additional training requirements and recommended courses.
In the next 10 minutes, you will learn:
• What is Bring Your Own Device (BYOD)?
• What are the BYOD challenges?
• How can you secure your BYOD environment?
• Examples of BYOD device hack Suggested e-Learning courses to enhance the knowledge
(Note - The suggested e-Learning program is a two-part series.)

What you will learn:

The training promotes the objective of informed management for better decision-making. Training provides management and employees with a basic understanding of underlying concepts and recommendations for managing challenges. Each section informed you about additional training requirements and recommended courses.
In the next 10 minutes, you will learn: -
• Cyber security Training Recommendations
• Guidance for Users
• Cyber security Threats Education
• Case Studies

What you will learn:

The training promotes the objective of informed management for better decision-making. Training provides management and employees with a basic understanding of underlying concepts and recommendations for managing challenges. Each section informed you about additional training requirements and recommended courses.
• In the next 10 minutes, you will learn:
• Brief about Incident and Incident Management (IM)
• Incident Management Objectives and Protecting Information Assets
• What is a Security Incident Management?
• Incident Management Process Workflow
• Important Definitions Suggested e-Learning courses to enhance the knowledge
(Note - The suggested e-Learning program is a three-part series.)

What you will learn:

The training promotes the objective of informed management for better decision-making. Training provides management and employees with a basic understanding of underlying concepts and recommendations for managing challenges. Each section informed you about additional training requirements and recommended courses.
• In the next 10 minutes, you will learn:
• Protect computer systems from malicious attacks
• Learn about CIA Triad
• Achieving asset protection goals Confidentiality, Integrity, and Availability
• Lots of case studies Suggested e-Learning courses to enhance the knowledge

What you will learn:

The training promotes the objective of informed management for better decision-making. Training provides management and employees with a basic understanding of underlying concepts and recommendations for managing challenges. Each section informed you about additional training requirements and recommended courses.
In the next 10 minutes, you will learn:
• What is Network Security?
• How does Network Security Work?
• Types of Network Security Recommendations for Network Security
• Case Studies

What you will learn:

The training promotes the objective of informed management for better decision-making.
Training provides management and employees with a basic understanding of underlying concepts and recommendations for managing challenges.
Each section informed you about additional training requirements and recommended courses.
In the next 10 minutes, you will learn:
What is Insider Threats Risk?
Examples of Insider Threat Risk
What are the Consequences of Risk?

What you will learn:

The training promotes the objective of informed management for better decision-making. Training provides management and employees with a basic understanding of underlying concepts and recommendations for managing challenges. Each section informed you about additional training requirements and recommended courses.
In the next 10 minutes, you will learn:
• What is Physical and Environmental Security?
• Physical Security
• Securing Offices, Rooms, and Facilities - Badge Security - Visitors Security - Supervision
• Workplace Security
• Equipment Security
•Case Studies Suggested e-Learning courses to reskill and upskill the cyber knowledge

What you will learn:

The training promotes the objective of informed management for better decision-making. Each section informed you about additional training requirements and recommended courses.
In the next 10 minutes, you will learn:
• What is remote access?
• Securing remote office locations
• Recommendations for secure remote access
• Reporting remote access issues
• Multiple case studies and hacks
• Suggested e-Learning courses to enhance the knowledge

What you will learn:

The training promotes the objective of informed management for better decision-making. Training provides management and employees with a basic understanding of underlying concepts and recommendations for managing challenges. Each section informed you about additional training requirements and recommended courses.
In the next 10 minutes, you will learn:
• Learning the access control basics
• Authenticate and authorize Recommendations for user account management and access control
• Suggested e-Learning courses to enhance the knowledge

What you will learn:

The training promotes the objective of informed management for better decision-making.

Each section informed you about additional training requirements and recommended courses.

In the next 10 minutes, you will learn:
• Recommendations for Wireless Network Security
• Router Security Option to Choose
• Open Wi-Fi Network