Objective
Information is an ASSET that, like other important business assets, has VALUE to an organization and consequently needs to be SUITABLY protected. An ISMS is that part of the overall management system, based on a business risk approach, aims to establish, implement, operate, monitor, review, maintain, and improve information security. ISO 27001 is the internationally recognized best practice framework for an Information Security Management System (ISMS).
ISO/IEC 27001 is the only audit able international standard that defines the requirements for an Information Security Management System (ISMS). The training explains how implementing a security program based on the framework can help organizations mitigate security risk and consider the appropriate level of rigor for their cybersecurity program. It explains to employees how their organization can move from their current state to their target state with the ability to identify gaps and prioritize gaps based on risk assessment.
In this course, you will be asked to read through lessons, participate in learning activities, and partake in knowledge checks designed to reinforce learning, followed by the end of the course final assessment.
For Corporate Request Demo →
What you will learn:
- Understand the need for ISMS
- Learn about ISO 27001certification and ISMS Mandatory Process
- Introduction to implementing ISMS
- Learn how to implement ISO 27001 ISMS 11 Step Program
- Step by Step Guide on implementing ISMS program
- Learn the practical examples and study the documentation samples
- Learn about ISO 27001 Annex A Controls Checklist 14 Domains and 35 Control Objectives
- ISMS Part III includes implementation details for each control objective along guidance
Access Control Awareness Part I - CS00201
What you will learn:
- Learning the access control basics
- Understanding the access control challenges
- Understanding authentication factors and multi factor authentication.
- Developing access control policies and procedures
- Learning about access control models
- Learning about principles of access controls and types of access controls
Information Security Management System (ISMS) Part I - CO00304
What you will learn:
- Understand what information and information security is
- Understand how to secure information
- Know about ISO 27000 compliance family
- Learn about ISO 27001and ISO 27002 and benefits of compliance
- Learn about ISO 27001standard and certification
- Introduction to implementing ISMS and ISO 27001
- Learn about ISMS mandatory processes and documentation
- Introduction to ISO 27001 Annex A controls Checklist
Social Engineering & Phishing Awareness Part I - CS00103
What you will learn:
- Learn about Ten Different Types of Phishing Attacks
- Understand the Characteristics of Phishing Emails
- Understand Common Methods of Phishing Attacks
- Learn about Escalation and Containment
- Learn about Eradication and Rebuilding
- Learn about Recovery and Aftermath
Social Engineering & Phishing Advanced Part II - CS00104
What you will learn:
- Learn about Ten Different Types of Phishing Attacks
- Understand the Characteristics of Phishing Emails
- Understand Common Methods of Phishing Attacks
- Learn about Escalation and Containment
- Learn about Eradication and Rebuilding
- Learn about Recovery and Aftermath
Information Security and Privacy Awareness - CS00101
What you will learn:
- Learn How to Protect Information
- Understand the Key Security Terms
- Learn about Insider Risk
- Learn about Privately Identifiable Information and Privately Healthcare Information
- Learn about Physical Security, Facility Security and Clean Desk Policies
- Learn about Social Engineering and Phishing
- Learn about Acceptable Personal Use of Corporate Property and Email
- Learn about Malicious Software and Incident Reporting
- Learn about User Id and Password Protection
- Understand Your Responsibility as a User
Breach Notification Advanced Part II - CS00302
What you will learn:
- What is the importance of a breach notification?
- What is a data breach?
- In what circumstances would notification of a data breach be required and to
- whom?
- When and how should notification of a data breach be provided?
- Framework for Effective Data Breach Notification Legislation
- Timing of Notification to Affected Individuals
- Post Data Breach Immediate Action Items
- Breach Notification to Authorities
Breach Notification Awareness Part I - CS00301
What you will learn:
- Breach Management
- Effective Breach Response
- Data Breach Checklist
- Breach Notification Notice Content
- Notification Timelines
- Lifecycle of a Data Breach
- Public Relations Strategy.
Access Control Awareness Part II - CS00202
What you will learn:
- Learning the Access Control Models and Concepts
- Understanding the Types and Categories of Access Controls
- Understanding the Testing of Access Controls
- Learning about Access Control Attacks and Countermeasures
- Learning about Multilevel Security Models
- Learning about Authentication and Authentication Methods
- Learning about common Authentication Protocols.
Cloud Security Awareness - CS00102
What you will learn:
- Cloud Security
- Cloud Basics - Cloud Concepts, Architecture and Design
- Cloud Service Models
- Cloud Risk Landscape
- Cloud Security Domains
- Cloud Data Security
- Cloud and AWS
- Cloud and Azure
- Cloud Application Security Basics
Cybersecurity Maturity Model Certification (CMMC) Awareness Part I - CS00801
What you will learn:
- Understand the need for Cybersecurity Maturity Model Certification
- Why the third-party contractors are the weakest cyber link?
- Interpret the NIST SP 800-171 Controls
- Understand Federal Acquisition Regulation (FAR) Clause 52.204.21 for protecting
- Federal Contract Information (FCI)
- Understand Defense Federal Acquisition Regulation Supplement (DFARS) Clause
- 252.204-7012 for protecting Controlled Unclassified Information (CUI)
- Understand NIST SP 800-171 Protecting Controlled Unclassified Information in Non-Federal Systems and Organizations
- Learn about the essential differences between CMMC vs. NIST 800-171
- Learn how CMMC Model Works: Domains, Capabilities, Practices, and Processes
Cybersecurity Maturity Model Certification (CMMC) Awareness Part II - CS00802
What you will learn:
- Learn how CMMC Model Works: Domains, Capabilities, Practices, and Processes
- Understand the CMMC five Process Maturity levels and five Technical Practices levels
- Understand Federal Acquisition Regulation (FAR) Clause 52.204.21 for protecting Federal Contract Information (FCI)
- Learn about the control compliance and certification requirements for level 1 to level 5
- Learn about the CMMC capabilities
- Understand the 14 points of NIST 800-171 and create security protocols for 14 key areas.
- Learn about the CMMC Levels 2 and 3 Practices Beyond NIST 800-171
- Learn about the implementation challenges
- Learn about becoming a CMMC Certified Supplier
- Understand the CMMC Scoring methodology
- Knowledge Check
Cybersecurity Maturity Model Certification (CMMC) Awareness Part III - CS00803
What you will learn:
- Learn how CMMC Model Works: Domains, Capabilities, Practices, and Processes
- Learn how to Prepare CMMC for Assessment
- Understand the 20 non-NIST 800-171 Controls to complied at level 3
- Understand CMMC Level 4 requirements
- Understand CMMC Level 5 requirements
- Learn about the CMMC Certification process
- Knowledge Check Knowledge Check/li >
Cybersecurity Maturity Model Certification (CMMC) Controls Part IV - CS00804
What you will learn:
- Learn how CMMC Model Works: Domains, Capabilities, Practices, and Processes
- Understand the CMMC five Process Maturity levels and five Technical Practices levels
- Understand Federal Acquisition Regulation (FAR) Clause 52.204.21 for protecting Federal Contract Information (FCI)
- Learn about the control compliance and certification requirements for level 1 to level 5
- Learn about the CMMC capabilities
- Understand the 14 points of NIST 800-171 and create security protocols for 14 key areas.
- Learn about the CMMC Levels 5 and 6 Practices Beyond NIST 800-171
- Learn about the implementation challenges
- Learn about becoming a CMMC Certified Supplier
- Understand the CMMC Scoring methodology
- Knowledge Check/li >
Cybersecurity Maturity Model Certification (CMMC) Controls Part V - CS00805
What you will learn:
- By the end of this course, students will be able to:
- Understand the CMMC Model and controls
- Interpret the NIST SP 800-171 Controls and apply the control guidance in gap analysis, remediation, and implementation controls
- CMMC Model
- NIST SP 800-171 Controls
- Understand the specific domains:
- Audit & Accounting
- Configuration Management
- Identification and Authentication
- Incident Response
- Maintenance
- Media Protection/li >
Cybersecurity Maturity Model Certification (CMMC) Controls Part VI - CS00806
What you will learn:
- By the end of this course, students will be able to:
- Understand the CMMC Model and controls
- Interpret the NIST SP 800-171 Controls and apply the control guidance in gap analysis, remediating and implementing controls
- Understand the specific domains:
- Personnel Security - Personnel Security requires organizations to screen individuals before authorizing access to systems containing CUI.
- Physical Protection - Limit physical access to organizational information systems.
- Risk Management - Assess the risk to organizational operations (including mission, functions, image, or reputation), organizational assets, and individuals.
- Security Assessment - Evaluate the security posture of the organization, based on the ability to manage its cyber risk profile, identify its inherent risks, and assess the effectiveness of its controls environment.
- System & Communications Protection - Monitor, control and protect organizational communications
- System & Information Integrity - Adopt a broad range of security practices to protect information integrity.
Data Privacy And Privacy Regulations Part I - CS00106
What you will learn:
- Learn about Privacy Imperative
- Understand Strategic and Tactical Drivers
- Learn about Privacy Strategy and Privacy Impact
- Understand the Private Identifiable Information (PII) and Private Health Information
- (PHI) data
- Learn about Privacy Impact Assessments
- Learn about HIPAA and HITECH
- Learn about GDPR and CCPA
- Understand the Breach Notification Requirements
Data Privacy And Privacy Regulations Part II - CS00107
What you will learn:
- Learn about Privacy Imperative
- Understand Strategic and Tactical Drivers
- Learn about Privacy Strategy and Privacy Impact
- Understand the Private Identifiable Information (PII) and Private Health Information
- (PHI) data
- Learn about Privacy Impact Assessments
- Learn about HIPAA and HITECH
- Learn about GDPR and CCPA
- Understand the Breach Notification Requirements
Facility Workplace Awareness Part I - CS00109
What you will learn:
- Identify potential risk while working remotely
- Corporate data and information systems security
- Physical access control
- Email Security and practical examples
Facility Workplace Awareness Part II - CS00110
What you will learn:
- Identify potential risk while working remotely
- Corporate data and information systems security
- Physical access control
- Email Security and practical examples
Health Insurance Portability And Accountability Act (HIPAA) Awareness - CO00102
What you will learn:
- Learn about HIPAA and HITECH
- The Security Rule, The Privacy Rule, The Breach Notification Rule, Omnibus
- Chapter 181, Texas Medical Records Privacy Act
- Understand How Health Care Privacy Laws affect your organization
- Understand HIPAA IT Security Risk Assessment
- Learn about Administrative, Technical and Physical Safeguards
- Learn about Covered Entities
- Learn about Use and Disclosure of PHI
- Understand How HIPAA and HITECH are Related
- Learn about HITECH and Breach Notification
Information Security Management System (ISMS) Part II - CO00305
What you will learn:
- Understand the need for ISMS
- Learn about ISO 27001certification and ISMS Mandatory Process
- Introduction to implementing ISMS
- Learn how to implement ISO 27001 ISMS 11 Step Program
- Step by Step Guide on implementing ISMS program
- Learn the practical examples and study the documentation samples
- Learn about ISO 27001 Annex A Controls Checklist 14 Domains and 35 Control Objectives
- ISMS Part III includes implementation details for each control objective along guidance
Incident Management Advanced Part II - CS00402
What you will learn:
- Learn about Incident and Incident Management (IM)
- Understand Critical Success Factors (CSF)
- Understand Key Performance Indicators (KPI) Specific to Incident Management
- Understand Other Process Interfacing with Incident Management
- Learn about ITIL Framework Based Incident Management Process Workflow
- Implementing Incident Management - Detailed Guidance
Incident Management Awareness Part I - CS00401
What you will learn:
- Brief about Incident and Incident Management (IM)
- Incident Management Objectives
- What is a Security Incident Management?
- Incident, Problem, and Service Request
- Incident Management Key Concepts
- Incident Management Process and ITIL
- Incident Management Process Workflow Examples
- Incident Management Process
- Incident Management Process Steps Discussed in Detail
Incident Management Cyber Security Response Team (CSIRT) Part III - CS00403
What you will learn:
- Incident Management VS Problem Management
- Cybersecurity Incident Response or Major Incident Response
- Cybersecurity Incident Response Team (CSIRT)
- CSIRT Basics
- CSIRT stages
- CSIRT Roles and Responsibilities
- Your Role in CSIRT
- CSIRT Response Flow - Level 1 incident
- CSIRT Response Flow - Level 2 and 3 incidents
- Use Cases - Scenarios
Information Technology General Controls (ITGC) Awareness Part I - CS00701
What you will learn:
- Learn How to Protect Information
- Understand the Key Security Terms
- Learn about Insider Risk
- Learn about Privately Identifiable Information and Privately Healthcare Information
- Learn about Physical Security, Facility Security and Clean Desk Policies
- Learn about Social Engineering and Phishing
- Learn about Acceptable Personal Use of Corporate Property and Email
- Learn about Malicious Software and Incident Reporting
- Learn about User Id and Password Protection
- Understand Your Responsibility as a User
Information Technology General Controls (ITGC) Part III - CS00703
What you will learn:
- Understand IT Governance considerations in SOX compliance
- Understand Activity/Process Level Considerations in General Control Issues
- Learn about evaluating security administration controls
- Understand the SOX requirement for:
- Application change controls
- Data Backup and Recovery
- Systems Development Life Cycle (SDLC)
- Outsourcing Financial Applications
- Learn about the Role of Application and Data-Owner Processes
- Understand the application-level control considerations
- Understand the process level control considerations
Information Technology General Controls (ITGC) COSO Framework Part II - CS00702
What you will learn:
- Understand IT Governance considerations in SOX compliance
- Understand Activity/Process Level Considerations in General Control Issues
- Learn about evaluating security administration controls
- Understand the SOX requirement for:
- Application change controls
- Data Backup and Recovery
- Systems Development Life Cycle (SDLC)
- Outsourcing Financial Applications
- Learn about the Role of Application and Data-Owner Processes
- Understand the application-level control considerations
- Understand the process level control considerations
Malware Ransomware Awareness - CS00105
What you will learn:
- How do you get malware?
- What malware is and why it is dangerous
- Become familiar with different types of malware and how users can identify them
- How can you tell if you have a malware infection?
- Understand how most malware requires human action to infect a computer
- How to protect against malware?
- How people can avoid malware and what to do (and not to do) if this ever happens
National Institute Of Standard And Technology (NIST) Cyber Security Framework (CSF) Fundamentals Part I - CS00501
What you will learn:
- Learn about CSF fundamentals
- Learn how to establish or improve your cybersecurity program
- Understand the NIST CSF concept and how to implement with the help of case study
- Understand the practical application of CSF framework’s core, design, functions,
- categories, and subcategories
- Detailed knowledge of functions, categories, and subcategories along with
- informative references from COBIT, ISA, NIST SP 800-53, CIS CSC, ISO 27001, etc.
National Institute Of Standard And Technology (NIST) Cyber Security Framework (CSF) Fundamentals Part II - CS00502
What you will learn:
- Learn about CSF fundamentals
- Learn how to establish or improve your cybersecurity program
- Understand the NIST CSF concept and how to implement with the help of case study
- Understand the practical application of CSF framework’s core, design, functions,
- categories, and subcategories
- Detailed knowledge of functions, categories, and subcategories along with
- informative references from COBIT, ISA, NIST SP 800-53, CIS CSC, ISO 27001, etc.
Payment Card Industry Awareness - CO00201
What you will learn:
- Need for PCI DSS training
- PCI data security
- Relationship between PCI DSS and PA DSS
- PCI DSS scope
- PCI DSS requirement explained with examples
- Control costs and gain tangible, real-world insights on best practices
- Understand PCI compliance before going through an assessment
- Apply PCI DSS security principles across business
Privileged Access Management (PAM) Part I - CS00203
What you will learn:
- Privileged Access Management Overview
- Learn about privileges and how are they created, granted, etc.
- Learn about privileged accounts
- Understand the types of privileged accounts
- Study the privileged service accounts
- Learn about privilege related risks and challenges
- Learn about privileged threat vectors – external and internal
- Understand the benefits of privileged access management
- Learn how hackers compromise the privileged accounts.
- Study the privilege access management best practices
Privileged Access Management (PAM) Part II - CS00204
What you will learn:
- Learn about privileges and how are they created, granted, etc.
- Learn about the capabilities of PAM software
- Study the PAM security controls
- Learn about the PAM solution partner considerations
- Study about the PAM baseline and ongoing Improvements
- Study the considerations for selection of PAM
- Learn how to protect privileged accounts
Privileged Access Management (PAM) Part III - CS00205
What you will learn:
- Study the FCPA recent cases and takeaways
- Learn about the effective FCPA compliance program
- Study the FCPA program best practices Third Parties Review Transactions Gifts, Meals, Travel and Entertainment
- Training Due Diligence Reporting Risk Areas
- Learn about the FCPA enforcement actions and monitory resolutions
Problem Management Advanced Part II - CS00602
What you will learn:
- Understand basic concepts of problem management
- Learn about the roles and responsibilities associated with the problem
- management process
- Understand the input that triggers the problem management process
- Planning for problem management process implementation and training
- Understand the problem management process implementation guide (step by step
- approach)
- Understand process inputs and outputs
- Learn about problem management reporting
- Understand the problem management checklist
- Understand the activities and documentation
Problem Management Awareness Part I - CS00601
What you will learn:
- Understand basic concepts of problem management
- Learn about the roles and responsibilities associated with the problem
- management process
- Understand the input that triggers the problem management process
- Planning for problem management process implementation and training
- Understand the problem management process implementation guide (step by step
- approach)
- Understand process inputs and outputs
- Learn about problem management reporting
- Understand the problem management checklist
- Understand the activities and documentation
Risk Assessment Awareness Part I - RM00103
What you will learn:
- Risk Identification – Learn to identify risk
- Risk Assessment - How to assess risk?
- Risk Analysis – How to analyze risk?
- Controls – Learn to develop controls
- Risk Treatment – How to treat risk?
- Risk Management Elements – What are the risk management elements?
- Risk Monitoring – How to monitor risk?
- Risk Management Approach – Learn the process?
- Issue Management Remediation
Security Framework Awareness - CS00108
What you will learn:
- Understand What is a Framework
- Understand What is an Information Security Framework
- Learn about Types of Security Frameworks
- Learn about Compliance Regulations and Frameworks
- Understand Factors Driving Security Frameworks
- Learn about Various Security Frameworks - ISO, COBIT, NIST, ITIL, COSO, NERC, TY, CYBER, HITRUST, CSF
- Understand the Business Benefits of Security Frameworks?
Vendor Risk Management Awareness Part I - RM00101
What you will learn:
- What is vendor/third-party risk management (TPRM)?
- What are third parties?
- What are the common concerns of TPRM?
- Why perform a third-party risk assessment?
- What are the factors driving third-party risk assessment?
- Why do I need a Third-party Risk Management Framework?
- Why do I need a TPRM framework?
Vendor Risk Management Framework Development Part II - RM00102
What you will learn:
- Why do Organizations need a TPRM framework?
- What are the third-party risk categories and common third-party risks?
- What are the Best Practices for a TPRM Framework?
- What are the TPRM Framework Considerations?
- How to build a TPRM framework?
- How to implement a TPRM framework?
Cybersecurity Best Practices For Startups And Small Businesses Part I - CS00901
What you will learn:
- Part I of the series “Cybersecurity Best Practices for Startups and Small Business” you will:
- Know the factors driving cybersecurity and compliance for startups and small businesses
- Study the weaknesses leading to cyberattacks
- Know what cybersecurity and compliance means to your organization
- Understand the concept of capability maturity and scale yours over a period
- Learn what cybersecurity controls mean
- Study Information Security Management System (ISMS), ISMS governance, and risk management
- Understand the cybersecurity best practices for Startups and Small Businesses and Case Studies
Cybersecurity Best Practices For Startups And Small Businesses Part II - CS00902
What you will learn:
- In Part II of the series, you will:
- Understand how insider threat knowledge is an essential component of a comprehensive security program
- Know the insider threat risk and impact and learn how to mitigate those risks
- Study the concept of physical security and how it relates to information security
- Learn how to secure offices, rooms, workplaces, and office equipment
- Understand the importance of cybersecurity training
- Know the sources of security threats and vulnerabilities and many more
Cybersecurity Best Practices For Startups And Small Businesses Part III - CS00903
What you will learn:
- In Part III of the series, you will:
- Learn about the essential considerations when computers leave the corporate security perimeter and people work remotely
- Learn that new risks arise for the company due to remote work
- Learn about the security risks are associated with Bring Your Own Devices (BYOD)
- Learn how to secure the BYOD environment
- Learn about the IT Asset Managment and Backup and Recovery industry best practices Each topic contains case studies. The case studies explain how the suggested security considerations will help protect from cyberattacks.
Cybersecurity Best Practices For Startups And Small Businesses Part IV - CS00904
What you will learn:
- Part IV will assist executives to:
- Understand the relevant contextual factors
- Decide the type of insurance policy
- Understand factors driving third-party risk management
- Understand disaster recovery plans, factors driving Disaster Recovery (DR), and DR programs implementation steps
- Learn about Advanced Persistent Threat (APT)
Code Of Conduct Part I - CC00101
What you will learn:
- Learn about the ethical principles, employees and executives should follow to reinforce professional behavior in the workplace
- Study the best practices for code of conduct
- Understand the difference between Code of Conduct vs. Code of Ethics
- Learn to create a positive working environment of equal opportunity and no retaliation
- Understand how corporations can enforce ethical behavior by using penalties for breaches of the Code of Conduct
- Learn to recognize the actions that may harm the company, such as sharing confidential company, client, and customer information
- Learn about the corporate best practices and employee responsibilities
Code Of Conduct Part II - CC00102
What you will learn:
- Learn to recognize conflict of interest and handle the conflicts
- Learn how bribes, kickbacks, payments, gifts/entertainment, and money laundering harm employers
- Learn the Foreign Corrupt Practices Act (FCPA) Accounting and Anti Bribery provisions
- Understand the ethical and legal issues involving the use of company assets by employees
- Learn about the facility and physical security perimeter and how badge and visitor’s security works
- Study the best practices for acceptable use of company information resources and social media
User Developed Applications Compliance Series Part I - CS001103
What you will learn:
- At the end of this course, you will learn:
- Recognize what User Developed Applications (UDAs) are
- Learn to identify UDAs
- Identify the difference between key and general UDAs
- Protect UDAs - confidentiality, integrity, and availability
- Recall UDAs risk and the importance of controls
- Learn about UDA application development process
- Learn about UDA Life Cycle
Shadow IT Part I User Developed Applications - CS01105
What you will learn:
- After the end of this course, you will:
- Understand what Shadow IT is
- Factors driving Shadow IT
- Risks associated with Shadow IT and how to manage the risk?
- Manage the Shadow IT threats
- Establish policies around Shadow IT and the CIO office
- Understand how organizations will benefit from Shadow IT
System & Organization Controls (SOC) Part I - CO005011
What you will learn:
- Learn about the System and Organization Controls (SOC) - SOC 1, SOC 2 and SOC3
- Understand the businesses that should think about SOC 2
- Learn about the driving factors for SOC compliance
- Learn how SOC 2 is different from SOC 1 and other compliance frameworks
- Understand the difference between a Type I and Type II audit
- Learn to decide the type of SOC report the organizations needs to have
- Learn about the factors driving the audit scope
- Understand the foundation of SOC 1®, SOC 2®, and SOC 3® Reports
- Learn about the SOC 2® and SOC 3® Trust Services Principles
System & Organization Controls (SOC) Part II - CO005012
What you will learn:
- SOC evolution
- Learn about SOC 2 audit and who can perform the audit
- Learn how to apply relevant SSAE 18 AICPA Standards
- SOC 1, SOC 2, SOC 3, SOC 2 +, SOC for Cyber Security and SOC for Supply Chain Reports
- Understand scope and use
- Learn about the purpose and relevant standards
- Learn about the subject matter and components of the report
- Understand the use case for SOC for Cyber Security and SOC for Supply Chain
- Learn about SOC 2 + Additional Subject Matter Reports
- Learn the about TSC Mapping to Standards and Frameworks
System & Organization Controls (SOC) Part III - CO005013
What you will learn:
- SOC evolution
- Learn about SOC 2 audit and who can perform the audit
- Learn how to apply relevant SSAE 18 AICPA Standards
- SOC 1, SOC 2, SOC 3, SOC 2 +, SOC for Cyber Security and SOC for Supply Chain Reports
- Understand scope and use
- Learn about the purpose and relevant standards
- Learn about the subject matter and components of the report
- Understand the use case for SOC for Cyber Security and SOC for Supply Chain
- Learn about SOC 2 + Additional Subject Matter Reports
- Learn the about TSC Mapping to Standards and Frameworks
System & Organization Controls (SOC) Part IV - CO005014
What you will learn:
- Learn about the System and Organization Controls (SOC) - SOC 1, SOC 2 and SOC3
- Understand the businesses that should think about SOC 2
- Learn about the driving factors for SOC compliance
- Learn how SOC 2 is different from SOC 1 and other compliance frameworks
- Understand the difference between a Type I and Type II audit
- Learn to decide the type of SOC report the organizations needs to have
- Learn about the factors driving the audit scope
- Understand the foundation of SOC 1®, SOC 2®, and SOC 3® Reports
- Learn about the SOC 2® and SOC 3® Trust Services Principles
System & Organization Controls (SOC) Part V - CO005015
What you will learn:
- SOC evolution
- Learn about SOC 2 audit and who can perform the audit
- Learn how to apply relevant SSAE 18 AICPA Standards
- SOC 1, SOC 2, SOC 3, SOC 2 +, SOC for Cyber Security and SOC for Supply Chain Reports
- Understand scope and use
- Learn about the purpose and relevant standards
- Learn about the subject matter and components of the report
- Understand the use case for SOC for Cyber Security and SOC for Supply Chain
- Learn about SOC 2 + Additional Subject Matter Reports
- Learn the about TSC Mapping to Standards and Frameworks
System & Organization Controls (SOC) Part VI - CO005016
What you will learn:
- SOC evolution
- Learn about SOC 2 audit and who can perform the audit
- Learn how to apply relevant SSAE 18 AICPA Standards
- SOC 1, SOC 2, SOC 3, SOC 2 +, SOC for Cyber Security and SOC for Supply Chain Reports
- Understand scope and use
- Learn about the purpose and relevant standards
- Learn about the subject matter and components of the report
- Understand the use case for SOC for Cyber Security and SOC for Supply Chain
- Learn about SOC 2 + Additional Subject Matter Reports
- Learn the about TSC Mapping to Standards and Frameworks
System & Organization Controls (SOC) Part VII - CO005017
What you will learn:
- Understand SOC evolution
- Practical implementation knowledge of:
- Common Criteria
- Supplemental Criteria
- Learn about Generally Accepted Privacy Principles (GAPP)
- Understand what’s included in SOC report
- Understand what’s included in Management Assertions and Description of the System
- Understand the AICPA new guidelines - Description Criteria 200 (DC 200)
Prevention, Detection, and Recovery from Cyberattacks Part I - CS01101
What you will learn:
- The myths and reality of cyberattacks
- The different types of cyberattacks
- What it means for business?
- The information technology, information security, and business management weaknesses
- Organization and governance process to manage cyberattacks
- Computer Emergency Response Team (CERT)
- Crisis Management Team (CMT)
Prevention, Detection, and Recovery from Cyberattacks Part II - CS01102
What you will learn:
- Understand Cyberattack Examples
- Study Cyberattack Techniques and Vulnerabilities
- Study the Process of Building a CSIRT
- Understand the Models for Institutionalizing Incident Management Capability
- Understand the CSIRT Constituency
- Learn about the Supporting Policies, Procedures, and Guidance
- Learn about CSIRT Formation Process, Stages, and Categories
- Study the CSIRT Workflow Examples, CSIRT Response Flow - Level 1 Incident, and CSIRT Response Flow - Level 2 and 3 Incident
Prevention, Detection, and Recovery from Cyberattacks Part III - CS01103
What you will learn:
- Organizations need to know exactly what to look for regarding the network’s security and stability. The course content is divided into five parts that train you on how to fight off sophisticated cyberattacks.
- Cyberattack Prevention Basics
- System Weaknesses that can Cause Cyberattacks
- Methods of Cyberattacks
- Different Causes that can Lead to Cyberattacks
- Architectural Solutions, Next-Gen Techniques, and Zero Trust Principle to Prevent Attacks
- Cyberattacks Detection
Prevention, Detection, and Recovery from Cyberattacks Part IV - CS01104
What you will learn:
- The organizations need to know what to look for regarding the network's security and stability.The course content divided into five parts will train you on how to fight off sophisticated cyber attacks.
- Study about the cyberattacks detection
- Learn to identify effective techniques and tools for dealing with the threats
- Learn about human factors, training, etc.of Cyberattacks
- Study about different detection methods – signature recognition, anomaly detection, and heuristic detection
- Learn about managing an unusual volume of alerts, response time, etc.
- Distinguish between the various tools and their properties
- Know what to look for when it comes to the security and stability of the network
- Learn about advanced and next-gen tools and techniques for securing a network
- Learn about cybersecurity tools selection considerations
Incident, Problem & Breach Mgt Awareness - IPBM111
Incident, Problem & Breach Mgt Awareness+ - IPBM112
Incident, Problem & Breach Mgt Advanced - IPBM113
Incident, Problem & Breach Mgt Professional - IPBM114
Privacy Awareness - PAB311
Privacy Awareness+ - PAB312
Privacy Advanced - PAB313
Privacy Professional - PAB314
Cybersecurity Maturity Model Certification Awareness - CMMC411
Cybersecurity Maturity Model Certification Awareness+ - CMMC412
Cybersecurity Maturity Model Certification Advanced - CMMC413
Cybersecurity Maturity Model Certification Professional - CMMC414
FedRAMP NIST FFIEC Awareness - FNFB511
FedRAMP NIST FFIEC Awareness+ - FNFB512
FedRAMP NIST FFIEC Advanced - FNFB513
FedRAMP NIST FFIEC Professional - FNFB514
Healthcare Awareness - HAB711
Healthcare Awareness+ - HAB712
Healthcare Advanced - HAB713
Healthcare Professional - HAB714
System & Organization Controls Awareness - SOCB811
System & Organization Controls Awareness+ - SOCB812
System & Organization Controls Advanced - SOCB813
System & Organization Controls Professional - SOCB814
Access Control PAM Awareness Bundle - ACPAM911
Access Control PAM Awareness+ - ACPAM912
Access Control PAM Advanced - ACPAM913
Access Control PAM Professional - ACPAM914
Onboarding 1 Awareness - OB1011
Onboarding 1 Awareness+ - OB1012
Onboarding 1 Advanced - OB1013
Onboarding 1 Professional - OB1014
Onboarding 2 Awareness - OB2011
Onboarding 2 Awareness+ - OB2012
Onboarding 2 Advanced - OB2013
Onboarding 2 Professional - OB2014
ITGC Process Controls Security FR Awareness - IPCS3011
ITGC Process Controls Security FR Awareness+ - IPCS3012
ITGC Process Controls Security FR Advanced - IPCS3013
ITGC Process Controls Security FR Professional - IPCS3014
ISMS_ISO_SOX Awareness - IISB4011
ISMS_ISO_SOX Awareness+ - IISB4012
ISMS_ISO_SOX Advanced - IISB4013
ISMS_ISO_SOX Professional - IISB4014
Vulnerability Mgt Recovery TPRM Awareness - VMPD5011
Vulnerability Mgt Recovery TPRM Awareness+ - VMPD5012
Vulnerability Mgt Recovery TPRM Advanced - VMPD5013
Vulnerability Mgt Recovery TPRM Professional - VMPD5014
Cybersecurity Best Practices for Startups and Small Businesses Awareness - CBPS6011
Cybersecurity Best Practices for Startups and Small Businesses Awareness+ - CBPS6012
Cybersecurity Best Practices for Startups and Small Businesses Advanced - CBPS6013
Cybersecurity Best Practices for Startups and Small Businesses Professional - CBPS6014
Project Management Awareness - PM7011
Project Management Awareness+ - PM7012
Project Management Advanced - PM7013
Project Management Professional - PM7014
POSH - Prevention of Sexual Harassment at the workplace Part I - POSH1
What you will learn:
- Understand the control fundamentals.
- The courses are configurable to reflect the organization’s unique needs by leveraging organizational policies, procedures, and SecuRetain’s library of interchangeable training assets.
- After completing three courses, users will be able to:
- Understand sexual harassment and identify issues at the workplace
- Understand the history of the PoSH Act and the need for the PoSH Act Training
- Learn about prevention, prohibition, and redressal mechanisms of the PoSH
POSH - Prevention of Sexual Harassment at the workplace Part II - POSH2
What you will learn:
- The courses are configurable to reflect the organization’s unique needs by leveraging organizational policies, procedures, and SecuRetain’s library of interchangeable training assets.
- After completing three course users will be able to:
- Understand sexual harassment and identify issues at workplace
- Learn about prevention, prohibition and redressal mechanism of PoSH Act
- Categorize sexual harassment and understand consequences
POSH - Prevention of Sexual Harassment at the workplace Part III - POSH3
What you will learn:
- After completing three course users will be able to:
- Understand sexual harassment and identify issues at workplace
- Learn about prevention, prohibition and redressal mechanism of PoSH Act
- Categorize sexual harassment and understand consequences
- Understand the history of PoSH Act and the need for the PoSH Act Training
Artificial Intelligence (AI) Machine Learning (ML) Part I
What you will learn:
- What is ML?
- What do you want the ML systems to do?
- How businesses are using ML
- Examples of ML Use Cases
- Putting ML to work
- What is The Business Value of MLOps?
- What Makes MLOps Different From DataOpsand DevOps?
- Why do we need MLOps?
- What are the key challenges that MLOps addresses
Robotic Process Automation (RPA) Part I
What you will learn:
- Learn about the RPA basics, Types of RPA tools, Types of RPA
- Understand the Pros and Cons of RPA
- Learn about RPA & Business Process Management
- Learn where to start and how to start with RPA
- WHY behind RPA
- Learn about the applications of RPA and RPA tools
- Learn to select the right RPA tool
- Understand the process for identifying RPA Opportunities and considerations for RPA
- Learn about the Challenges of RPA Implementation
- Continue to enhance knowledge about the use case
Business Process Reengineering Part I
What you will learn:
- Understand the principles of BPR
- Plan, implement and evaluate BPR in your organization
- Use BPR tools effectively
- Manage the BPR process
- Deal with typical BPR challenges
Project Management Part I
What you will learn:
- Define key project management concepts
- List the reasons why project management needed
- Explain difference between projects and operations
- Identify trends in project management environment
- List project succes and failure factors
- Identify potential benfits of project management
Project Management Part II
What you will learn:
- Define key project management concepts
- List the reasons why project management needed
- Explain difference between projects and operations
- Identify trends in project management environment
- List project succes and failure factors
- Identify potential benfits of project management
Project Management Part III
What you will learn:
- Define key project management concepts
- List the reasons why project management needed
- Explain difference between projects and operations
- Identify trends in project management environment
- List project succes and failure factors
- Identify potential benfits of project management
Project Management Part IV
What you will learn:
- Project Management Tools
- Agile Project Management
- Project Manager Roles
- Project Manager Responsibilities
- How to become project manager
- Project Management methodologies
Project Management Part V
What you will learn:
- Project Life Cycle Models
- Initiating Projects
- Planning Projects
- Executing Projects
- Controlling Projects
- Closing Projects
- Organizational Impacts
- Overview of Knowledge Areas
- Role of the Project Manager