ISO in the Sun - SoftQualM Training

 
ISO in the Sun - SoftQualM Training
SoftQualM
            Training

     2021
Course Program

ISO in the Sun
ISO in the Sun - SoftQualM Training
Welcome to our
                                                 ISO in the Sun
                                                     2021
                                                Course Program                                                Martin Holzke
                                                                                                         Founder of ISO in the Sun

Individual as well as Integrated Management Systems
addressing Risk, Information Security, Business
Continuity, (IT) Services and other areas are getting ever
more important for ever more organisations.
As conformity with the ISO standards and other
frameworks increasingly becomes a requirement to do
business, management and their staff wonder how to get
there.
ISO in the Sun is an ongoing series of courses on Risk,
Information Security, Business Continuity, Service, Project
and Integrated Management, hosted by SoftQualM in
the beautiful surroundings of Lanzarote in the Canary
Islands, Spain.                                                 We limit courses to ten students as well as running courses
                                                                even with only one or two students.
This is the ideal opportunity to combine your continuing
professional education with a break in the sun.                 You learn from instructors with a wealth of real-world
                                                                experience. As for myself, I travel the world as consultant,
We believe that the success of training courses is greatly      auditor and trainer, and love sharing those experiences
enhanced by an enjoyable learning environment.                  that often put things into perspective in my courses.
At the end of the training day you can relax at the beach       As an added benefit, students regularly confirm that they
and have dinner outside in one of the many restaurants -        save significantly coming here compared to attending
just as we do at lunch time - all thanks to the great climate   similar courses in the typical metropolitan settings.
here all year around where Winter doesn’t exist.
                                                                Our Students come from all kinds of industries and sizes of
Alternatively, you can also join most of our courses live       organisations world-wide, from freelance consultants and
online from wherever you are and sit the exams online.          auditors, SMEs to Multinationals and EU institutions.
                                                                Our courses are usually open and hence held in English yet
                                                                exams often are available in multiple languages. Our
                                                                trainers are however multi-lingual and we can arrange
                                                                courses, eg in German as well as “in-house” in Lanzarote
                                                                or for self-study. Simply enquire.
                                                                We are scheduling more events all the time, so please
                                                                follow us on social media and our website or get in touch if
                                                                interested in other subjects and dates.
                                                                We look forward to welcoming you here in Lanzarote
                                                                        Martin Holzke

                                                                                                                  SoftQualM
                                                                                                                                Training
                   More Courses, Dates, T&Cs, Info and Booking:
                    www.ISOintheSun.com or +34 609 124 289
ISO in the Sun - SoftQualM Training
Spring 2021 Schedule Overview

Integrated Management Systems (IMS)                         Business Continuity
Ÿ   IMS Lead Auditor                                        Ÿ   PECB ISO 22301 Business Continuity
    14. - 18. June 2021 (5 Days) - € 1750                       Management System (BCMS) Lead Auditor
                                                                17. - 21. May 2021 (5 Days) - € 1750
Information Security                                        Ÿ   PECB ISO 22301 Business Continuity
Ÿ   PECB ISO/IEC 27001 Information Security                     Management System (BCMS) Lead Implementer
    Management System (ISMS) Lead Auditor                       24. - 28. May 2021 (5 Days) - € 1750
    10. - 14. May 2021 (5 Days) - € 1750
                                                            Service Management
Ÿ   PECB ISO/IEC 27001 Information Security
    Management System (ISMS) Lead Implementer               Ÿ   PECB ISO/IEC 20000 Service Management
    17. - 21. May 2021 (5 Days) - € 1750                        System (SMS) Lead Auditor
                                                                5. - 9. April 2021 (5 Days) - € 1750
Ÿ   PECB ISO/IEC 27701 Privacy Information
    Management System (PIMS) Lead Implementer               Ÿ   PECB ISO/IEC 20000 Service Management
    24. - 28. May 2021 (5 Days) - € 1750                        System (SMS) Lead Implementer
                                                                5. - 9. April 2021 (5 Days) - € 1750
Ÿ   PECB EU General Data Protection Regulation (GDPR)
    Data Protection Officer
    14. - 18. June 2021 (5 Days) - € 1750
                                                            Risk Management
Ÿ   CISSP Bootcamp                                          Ÿ   PECB ISO 31000 Risk Manager
    (Certified Information Systems Security Professional)       26. - 28. April 2021 (3 Days) - € 1100
    12. - 16. April 2021 (5 Days) - € 2450                  Ÿ   PECB ISO/IEC 27005 Information Security
Ÿ   CISA Bootcamp                                               Risk Manager
    (Certified Information Security Auditor)                    5. - 7. May 2021 (3 Days) - € 1100
    12. - 16. April 2021 (5 Days) - € 2450                  Ÿ   Managing Cyber Security Risk and Resilience
Ÿ   CISM Bootcamp                                               31. May - 4. June 2021 (5 Days) - € 1750
    (Certified Information Security Manager)                Ÿ   Third Party Supplier and Vendor Risk Management
    12. - 14. April 2021 (3 Days) - € 1450                      7. - 11. June 2021 (5 Days) - € 1750
Ÿ   CRISC Bootcamp
    (Certified In Risk and Information System Control)
                                                            Project Management
    12. - 14. April 2021 (3 Days) - € 1450                  Ÿ PRINCE2 Foundation
                                                              31. May - 2. June 2021 (3 Days) - € 1300
                                                            Ÿ   PRINCE2 Practitioner
                                                                3. - 4. June 2021 (2 Days) - € 1100
                                                            Ÿ   PRINCE2 Foundation + Practitioner
                                                                31. May - 4. June 2021 (5 Days) - € 2100

                                                                                                           SoftQualM
                                                                                                               Training
                   More Courses, Dates, T&Cs, Info and Booking:
                    www.ISOintheSun.com or +34 609 124 289
ISO in the Sun - SoftQualM Training
Autumn 2021 Schedule Overview

Integrated Management Systems (IMS)                         Business Continuity
Ÿ   IMS Lead Auditor                                        Ÿ   PECB ISO 22301 Business Continuity
    22. - 26. November 2021 (5 Days) - € 1750                   Management System (BCMS) Lead Auditor
                                                                8. - 12. November 2021 (5 Days) - € 1750
Information Security                                        Ÿ   PECB ISO 22301 Business Continuity
Ÿ   PECB ISO/IEC 27001 Information Security                     Management System (BCMS) Lead Implementer
    Management System (ISMS) Lead Auditor                       15. - 19. November 2021 (5 Days) - € 1750
    27. September - 1. October 2021 (5 Days) - € 1750
                                                            Service Management
Ÿ   PECB ISO/IEC 27001 Information Security
    Management System (ISMS) Lead Implementer               Ÿ   PECB ISO/IEC 20000 Service Management
    4. - 8. October 2021 (5 Days) - € 1750                      System (SMS) Lead Auditor
                                                                15. - 19. November 2021 (5 Days) - € 1750
Ÿ   PECB ISO/IEC 27701 Privacy Information
    Management System (PIMS) Lead Implementer               Ÿ   PECB ISO/IEC 20000 Service Management
    11. - 15. October 2021 (5 Days) - € 1750                    System (SMS) Lead Implementer
                                                                8. - 12. November 2021 (5 Days) - € 1750
Ÿ   PECB EU General Data Protection Regulation (GDPR)
    Data Protection Officer
    22. - 26. November 2021 (5 Days) - € 1750
                                                            Risk Management
Ÿ   CISSP Bootcamp                                          Ÿ   PECB ISO 31000 Risk Manager
    (Certified Information Systems Security Professional)       29. November - 1. December 2021 (3 Days) - € 1100
    25. - 29. October 2021 (5 Days) - € 2450                Ÿ   PECB ISO/IEC 27005 Information Security
Ÿ   CISA Bootcamp                                               Risk Manager
    (Certified Information Security Auditor)                    3. - 5. November 2021 (3 Days) - € 1100
    25. - 29. October 2021 (5 Days) - € 2450                Ÿ   Managing Cyber Security Risk and Resilience
Ÿ   CISM Bootcamp                                               11. - 15. October 2021 (5 Days) - € 1750
    (Certified Information Security Manager)                Ÿ   Third Party Supplier and Vendor Risk Management
    25. - 27. October 2021 (3 Days) - € 1450                    18. - 22. October 2021 (5 Days) - € 1750
Ÿ   CRISC Bootcamp
    (Certified In Risk and Information System Control)
                                                            Project Management
    25. - 27. October 2021 (3 Days) - € 1450                Ÿ PRINCE2 Foundation
                                                              11. - 13. October 2021 (3 Days) - € 1300
                                                            Ÿ   PRINCE2 Practitioner
                                                                14. - 15. October 2021 (2 Days) - € 1100
                                                            Ÿ   PRINCE2 Foundation + Practitioner
                                                                11. - 15. October 2021 (5 Days) - € 2100

                                                                                                           SoftQualM
                                                                                                               Training
                   More Courses, Dates, T&Cs, Info and Booking:
                    www.ISOintheSun.com or +34 609 124 289
ISO in the Sun - SoftQualM Training
Integrated Management System (IMS)
                                            Lead Auditor
                    5 Days - € 1750 - 31 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
                                   Next Dates: 14. - 18. June 2021 and 22. - 26. November 2021
                                           This five day course provides an overview to
                      the structure of an Integrated Management System (IMS) based on ISO/IEC Annex L,
                             and how to audit the same internally or in the context of certification.

Overview                                                            Objectives
This five day course introduces the structure of an                 Completion of this course will enable students to
Integrated Management System (IMS) derived from                     Ÿ Describe core processes of an Annex L based IMS
ISO/IEC's normative Annex L (Proposals for management               Ÿ Identify additional specific requirements based on
system standards) as well as specific requirements of                 the chosen IMS scope
relevant ISO Standards implementing Annex L, namely                 Ÿ Recognise the range of different audit types, criteria
ISO 9001:2015, ISO 14001:2015, ISO 45001:2018,                        and objectives
ISO/IEC 20000-1:2018, ISO 22301:2019 and                            Ÿ Understand applicable audit methods and develop
ISO/IEC 27001:2013, and how to add any further                        skills to apply these
applicable requirements, eg PCI-DSS, SOX, GDPR etc.                 Ÿ Execute audit aspect of the certification process
                                                                    Ÿ Manage IMS audit teams
At the same time, the course explains processes, methods
and skills required to allow an auditor to assess such an
IMS all the way through to certification in line with relevant
                                                                    Audience
ISO (certification) standards, in particular                        This course is aimed at students tasked with
ISO/IEC 17021-1:2015 and ISO 19011:2018.                            Ÿ  Assessing an organisation's processes
The course consists of a mix of presentation, discussion               as part of implementing an IMS
and exercises based on real-world examples.                         Ÿ Performing self-assessments, pre-cert or internal
                                                                       audits of an IMS
Outline                                                             Ÿ Acting as (lead) auditor on behalf
                                                                       of a certification body
Introducing IMS-Auditing
Ÿ
Ÿ
    Setting the Scene: ISO Management Systems
    The ISO Management System Audit Approach
                                                                    Prerequisites
Ÿ   Audit Methods                                                   General understanding of common business processes.
Assessing Elements of an IMS                                        Some past exposure to management systems and / or
Ÿ   IMS Element 1: Leadership (Annex L clause 5)
Ÿ   IMS Element 2: Context of the Organisation (Annex L clause 4)   audits helpful, but not required.
Ÿ   Audit Methods - Part 1: Document Review, Interview
Ÿ   IMS Element 3: Support (Annex L clause 7)                       Examination and Certification
Ÿ   IMS Element 4: Planning (Annex L clause 6)
Ÿ   Audit Methods - Part 2: Observation, Sampling                   The course ends with a three hour written essay-style
Ÿ   IMS Element 5: Operation (Annex L clause 8)                     exam on the last day available in multiple languages.
Ÿ   IMS Element 6: Performance Evaluation (Annex L clause 9)
Ÿ   Audit Methods - Part 3: Corroboration                           This course has been designed by SoftQualM and
Ÿ   IMS Element 7: Improvement (Annex L clause 10)
Ÿ   IMS Element 8: Management Review (Annex L clause 9.3)
                                                                    partners, who also mark the exam and issue the
                                                                    IMS Lead Auditor certification in accordance with
Auditing an IMS                                                     ISO/IEC 17024:2012.
Ÿ   Audit Principles
Ÿ   Overview of the different Types of Audits                       Exam and first year certification fees are included in the
Ÿ   Certification Process per ISO/IEC 17021-1:2015 et al            course fees.
Ÿ   Audit Skills

                                                                                                                  SoftQualM
                                                                                                                          Training
                        More Courses, Dates, T&Cs, Info and Booking:
                         www.ISOintheSun.com or +34 609 124 289
ISO in the Sun - SoftQualM Training
PECB ISO/IEC 27001 Information Security
                            Management System (ISMS) Lead Auditor
                     5 Days - € 1750 - 31 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
                              Next Dates: 10. - 14. May 2021 and 27. September - 1. October 2021
                                         This five day course provides an overview to
             the structure of an Information Security Management System (ISMS) based on ISO/IEC 27001:2013,
                            and how to audit the same internally or in the context of certification.

Overview                                                             Objectives
This five day course enables participants to develop the             Completion of this course will enable students to
necessary expertise to audit an Information Security                 Ÿ Understand the principles of an ISMS conforming to
Management System against ISO/IEC 27001:2013 and to                    ISO/IEC 27001:2013
manage a team of auditors by applying widely recognized              Ÿ Perform ISO/IEC 27001:2013 internal audits
audit principles, procedures and techniques.                         Ÿ Execute ISO/IEC 27001:2013 certification audits on
During this training, the participants will acquire the                behalf of a certification body
                                                                     Ÿ Manage ISMS audit teams
necessary knowledge and skills to proficiently plan and
perform internal and external audits in compliance with
ISO 19011:2018, as well as understanding the
                                                                     Audience
certification process according to ISO/IEC 17021-1:2015              This course is aimed at students with (future) roles like
and ISO/IEC 27006:2015.                                              Ÿ Internal auditors
The course consists of a mix of presentation, discussion             Ÿ ISMS certification auditors
and exercises based on real-world examples.                          Ÿ Project managers, consultants and information
                                                                        security team members participating in ISMS audits
Outline                                                              Ÿ IT and information security practitioners moving into
                                                                        audit roles
Introduction to ISMS Concepts per ISO/IEC 27001:2013
Ÿ
Ÿ
    Normative, Regulatory and Legal Framework
    Fundamental Principles of Information Security
                                                                     Prerequisites
Ÿ   ISO/IEC 27001:2013 Certification Process                         General understanding of common business processes.
Ÿ   Information Security Management System (ISMS)
Ÿ   Clauses of ISO/IEC 27001:2013                                    Some past exposure to information or IT security,
Planning and Initiating the Audit                                    management systems and audits helpful, but not
Ÿ   Fundamental Audit Concepts and Principles                        required.
Ÿ   Audit Approach based on Evidence and Risk
Ÿ
Ÿ
    Preparation of an ISO/IEC 27001:2013 Certification Audit
    ISMS Documentation Audit
                                                                     Examination and Certification
Ÿ   Conducting an Opening Meeting                                    The course ends with a three hour written essay-style
Conducting the Audit                                                 exam on the last day available in multiple languages.
Ÿ   Communication during the Audit
Ÿ   Audit procedures: Observation, Document Review, Interview,       This course is designed by PECB in Canada, who also mark
    Sampling, Technical Verification, Corroboration and Evaluation   the exam and issue respective certifications as per their
Ÿ   Audit Test Plans                                                 criteria. PECB is a personnel certification body, accredited
Ÿ   Formulation of Audit Findings                                    to ISO/IEC 17024:2012 by IAS. See www.pecb.com for full
Ÿ   Documenting Nonconformities
                                                                     details.
Concluding and Follow-up of the Audit
Ÿ   Audit Documentation                                              Exam and first year certification fees are included in the
Ÿ   Quality Review                                                   course fees. PECB‘s certification requirements apply.
Ÿ   Conducting a Closing Meeting and Conclusion of the Audit
Ÿ   Evaluation of Corrective Action Plans
Ÿ   Surveillance and Re-Certification Audits
Ÿ   Internal Audit Management Program

                                                                                                                    SoftQualM
                                                                                                                             Training
                       More Courses, Dates, T&Cs, Info and Booking:
                        www.ISOintheSun.com or +34 609 124 289
ISO in the Sun - SoftQualM Training
PECB ISO/IEC 27001 Information Security
                      Management System (ISMS) Lead Implementer
                    5 Days - € 1750 - 31 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
                                      Next Dates: 17. - 21. May 2021 and 4. - 8. October 2021
                                         This five day course provides an overview to
             the structure of an Information Security Management System (ISMS) based on ISO/IEC 27001:2013,
                   and how to implement the same in an organisation, eg for the purpose of certification.

Overview                                                            Objectives
This five day course enables participants to develop the            Completion of this course will enable students to
necessary expertise to support an organisation in                   Ÿ Understand the principles of an ISMS conforming to
implementing and managing an Information Security                     ISO/IEC 27001:2013, including the relationship
Management System based on ISO/IEC 27001:2013.                        between its components, eg risk management,
Participants will also gain a thorough understanding of               controls, requirements of interested parties
                                                                    Ÿ Apply concepts, approaches, standards, methods
best practices used to implement information security
controls from all areas of ISO/IEC 27002:2013.                        and techniques for the effective operation of an ISMS
                                                                    Ÿ Advise organisations on ISMS best practices
This training incorporates project management practices             Ÿ Manage teams implementing ISO/IEC 27001:2013
as well as further guidance from elsewhere in the
ISO/IEC 27000 family of standards, eg ISO/IEC 27003                 Audience
(Implementation), ISO/IEC 27004 (Measurements),
ISO/IEC 27005 (Risk Management) etc.                                This course is aimed at students with (future) roles like
                                                                    Ÿ Project managers, consultants and team members
The course consists of a mix of presentation, discussion               implementing an ISMS
and exercises based on real-world examples.                         Ÿ (IT) Professionals moving into ISMS operation
                                                                    Ÿ CxO and senior managers of an ISMS scope
Outline                                                             Ÿ Auditors requiring more ISMS implementation insight
Introduction to ISMS Concepts per ISO/IEC 27001:2013
Ÿ   Normative, Regulatory and Legal Framework                       Prerequisites
Ÿ   Fundamental Principles of Information Security
Ÿ   Information Security Management System (ISMS)                   General understanding of common business processes.
Ÿ   Clauses of ISO/IEC 27001:2013
                                                                    Some past exposure to information or IT security,
Planning and Initiating the ISMS Implementation                     management systems and / or project management
Ÿ   Gap Analysis, Business Case and Project Plan                    helpful, but not required.
Ÿ   Defining Scope and Objectives of the ISMS
Ÿ   Development of Information Security Policies
Ÿ   Risk Management: Approach, Methodology, Identification,         Examination and Certification
    Analysis, Evaluation and Treatment of Risk
Ÿ   Drafting the Statement of Applicability                         The course ends with a three hour written essay-style
                                                                    exam on the last day available in multiple languages.
Implementing the ISMS
Ÿ   Implementation of a Document Management Framework               This course is designed by PECB in Canada, who also mark
Ÿ   Design of Controls and Writing Procedures                       the exam and issue respective certifications as per their
Ÿ   Implementation of Controls based ISO/IEC 27001:2013 Annex A
Ÿ   Development of a Communication, Training & Awareness Program
                                                                    criteria. PECB is a personnel certification body, accredited
Ÿ   Incident Management                                             to ISO/IEC 17024:2012 by IAS. See www.pecb.com for full
Ÿ   Operations Management of the ISMS                               details.
Performance Evaluation and Improving the ISMS                       Exam and first year certification fees are included in the
Ÿ   Monitoring the ISMS with Metrics, Performance Indicators etc    course fees. PECB‘s certification requirements apply.
Ÿ   Internal Audit, Management Review and Corrective Actions
Ÿ   Implementation of a Continual Improvement Program
Ÿ   Preparing for the Certification Audit

                                                                                                                   SoftQualM
                                                                                                                            Training
                       More Courses, Dates, T&Cs, Info and Booking:
                        www.ISOintheSun.com or +34 609 124 289
ISO in the Sun - SoftQualM Training
PECB ISO/IEC 27701 Privacy Information
                       Management System (PIMS) Lead Implementer
                     5 Days - € 1750 - 31 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
                                      Next Dates: 24. - 28. May 2021 and 11. - 15. October 2021
                                           This five day course provides an overview to
              the structure of an Privacy Information Management System (PIMS) based on ISO/IEC 27701:2019,
                    and how to implement the same in an organisation, eg for the purpose of certification.

Overview                                                               Objectives
This five day course enables participants to develop the               Completion of this course will enable students to
necessary expertise to support an organisation in                      Ÿ Understand the principles of a PIMS conforming to
implementing and managing an Privacy Information                         ISO/IEC 27701:2019, including the relationship to
Management System based on ISO/IEC 27701:2019.                           and ISMS, ISO/IEC 27001:2013, ISO/IEC 27002:2013
Participants will also gain a thorough understanding of                  etc and regulatory frameworks
                                                                       Ÿ Apply concepts, approaches, standards, methods
requirements and guidance of ISO/IEC 27701:2019 as well
as their relationship ISO/IEC 27001:2013 et al and thus                  and techniques for the effective operation of an PIMS
                                                                       Ÿ Advise organisations on PIMS best practices
that between a PIMS and an ISMS.
                                                                       Ÿ Manage teams implementing ISO/IEC 27701:2019
Moreover, participants will gain a comprehensive
understanding of best practices of privacy information                 Audience
management and learn how to manage and process data
while complying with various data privacy regimes.                     This course is aimed at students with (future) roles like
                                                                       Ÿ Project managers, consultants and team members
The course consists of a mix of presentation, discussion                  implementing privacy and data management
and exercises based on real-world examples.                            Ÿ Data and privacy officers
                                                                       Ÿ CxO and senior managers of a PIMS and ISMS scope
Outline                                                                Ÿ Auditors requiring more PIMS implementation insight
Introduction to PIMS Concepts per ISO/IEC 27701:2019
Ÿ   Normative, Regulatory and Legal Framework                          Prerequisites
Ÿ   Fundamental Principles of Information Security and Privacy
Ÿ   Privacy Information Management System (PIMS)                       General understanding of common business processes.
Planning the PIMS Implementation                                       Some past exposure to information or IT security,
Ÿ   PIMS Scope and Privacy Policy                                      management systems and / or project management
Ÿ   Privacy Risk Assessment                                            helpful, but not required.
Ÿ   Privacy Impact Assessment
Ÿ   PIMS Statement of Applicability
Ÿ   Selection of Controls                                              Examination and Certification
Ÿ   Documentation Management
                                                                       The course ends with a three hour written essay-style
Implementing the PIMS                                                  exam on the last day available in multiple languages.
Ÿ   Implementation of Controls
Ÿ   Implementation of Controls specific to Controllers of Personally   This course is designed by PECB in Canada, who also mark
    Identifiable Information (PII)                                     the exam and issue respective certifications as per their
Ÿ   Implementation of Controls specific to PII
Ÿ   Awareness, Training und Communication
                                                                       criteria. PECB is a personnel certification body, accredited
                                                                       to ISO/IEC 17024:2012 by IAS. See www.pecb.com for full
Performance Evaluation and Improving the PIMS                          details.
Ÿ   Monitoring the PIMS with Metrics, Performance Indicators etc
Ÿ   Internal Audit, Management Review and Corrective Actions           Exam and first year certification fees are included in the
Ÿ   Continual Improvement                                              course fees. PECB‘s certification requirements apply.
Ÿ   Preparing for the Certification Audit

                                                                                                                      SoftQualM
                                                                                                                               Training
                        More Courses, Dates, T&Cs, Info and Booking:
                         www.ISOintheSun.com or +34 609 124 289
ISO in the Sun - SoftQualM Training
PECB EU General Data Protection Regulation (GDPR)
                             Data Protection Officer
                     5 Days - € 1750 - 31 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
                                    Next Dates: 14. - 18. June 2021 and 22. - 26. November 2021
                                      This five day course provides an overview to
                       the requirements of the GDPR in force and applicable since of 25. May 2018,
           and how to implement the same in an organisation dealing with data subjects in the European Union.

Overview                                                            Objectives
This five day course enables participants to develop the            Completion of this course will enable students to
necessary knowledge, skills and competence to                       Ÿ Gain a comprehensive understanding of the
effectively implement and manage a compliance                         concepts and approaches of the GDPR
framework with regards to the protection of personal                Ÿ Understand the new requirements that the GDPR
data.                                                                 brings for EU and non-EU organisations and
By mastering all the necessary concepts of EU General                 when it is necessary to implement them
                                                                    Ÿ Manage a team implementing the GDPR
Data Protection Regulation (GDPR), participants will gain
                                                                    Ÿ Gain the knowledge and skills required to advise
a thorough understanding of the gap between the GDPR
and the current organizational processes including privacy            organisations how to manage personal data
policies, procedures, working instructions, consent forms,
data protection impact assessments, in order to assists
                                                                    Audience
organisations in the adoption process to the new                    This course is aimed at students with (future) roles like
regulation.                                                         Ÿ  Project managers, consultants, advisors and team
The course consists of a mix of presentation, discussion               members implementing the GDPR
and exercises based on real-world examples.                         Ÿ Data Protection Officers and senior managers
                                                                       responsible for the personal data protection
Outline                                                             Ÿ Members of information security, incident
                                                                       management and business continuity teams
Introduction to GDPR Essentials
Ÿ
Ÿ
    Fundamental Principles of the GDPR
    Initiating the GDPR Implementation
                                                                    Prerequisites
Ÿ   Understanding the Organisation                                  General understanding of common business processes.
Ÿ   Clarifying the Data Protection Objectives
Ÿ   Analysis of the Existing System                                 Some past exposure to data protection helpful, but not
Planning the Implementation of the GDPR                             required.
Ÿ   Leadership and Project Approval
Ÿ   Data Protection Policy                                          Examination and Certification
Ÿ   Definition of the Organizational Structure
Ÿ   Data Classification                                             The course ends with a three hour written essay-style
Ÿ   Risk Assessment under the GDPR                                  exam on the last day available in multiple languages.
Deploying the GDPR                                                  This course is designed by PECB in Canada, who also mark
Ÿ   Privacy Impact Assessment (PIA)
Ÿ   Design of Security Controls and Drafting of Specific Policies   the exam and issue respective certifications as per their
Ÿ   Implementation of Controls                                      criteria. PECB is a personnel certification body, accredited
Ÿ   Definition of the Document Management Process                   to ISO/IEC 17024:2012 by IAS. See www.pecb.com for full
Ÿ   Communication, Training and Awareness Plan                      details.
Monitoring and Improving the GDPR compliance                        Exam and first year certification fees are included in the
Ÿ   Operations and Incident Management
Ÿ   Monitoring, Measurement, Analysis and Evaluation                course fees. PECB‘s certification requirements apply.
Ÿ   Internal Audit
Ÿ   Data Breaches and Corrective Actions
Ÿ   Continual Improvement

                                                                                                                   SoftQualM
                                                                                                                            Training
                        More Courses, Dates, T&Cs, Info and Booking:
                         www.ISOintheSun.com or +34 609 124 289
ISO in the Sun - SoftQualM Training
CISSP Bootcamp
             (Certified Information Systems Security Professional)
                 5 Days - € 2450 - 31 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
                              Next Dates: 12. - 16. April 2021 and 25. - 29. October 2021
        This five day course will prepare for the CISSP Certified Information Systems Security Professional exam,
                                  covering the entire CBK (Common Body of Knowledge)
                                                   as defined by (ISC)2.

Overview                                                       Objectives
This training provides a comprehensive review of               Completion of this course will enable students to
information security concepts and industry best practices,     Ÿ Understand the 8 domains of knowledge that are
covering the 8 domains of the CISSP CBK (Common Body of          covered on the CISSP exam
Knowledge).                                                    Ÿ Analyse questions on the exam and be able to select
Several types of activities are used throughout the course       the correct answer
                                                               Ÿ Apply the knowledge and testing skills learned in
to reinforce topics and increase knowledge retention.
These activities include open ended questions from the           class to pass the CISSP exam
                                                               Ÿ Understand and explain all of the concepts covered
instructor to the students, matching and poll questions,
group activities, open/closed questions, and group               in the 8 domains of knowledge
                                                               Ÿ Apply the skills learned across the 8 domains to
discussions. the interactive learning technique is based
on sound adult learning theories.                                solve security problems when you return to work

This training course will help candidates review and           Audience
refresh their information security knowledge and help
identify areas they need to study for the CISSP exam and       This course is aimed at students with (future) roles like
features.                                                      Ÿ Security consultants, architects and managers, IT
                                                                  directors and managers
The vendor-neutral CISSP certification is the ideal            Ÿ Security analysts, security systems engineers,
credential for those with proven deep technical and               network architects
managerial competence, skills, experience, and credibility     Ÿ Chief information security officers (CISOs),
to design, engineer, implement, and manage their overall          directors of security etc.
information security program to protect organizations          Ÿ Security auditors
from growing sophisticated attacks.
The CISSP certification is recognized worldwide.               Prerequisites
                                                               Basic knowledge of information systems is recommended.
Outline
                                                               Minimum of four students are required to run this course.
Security and Risk Management
Asset Security                                                 Examination and Certification
Security Engineering                                           This course has been designed and is delivered by
                                                               Nitroxis and their trainers.
Communications and Network Security
                                                               Note: this course does not include the CISSP exam. This has
Identity and Access Management                                 to be taken at the dedicated test facilities as defined by
Security Assessment and Testing                                (ISC)2. (ISC)2‘s certification requirements apply.

Security Operations
Software Development Security

                                                                                                              SoftQualM
                                                                                                                      Training
                   More Courses, Dates, T&Cs, Info and Booking:
                    www.ISOintheSun.com or +34 609 124 289
CISA Bootcamp
                               (Certified Information Systems Auditor)
                    5 Days - € 2450 - 31 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
                                    Next Dates: 12. - 16. April 2021 and 25. - 29. October 2021
                    This five day course prepares for the CISA® Certified Information Systems Auditor exam,
                                     covering the entire Common Body of Knowledge (CBK)
                        as defined by the ISACA® (Information Systems Audit and Control Association).

Overview                                                                 Objectives
This training provides a comprehensive review of                         Completion of this course will enable students to
information security auditing concepts and industry best                 Ÿ Know the 5 major areas covered by
practices, covering the 5 major areas of the CISA CBK                      the CISA® certification
(Common Body of Knowledge).                                              Ÿ Understand the concepts of IT audit and
This training course will help candidates review and                       IT governance
                                                                         Ÿ Preparing for the CISA Certification Exam, eg by using
refresh their information security auditing knowledge and
help identify areas they need to study for the CISA exam.                  multiple choices questions from previous CISA
                                                                           sessions (or comparable exams).
CISA certification is recognized worldwide.
                                                                         Audience
Outline
                                                                         This course is aimed at students with (future) roles like
Information Systems Auditing Process                                     Ÿ Information system directors, CISOs
Ÿ   Audit Standards and Types, Ethics, Risk-based Approach               Ÿ Auditors moving into the information security domain
Ÿ   Project Management, Sampling, Evidence Collection                    Ÿ Staff responsible for business continuity
Ÿ   Data Analytics, Reporting, QA and Audit Process Improvement          Ÿ People for which the control of information security is
Governance and Management of IT                                             fundamental in achieving their goals
Ÿ   IT Strategy, Frameworks, Standards, Organisational Structures
Ÿ   Enterprise Architecture and Risk Management, Maturity Models         Prerequisites
Ÿ   IT Resource and Service Provider Management
Ÿ   Performance Monitoring and Reporting                                 Basic knowledge of information systems is recommended.
Ÿ   Quality Assurance and Quality Management of IT
                                                                         Minimum of two students are required to run this course.
Information Systems Acquisition, Development and
Implementation                                                           Examination and Certification
Ÿ   Project Management, Business Case, Feasibility Analysis              This course has been designed and is delivered by
Ÿ   System Development Methodologies, Controls
Ÿ   System Migration, Infrastructure Deployment and Data Conversion      Nitroxis and their trainers.
Ÿ   Testing Methodologies, Post-Implementation Review
                                                                         Note: this course does not include the CISA exam. This has
Information Systems Operation and Resilience                             to be taken at the dedicated test facilities as defined by
Ÿ   IT Asset, Performance, Incident and Problem Management               ISACA. ISACA‘s certification requirements apply.
Ÿ   Change, Configuration, Release and Patch Management
Ÿ   End-User Computing, Database Management etc.
Ÿ   Backup, Storage, Restoration and Recovery, Business Continuity

Protection of Information Assets
Ÿ   Privacy, Data Classification, IAM, Encryption, Physical Controls
Ÿ   Network, Endpoint, Mobile, Wireless & IoT Security, Virtualization
Ÿ   Security Awareness, Attacks, Testing and Monitoring
Ÿ   Incident Response Management, Evidence Collection and Forensics

                                                                                                                       SoftQualM
                                                                                                                               Training
                       More Courses, Dates, T&Cs, Info and Booking:
                        www.ISOintheSun.com or +34 609 124 289
CISM Bootcamp
                             (Certified Information Security Manager)
                    3 Days - € 1450 - 21 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
                                    Next Dates: 12. - 14. April 2021 and 25. - 27. October 2021
                  This three day course prepares for the CISM® Certified Information Systems Manager exam,
                                     covering the entire Common Body of Knowledge (CBK)
                         as defined by the ISACA® (Information Systems Audit and Control Association).

Overview                                                                Objectives
This training provides a comprehensive review of                        Completion of this course will enable students to
information security concepts and industry best practices,              Ÿ Know the 4 domains covered by
covering the 4 domains of the CISM CBK (Common Body of                    the CISM® certification
Knowledge).                                                             Ÿ Understand the concepts of information security
This training course will help candidates review and                      management
                                                                        Ÿ Preparing for the CISM Certification Exam, eg by
refresh their information security management knowledge
and help identify areas they need to study for the CISM                   using multiple choices questions from previous CISM
exam.                                                                     sessions (or comparable exams).

CISM certification is recognized worldwide.                             Audience
Outline                                                                 This course is aimed at students with (future) roles like
                                                                        Ÿ Information system directors, CISOs
Information Security Governance                                         Ÿ Staff responsible for business continuity
Ÿ   Alignment of policy security information on the business strategy   Ÿ People for which the control of information security is
    and direction                                                          fundamental in achieving their goals
Ÿ   Policy security information development                             Ÿ Auditors requiring more information security
Ÿ   Commitment of senior management and support for information
    security across the enterprise
                                                                           management insight
Ÿ   Roles and responsibilities in the governance of information
    security                                                            Prerequisites
Information Security Risk Management and Compliance                     Basic knowledge of information systems is recommended.
Ÿ   Development of a systematic and analytical approach and the
    ongoing process of risk management
                                                                        Minimum of two students are required to run this course.
Ÿ   Identification, analysis and risk assessment
Ÿ   Definition of strategies risk treatment                             Examination and Certification
Ÿ   Risk management communication
                                                                        This course has been designed and is delivered by
Information Security Program Development and                            Nitroxis and their trainers.
Management
Ÿ   The security information architecture
                                                                        Note: this course does not include the CISM exam. This has
Ÿ   Methods to define the required security measures                    to be taken at the dedicated test facilities as defined by
Ÿ   Contract management and information security requirements           ISACA. ISACA‘s certification requirements apply.
Ÿ   Metrics and evaluation of IT security performance

Information Security Incident Management
Ÿ   Components of a security incident management plan
Ÿ   Concepts and practices in the management of security incidents
Ÿ   Method classification
Ÿ   Notification and escalation process
Ÿ   Detection techniques and incidents analysis

                                                                                                                      SoftQualM
                                                                                                                              Training
                       More Courses, Dates, T&Cs, Info and Booking:
                        www.ISOintheSun.com or +34 609 124 289
CRISC Bootcamp
                   (Certified In Risk and Information System Control)
                     3 Days - € 1450 - 21 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
                                    Next Dates: 12. - 14. April 2021 and 25. - 27. October 2021
            This three day course prepares for the CRISC® Certified In Risk and Information System Control exam,
                                   covering the entire Common Body of Knowledge (CBK)
                       as defined by the ISACA® (Information Systems Audit and Control Association).

Overview                                                              Objectives
This training provides a comprehensive review of                      Completion of this course will enable students to
information security concepts and industry best practices,            Ÿ Master the risk management approach according the
covering the 4 key areas of the CRISC CBK (Common Body                  CRISC
of Knowledge).                                                        Ÿ Apply the best response strategies to the risks
This training course will help candidates review and                    weighing on the information systems
                                                                      Ÿ Define information system controls
refresh their IT risk management knowledge and help
                                                                      Ÿ Use best risk and control monitoring practices
identify areas they need to study for the CRISC exam.
                                                                      Ÿ Preparing for the CRISC Certification Exam, eg by
CRISC certification is recognized worldwide.                            using multiple choices questions from previous CRISC
                                                                        sessions (or comparable exams).
Outline
IT Risk Identification
                                                                      Audience
Ÿ   Risk Capacity, Appetite, Tolerance, Culture and Communication     This course is aimed at students with (future) roles like
Ÿ   Risk Concepts and Principles, IT Risk Strategy                    Ÿ Governance, information and cyber security
Ÿ   IT Concepts and Areas of Concern for the Risk Practitioner           consultants, CISOs
Ÿ   Methods of Risk Identification
                                                                      Ÿ Risk and control professionals
Ÿ   IT Risk Scenarios, Register, Ownership and Awareness
                                                                      Ÿ IT and compliance professionals
IT Risk Assessment                                                    Ÿ Project managers, business analysts
Ÿ   Risk Assessment Techniques                                        Ÿ Auditors requiring more IT risk management insight
Ÿ   Analysing Risk Scenarios, Risks and State of Controls
Ÿ
Ÿ
    Analysis Methodologies, Risk Ranking
    Project and Program Management
                                                                      Prerequisites
Ÿ   Documenting Risk Assessments                                      Basic knowledge of information systems is recommended.
Risk Response and Mitigation                                          Minimum of two students are required to run this course.
Ÿ   Aligning Risk Response with Business Objectives
Ÿ
Ÿ
    Risk Response Options and Action Plans
    Control Design, Implementation, Monitoring and Effectiveness
                                                                      Examination and Certification
Ÿ   Vulnerabilities Associated with New Controls                      This course has been designed and is delivered by
Ÿ   Impact of Emerging Technologies on Design and Implementation of
    Controls                                                          Nitroxis and their trainers.

Risk and Control Monitoring and Reporting                             Note: this course does not include the CRISC exam. This
                                                                      has to be taken at the dedicated test facilities as defined
Ÿ   Key Risk and Performance Indicators
Ÿ   Data Collection and Extraction Tools and Techniques               by ISACA. ISACA‘s certification requirements apply.
Ÿ   Monitoring Controls, Control Assessment Types and Results
Ÿ   Changes of the IT Risk Profile

                                                                                                                     SoftQualM
                                                                                                                             Training
                       More Courses, Dates, T&Cs, Info and Booking:
                        www.ISOintheSun.com or +34 609 124 289
PECB ISO 22301 Business Continuity
                           Management System (BCMS) Lead Auditor
                     5 Days - € 1750 - 31 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
                                    Next Dates: 17. - 21. May 2021 and 8. - 12. November 2021
                                         This five day course provides an overview to
               the structure of a Business Continuity Management System (BCMS) based on ISO 22301:2019,
                            and how to audit the same internally or in the context of certification.

Overview                                                             Objectives
This five day course enables participants to develop the             Completion of this course will enable students to
necessary expertise to audit a Business Continuity                   Ÿ Understand the principles of a BCMS conforming to
Management System against ISO 22301:2019 and to                        ISO 22301:2019
manage a team of auditors by applying widely recognized              Ÿ Perform ISO 22301:2019 internal audits
audit principles, procedures and techniques.                         Ÿ Execute ISO 22301:2019 certification audits on
During this training, the participants will acquire the                behalf of a certification body
                                                                     Ÿ Manage BCMS audit teams
necessary knowledge and skills to proficiently plan and
perform internal and external audits in compliance with
ISO 19011:2018, as well as understanding the
                                                                     Audience
certification process according to ISO/IEC 17021-1:2015.             This course is aimed at students with (future) roles like
The course consists of a mix of presentation, discussion             Ÿ Internal auditors
and exercises based on real-world examples.                          Ÿ BCMS certification auditors
                                                                     Ÿ Project managers, consultants and business
Outline                                                                 continuity team members participating in BCMS
                                                                        audits
Introduction to BCMS Concepts per ISO 22301:2019                     Ÿ Business continuity practitioners moving into audit
Ÿ   Normative, Regulatory and Legal Framework                           roles
Ÿ   Fundamental Principles of Business Continuity
Ÿ   ISO 22301:2019 Certification Process
Ÿ   Business Continuity Management System (BCMS)                     Prerequisites
Ÿ   Clauses of ISO 22301:2019
                                                                     General understanding of common business processes.
Planning and Initiating the Audit
Ÿ   Fundamental Audit Concepts and Principles                        Some past exposure to business continuity, management
Ÿ   Audit Approach based on Evidence and Risk                        systems and audits helpful, but not required.
Ÿ   Preparation of an ISO 22301:2019 Certification Audit
Ÿ   BCMS Documentation Audit
Ÿ   Conducting an Opening Meeting
                                                                     Examination and Certification
Conducting the Audit                                                 The course ends with a three hour written essay-style
Ÿ   Communication during the Audit                                   exam on the last day available in multiple languages.
Ÿ   Audit procedures: Observation, Document Review, Interview,
    Sampling, Technical Verification, Corroboration and Evaluation   This course is designed by PECB in Canada, who also mark
Ÿ   Audit Test Plans                                                 the exam and issue respective certifications as per their
Ÿ   Formulation of Audit Findings                                    criteria. PECB is a personnel certification body, accredited
Ÿ   Documenting Nonconformities
                                                                     to ISO/IEC 17024:2012 by IAS. See www.pecb.com for full
Concluding and Follow-up of the Audit                                details.
Ÿ   Audit Documentation
Ÿ   Quality Review                                                   Exam and first year certification fees are included in the
Ÿ   Conducting a Closing Meeting and Conclusion of the Audit         course fees. PECB‘s certification requirements apply.
Ÿ   Evaluation of Corrective Action Plans
Ÿ   Surveillance and Re-Certification Audits
Ÿ   Internal Audit Management Program

                                                                                                                    SoftQualM
                                                                                                                             Training
                       More Courses, Dates, T&Cs, Info and Booking:
                        www.ISOintheSun.com or +34 609 124 289
PECB ISO 22301 Business Continuity
                     Management System (BCMS) Lead Implementer
                    5 Days - € 1750 - 31 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
                                  Next Dates: 24. - 28. May 2021 and 15. - 19. November 2021
                                         This five day course provides an overview to
               the structure of a Business Continuity Management System (BCMS) based on ISO 22301:2019,
                   and how to implement the same in an organisation, eg for the purpose of certification.

Overview                                                             Objectives
This five day course enables participants to develop the             Completion of this course will enable students to
necessary expertise to support an organisation in                    Ÿ Understand the principles of a BCMS conforming to
implementing and managing a Business Continuity                        ISO 22301:2019, including the relationship between
Management System based on ISO 22301:2019.                             its components, eg risk management, requirements
Participants will also gain a thorough understanding of                of interested parties
                                                                     Ÿ Apply concepts, approaches, standards, methods
best practices used to implement business continuity
processes from the ISO 22399.                                          and techniques for the effective operation of a BCMS
                                                                     Ÿ Advise organisations on BCMS best practices
This training incorporates project management practices              Ÿ Manage teams implementing ISO 22301:2019
as well as links to aspects of the predecessor standard
BS 25999.                                                            Audience
The course consists of a mix of presentation, discussion             This course is aimed at students with (future) roles like
and exercises based on real-world examples.                          Ÿ  Project managers, consultants and team members
                                                                        implementing a BCMS
Outline                                                              Ÿ (IT) Professionals moving into BCMS operation
                                                                     Ÿ CxO and senior managers of a BCMS scope
Introduction to BCMS Concepts per ISO 22301:2019
Ÿ   Normative, Regulatory and Legal Framework                        Ÿ Auditors requiring more BCMS implementation insight
Ÿ   Fundamental Principles of Business Continuity
Ÿ   ISO 22301:2019 Certification Process                             Prerequisites
Ÿ   Business Continuity Management System (BCMS)
Ÿ   Clauses of ISO 22301:2019                                        General understanding of common business processes.
Planning and Initiating the BCMS Implementation                      Some past exposure to business continuity, management
Ÿ   Gap Analysis, Business Case and Project Plan
                                                                     systems and / or project management helpful, but not
Ÿ   Defining Scope and Objectives of the BCMS
Ÿ   Development of Business Continuity Policies                      required.
Ÿ   Business Impact Analysis (BIA) and Risk Assessment

Implementing the BCMS
                                                                     Examination and Certification
Ÿ   Implementation of a Document Management Framework                The course ends with a three hour written essay-style
Ÿ   Design of Business Continuity Processes and Writing Procedures
Ÿ   Implementation of Business Continuity Processes                  exam on the last day available in multiple languages.
Ÿ   Development of a Communication, Training & Awareness Program
Ÿ   Incident and Emergency Management
                                                                     This course is designed by PECB in Canada, who also mark
Ÿ   Operations Management of the BCMS                                the exam and issue respective certifications as per their
                                                                     criteria. PECB is a personnel certification body, accredited
Performance Evaluation and Improving the BCMS                        to ISO/IEC 17024:2012 by IAS. See www.pecb.com for full
Ÿ   Monitoring the BCMS with Metrics, Performance Indicators etc
Ÿ   Internal Audit, Management Review and Corrective Actions         details.
Ÿ   Implementation of a Continual Improvement Program
Ÿ   Preparing for the Certification Audit
                                                                     Exam and first year certification fees are included in the
                                                                     course fees. PECB‘s certification requirements apply.

                                                                                                                    SoftQualM
                                                                                                                             Training
                       More Courses, Dates, T&Cs, Info and Booking:
                        www.ISOintheSun.com or +34 609 124 289
PECB ISO/IEC 20000 Service Management
                                   System (SMS) Lead Auditor
                     5 Days - € 1750 - 31 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
                                    Next Dates: 5. - 9. April 2021 and 15. - 19. November 2021
                                           This five day course provides an overview to
                     the structure of a Service Management System (SMS) based on ISO/IEC 20000-1:2018,
                              and how to audit the same internally or in the context of certification.

Overview                                                             Objectives
This five day course enables participants to develop the             Completion of this course will enable students to
necessary expertise to audit a Service Management                    Ÿ Understand the principles of a SMS conforming to
System against ISO/IEC 20000-1:2018 and to manage a                    ISO/IEC 20000-1:2018
team of auditors by applying widely recognized audit                 Ÿ Perform ISO/IEC 20000-1:2018 internal audits
principles, procedures and techniques.                               Ÿ Execute ISO/IEC 20000-1:2018 certification audits on
During this training, the participants will acquire the                behalf of a certification body
                                                                     Ÿ Manage SMS audit teams
necessary knowledge and skills to proficiently plan and
perform internal and external audits in compliance with
ISO 19011:2018, as well as understanding the
                                                                     Audience
certification process according to ISO/IEC 17021-1:2015.             This course is aimed at students with (future) roles like
The course consists of a mix of presentation, discussion             Ÿ  Internal auditors
and exercises based on real-world examples.                          Ÿ  SMS certification auditors
                                                                     Ÿ  Project managers, consultants and service
Outline                                                                 management team members participating in SMS
                                                                        audits
Introduction to SMS Concepts per ISO/IEC 20000-1:2018                Ÿ IT and service management practitioners moving into
Ÿ   Normative, Regulatory and Legal Framework                           audit roles
Ÿ   Fundamental Principles of Service Management
Ÿ   ISO/IEC 20000-1:2018 Certification Process
Ÿ   Service Management System (SMS)                                  Prerequisites
Ÿ   Clauses of ISO/IEC 20000-1:2018
                                                                     General understanding of common business processes.
Planning and Initiating the Audit
Ÿ   Fundamental Audit Concepts and Principles                        Some past exposure to service management,
Ÿ   Audit Approach based on Evidence and Risk                        management systems and / or audits helpful, but not
Ÿ   Preparation of an ISO/IEC 20000-1:2018 Certification Audit       required.
Ÿ   SMS Documentation Audit
Ÿ   Conducting an Opening Meeting
                                                                     Examination and Certification
Conducting the Audit
Ÿ   Communication during the Audit                                   The course ends with a three hour written essay-style
Ÿ   Audit procedures: Observation, Document Review, Interview,       exam on the last day available in multiple languages.
    Sampling, Technical Verification, Corroboration and Evaluation
Ÿ   Audit Test Plans                                                 This course is designed by PECB in Canada, who also mark
Ÿ   Formulation of Audit Findings                                    the exam and issue respective certifications as per their
Ÿ   Documenting Nonconformities
                                                                     criteria. PECB is a personnel certification body, accredited
Concluding and Follow-up of the Audit                                to ISO/IEC 17024:2012 by IAS. See www.pecb.com for full
Ÿ   Audit Documentation                                              details.
Ÿ   Quality Review
Ÿ   Conducting a Closing Meeting and Conclusion of the Audit         Exam and first year certification fees are included in the
Ÿ   Evaluation of Corrective Action Plans                            course fees. PECB‘s certification requirements apply.
Ÿ   Surveillance and Re-Certification Audits
Ÿ   Internal Audit Management Program

                                                                                                                    SoftQualM
                                                                                                                             Training
                       More Courses, Dates, T&Cs, Info and Booking:
                        www.ISOintheSun.com or +34 609 124 289
PECB ISO/IEC 20000 Service Management
                                System (SMS) Lead Implementer
                    5 Days - € 1750 - 31 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
                                     Next Dates: 5. - 9. April 2021 and 8. - 12. November 2021
                                          This five day course provides an overview to
                    the structure of a Service Management System (SMS) based on ISO/IEC 20000-1:2018,
                    and how to implement the same in an organisation, eg for the purpose of certification.

Overview                                                            Objectives
This five day course enables participants to develop the            Completion of this course will enable students to
necessary expertise to support an organisation in                   Ÿ Understand the principles of a SMS conforming to
implementing and managing a Service Management                        ISO/IEC 20000-1:2018, including the relationship
System based on ISO/IEC 20000-1:2018.                                 between its components, eg risk management,
Participants will gain a thorough understanding of best               controls, requirements of interested parties
                                                                    Ÿ Apply concepts, approaches, standards, methods
practices used to implement a SMS across a wide range of
service sectors, not just IT services as covered by ITIL.             and techniques for the effective operation of a SMS
                                                                    Ÿ Advise organisations on SMS best practices
This training incorporates project management practices             Ÿ Manage teams implementing ISO/IEC 20000-1:2018
as well as further guidance from elsewhere in the
ISO/IEC 20000 family of standards.                                  Audience
The course consists of a mix of presentation, discussion            This course is aimed at students with (future) roles like
and exercises based on real-world examples.                         Ÿ Project managers, consultants and team members
                                                                       implementing a SMS or extending from ITIL etc
Outline                                                             Ÿ (IT) Professionals moving into SMS operation
                                                                    Ÿ CxO and senior managers of a SMS scope
Introduction to SMS Concepts per ISO/IEC 20000-1:2018
Ÿ   Normative, Regulatory and Legal Framework                       Ÿ Auditors requiring more SMS implementation insight
Ÿ   Fundamental Principles of Service Management
Ÿ   Comparison with ITIL V2 and V3                                  Prerequisites
Ÿ   ISO/IEC 20000-1:2018 Certification Process
Ÿ   Service Management System (SMS)                                 General understanding of common business processes.
Ÿ   Clauses of ISO/IEC 20000-1:2018
                                                                    Some past exposure to information or IT security,
Planning and Initiating the SMS Implementation                      management systems and / or project management
Ÿ   Gap Analysis, Business Case and Project Plan
Ÿ   Defining Scope and Objectives of the SMS                        helpful, but not required.
Ÿ   Development of Service Management Policies

Implementing the SMS
                                                                    Examination and Certification
Ÿ   Catalogue, Asset, Configuration and Relationship Management     The course ends with a three hour written essay-style
Ÿ   Budget, Demand and Capacity Management
Ÿ   Change, Release and Deployment Management                       exam on the last day available in multiple languages.
Ÿ   Incident and Problem Management
Ÿ   Service Availability and Continuity Management
                                                                    This course is designed by PECB in Canada, who also mark
Ÿ   Information Security Management                                 the exam and issue respective certifications as per their
Ÿ   Operations Management of the SMS                                criteria. PECB is a personnel certification body, accredited
                                                                    to ISO/IEC 17024:2012 by IAS. See www.pecb.com for full
Performance Evaluation and Improving the SMS
Ÿ   Monitoring the SMS with Metrics, Performance Indicators etc     details.
Ÿ   Internal Audit, Management Review and Corrective Actions
Ÿ   Implementation of a Continual Improvement Program
                                                                    Exam and first year certification fees are included in the
Ÿ   Preparing for the Certification Audit                           course fees. PECB‘s certification requirements apply.

                                                                                                                   SoftQualM
                                                                                                                            Training
                       More Courses, Dates, T&Cs, Info and Booking:
                        www.ISOintheSun.com or +34 609 124 289
PECB ISO 31000 Risk Manager
                    3 Days - € 1100 - 21 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
                            Next Dates: 26. - 28. April 2021 and 29. November - 1. December 2021
                                         This three day course provides an overview to
                             the generic principles of risk management based on ISO 31000:2018,
                   and how to apply the same across an organisation, eg for operational or financial risk,
              the various risk-based management systems like IMS, QMS, EMS, SMS, BCMS, ISMS, OH&SMS etc.

Overview                                                         Objectives
This three day course enables participants to develop the        Completion of this course will enable students to
necessary expertise to support an organisation in                Ÿ Understand concepts, approaches, methods, tools
implementing risk management processes based on                    and techniques for effective risk management
ISO 31000:2018.                                                    according to ISO 31000:2018
                                                                 Ÿ Understand the relationship between risk
The generic character of ISO 31000:2018 makes it
applicable across organisations at subject matter as well          management and requirements of interested parties
                                                                 Ÿ Implement, maintain and manage an ongoing risk
as enterprise level.
                                                                   management program
ISO 31000:2018 provides a comprehensive model for any            Ÿ Advise organisations on best practices in risk
kind of management system, standard, operational or                management
regulatory context requiring a risk-based approach,
whether a formal risk management process is required or          Audience
not.
                                                                 This course is aimed at students with (future) roles like
Examples are ISO 9001:2015, ISO 14001:2015,                      Ÿ Risk managers and Business process owners
ISO/IEC 20000-1:2018, ISO 22301:2019, ISO/IEC                    Ÿ Project managers, consultants and team members
27001:2013, ISO 45001:2018, SOX, revenue assurance,                 implementing and operating management systems
program and project management, data protection, GDPR            Ÿ Regulatory compliance managers
etc.                                                             Ÿ Auditors requiring more risk management insight
The course consists of a mix of presentation, discussion
and exercises based on real-world examples.                      Prerequisites
                                                                 General understanding of common business processes.
Outline
                                                                 Some past exposure to risk management and / or
Introduction to Risk Management per ISO 31000:2018               management systems helpful, but not required.
Ÿ   Concepts and Definitions relating to Risk Management
Ÿ   Risk Management Standards, Frameworks and Methodologies
Ÿ   Implementation of a Risk Management Framework                Examination and Certification
Ÿ   Understanding an Organisation and its Context
                                                                 The course ends with a two hour written essay-style exam
Elements of the Risk Management Framework                        on the last day available in multiple languages.
Ÿ   Risk Identification
Ÿ   Risk Analysis and Risk Evaluation                            This course is designed by PECB in Canada, who also mark
Ÿ   Risk Treatment                                               the exam and issue respective certifications as per their
Ÿ   Risk Acceptance and Residual Risk Management
                                                                 criteria. PECB is a personnel certification body, accredited
Ÿ   Risk Communication and Consultation
Ÿ   Risk Monitoring and Review                                   to ISO/IEC 17024:2012 by IAS. See www.pecb.com for full
                                                                 details.
Examples of Risk Assessment Methodologies
Ÿ   Overview to IEC 31010:2009                                   Exam and first year certification fees are included in the
Ÿ   Brainstorming, DELPHI                                        course fees. PECB‘s certification requirements apply.
Ÿ   Hazard Analysis using HAZOP and HACCP
Ÿ   Scenario Analysis
Ÿ   Fault and Failure Analysis using FTA, FMEA and FMECA
Ÿ   Cause and Effect Diagram

                                                                                                                SoftQualM
                                                                                                                         Training
                       More Courses, Dates, T&Cs, Info and Booking:
                        www.ISOintheSun.com or +34 609 124 289
You can also read