ISO in the Sun - SoftQualM Training
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
SoftQualM
Training
2021
Course Program
ISO in the Sun
Welcome to our
ISO in the Sun
2021
Course Program Martin Holzke
Founder of ISO in the Sun
Individual as well as Integrated Management Systems
addressing Risk, Information Security, Business
Continuity, (IT) Services and other areas are getting ever
more important for ever more organisations.
As conformity with the ISO standards and other
frameworks increasingly becomes a requirement to do
business, management and their staff wonder how to get
there.
ISO in the Sun is an ongoing series of courses on Risk,
Information Security, Business Continuity, Service, Project
and Integrated Management, hosted by SoftQualM in
the beautiful surroundings of Lanzarote in the Canary
Islands, Spain. We limit courses to ten students as well as running courses
even with only one or two students.
This is the ideal opportunity to combine your continuing
professional education with a break in the sun. You learn from instructors with a wealth of real-world
experience. As for myself, I travel the world as consultant,
We believe that the success of training courses is greatly auditor and trainer, and love sharing those experiences
enhanced by an enjoyable learning environment. that often put things into perspective in my courses.
At the end of the training day you can relax at the beach As an added benefit, students regularly confirm that they
and have dinner outside in one of the many restaurants - save significantly coming here compared to attending
just as we do at lunch time - all thanks to the great climate similar courses in the typical metropolitan settings.
here all year around where Winter doesn’t exist.
Our Students come from all kinds of industries and sizes of
Alternatively, you can also join most of our courses live organisations world-wide, from freelance consultants and
online from wherever you are and sit the exams online. auditors, SMEs to Multinationals and EU institutions.
Our courses are usually open and hence held in English yet
exams often are available in multiple languages. Our
trainers are however multi-lingual and we can arrange
courses, eg in German as well as “in-house” in Lanzarote
or for self-study. Simply enquire.
We are scheduling more events all the time, so please
follow us on social media and our website or get in touch if
interested in other subjects and dates.
We look forward to welcoming you here in Lanzarote
Martin Holzke
SoftQualM
Training
More Courses, Dates, T&Cs, Info and Booking:
www.ISOintheSun.com or +34 609 124 289
Spring 2021 Schedule Overview
Integrated Management Systems (IMS) Business Continuity
Ÿ IMS Lead Auditor Ÿ PECB ISO 22301 Business Continuity
14. - 18. June 2021 (5 Days) - € 1750 Management System (BCMS) Lead Auditor
17. - 21. May 2021 (5 Days) - € 1750
Information Security Ÿ PECB ISO 22301 Business Continuity
Ÿ PECB ISO/IEC 27001 Information Security Management System (BCMS) Lead Implementer
Management System (ISMS) Lead Auditor 24. - 28. May 2021 (5 Days) - € 1750
10. - 14. May 2021 (5 Days) - € 1750
Service Management
Ÿ PECB ISO/IEC 27001 Information Security
Management System (ISMS) Lead Implementer Ÿ PECB ISO/IEC 20000 Service Management
17. - 21. May 2021 (5 Days) - € 1750 System (SMS) Lead Auditor
5. - 9. April 2021 (5 Days) - € 1750
Ÿ PECB ISO/IEC 27701 Privacy Information
Management System (PIMS) Lead Implementer Ÿ PECB ISO/IEC 20000 Service Management
24. - 28. May 2021 (5 Days) - € 1750 System (SMS) Lead Implementer
5. - 9. April 2021 (5 Days) - € 1750
Ÿ PECB EU General Data Protection Regulation (GDPR)
Data Protection Officer
14. - 18. June 2021 (5 Days) - € 1750
Risk Management
Ÿ CISSP Bootcamp Ÿ PECB ISO 31000 Risk Manager
(Certified Information Systems Security Professional) 26. - 28. April 2021 (3 Days) - € 1100
12. - 16. April 2021 (5 Days) - € 2450 Ÿ PECB ISO/IEC 27005 Information Security
Ÿ CISA Bootcamp Risk Manager
(Certified Information Security Auditor) 5. - 7. May 2021 (3 Days) - € 1100
12. - 16. April 2021 (5 Days) - € 2450 Ÿ Managing Cyber Security Risk and Resilience
Ÿ CISM Bootcamp 31. May - 4. June 2021 (5 Days) - € 1750
(Certified Information Security Manager) Ÿ Third Party Supplier and Vendor Risk Management
12. - 14. April 2021 (3 Days) - € 1450 7. - 11. June 2021 (5 Days) - € 1750
Ÿ CRISC Bootcamp
(Certified In Risk and Information System Control)
Project Management
12. - 14. April 2021 (3 Days) - € 1450 Ÿ PRINCE2 Foundation
31. May - 2. June 2021 (3 Days) - € 1300
Ÿ PRINCE2 Practitioner
3. - 4. June 2021 (2 Days) - € 1100
Ÿ PRINCE2 Foundation + Practitioner
31. May - 4. June 2021 (5 Days) - € 2100
SoftQualM
Training
More Courses, Dates, T&Cs, Info and Booking:
www.ISOintheSun.com or +34 609 124 289
Autumn 2021 Schedule Overview
Integrated Management Systems (IMS) Business Continuity
Ÿ IMS Lead Auditor Ÿ PECB ISO 22301 Business Continuity
22. - 26. November 2021 (5 Days) - € 1750 Management System (BCMS) Lead Auditor
8. - 12. November 2021 (5 Days) - € 1750
Information Security Ÿ PECB ISO 22301 Business Continuity
Ÿ PECB ISO/IEC 27001 Information Security Management System (BCMS) Lead Implementer
Management System (ISMS) Lead Auditor 15. - 19. November 2021 (5 Days) - € 1750
27. September - 1. October 2021 (5 Days) - € 1750
Service Management
Ÿ PECB ISO/IEC 27001 Information Security
Management System (ISMS) Lead Implementer Ÿ PECB ISO/IEC 20000 Service Management
4. - 8. October 2021 (5 Days) - € 1750 System (SMS) Lead Auditor
15. - 19. November 2021 (5 Days) - € 1750
Ÿ PECB ISO/IEC 27701 Privacy Information
Management System (PIMS) Lead Implementer Ÿ PECB ISO/IEC 20000 Service Management
11. - 15. October 2021 (5 Days) - € 1750 System (SMS) Lead Implementer
8. - 12. November 2021 (5 Days) - € 1750
Ÿ PECB EU General Data Protection Regulation (GDPR)
Data Protection Officer
22. - 26. November 2021 (5 Days) - € 1750
Risk Management
Ÿ CISSP Bootcamp Ÿ PECB ISO 31000 Risk Manager
(Certified Information Systems Security Professional) 29. November - 1. December 2021 (3 Days) - € 1100
25. - 29. October 2021 (5 Days) - € 2450 Ÿ PECB ISO/IEC 27005 Information Security
Ÿ CISA Bootcamp Risk Manager
(Certified Information Security Auditor) 3. - 5. November 2021 (3 Days) - € 1100
25. - 29. October 2021 (5 Days) - € 2450 Ÿ Managing Cyber Security Risk and Resilience
Ÿ CISM Bootcamp 11. - 15. October 2021 (5 Days) - € 1750
(Certified Information Security Manager) Ÿ Third Party Supplier and Vendor Risk Management
25. - 27. October 2021 (3 Days) - € 1450 18. - 22. October 2021 (5 Days) - € 1750
Ÿ CRISC Bootcamp
(Certified In Risk and Information System Control)
Project Management
25. - 27. October 2021 (3 Days) - € 1450 Ÿ PRINCE2 Foundation
11. - 13. October 2021 (3 Days) - € 1300
Ÿ PRINCE2 Practitioner
14. - 15. October 2021 (2 Days) - € 1100
Ÿ PRINCE2 Foundation + Practitioner
11. - 15. October 2021 (5 Days) - € 2100
SoftQualM
Training
More Courses, Dates, T&Cs, Info and Booking:
www.ISOintheSun.com or +34 609 124 289
Integrated Management System (IMS)
Lead Auditor
5 Days - € 1750 - 31 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
Next Dates: 14. - 18. June 2021 and 22. - 26. November 2021
This five day course provides an overview to
the structure of an Integrated Management System (IMS) based on ISO/IEC Annex L,
and how to audit the same internally or in the context of certification.
Overview Objectives
This five day course introduces the structure of an Completion of this course will enable students to
Integrated Management System (IMS) derived from Ÿ Describe core processes of an Annex L based IMS
ISO/IEC's normative Annex L (Proposals for management Ÿ Identify additional specific requirements based on
system standards) as well as specific requirements of the chosen IMS scope
relevant ISO Standards implementing Annex L, namely Ÿ Recognise the range of different audit types, criteria
ISO 9001:2015, ISO 14001:2015, ISO 45001:2018, and objectives
ISO/IEC 20000-1:2018, ISO 22301:2019 and Ÿ Understand applicable audit methods and develop
ISO/IEC 27001:2013, and how to add any further skills to apply these
applicable requirements, eg PCI-DSS, SOX, GDPR etc. Ÿ Execute audit aspect of the certification process
Ÿ Manage IMS audit teams
At the same time, the course explains processes, methods
and skills required to allow an auditor to assess such an
IMS all the way through to certification in line with relevant
Audience
ISO (certification) standards, in particular This course is aimed at students tasked with
ISO/IEC 17021-1:2015 and ISO 19011:2018. Ÿ Assessing an organisation's processes
The course consists of a mix of presentation, discussion as part of implementing an IMS
and exercises based on real-world examples. Ÿ Performing self-assessments, pre-cert or internal
audits of an IMS
Outline Ÿ Acting as (lead) auditor on behalf
of a certification body
Introducing IMS-Auditing
Ÿ
Ÿ
Setting the Scene: ISO Management Systems
The ISO Management System Audit Approach
Prerequisites
Ÿ Audit Methods General understanding of common business processes.
Assessing Elements of an IMS Some past exposure to management systems and / or
Ÿ IMS Element 1: Leadership (Annex L clause 5)
Ÿ IMS Element 2: Context of the Organisation (Annex L clause 4) audits helpful, but not required.
Ÿ Audit Methods - Part 1: Document Review, Interview
Ÿ IMS Element 3: Support (Annex L clause 7) Examination and Certification
Ÿ IMS Element 4: Planning (Annex L clause 6)
Ÿ Audit Methods - Part 2: Observation, Sampling The course ends with a three hour written essay-style
Ÿ IMS Element 5: Operation (Annex L clause 8) exam on the last day available in multiple languages.
Ÿ IMS Element 6: Performance Evaluation (Annex L clause 9)
Ÿ Audit Methods - Part 3: Corroboration This course has been designed by SoftQualM and
Ÿ IMS Element 7: Improvement (Annex L clause 10)
Ÿ IMS Element 8: Management Review (Annex L clause 9.3)
partners, who also mark the exam and issue the
IMS Lead Auditor certification in accordance with
Auditing an IMS ISO/IEC 17024:2012.
Ÿ Audit Principles
Ÿ Overview of the different Types of Audits Exam and first year certification fees are included in the
Ÿ Certification Process per ISO/IEC 17021-1:2015 et al course fees.
Ÿ Audit Skills
SoftQualM
Training
More Courses, Dates, T&Cs, Info and Booking:
www.ISOintheSun.com or +34 609 124 289
PECB ISO/IEC 27001 Information Security
Management System (ISMS) Lead Auditor
5 Days - € 1750 - 31 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
Next Dates: 10. - 14. May 2021 and 27. September - 1. October 2021
This five day course provides an overview to
the structure of an Information Security Management System (ISMS) based on ISO/IEC 27001:2013,
and how to audit the same internally or in the context of certification.
Overview Objectives
This five day course enables participants to develop the Completion of this course will enable students to
necessary expertise to audit an Information Security Ÿ Understand the principles of an ISMS conforming to
Management System against ISO/IEC 27001:2013 and to ISO/IEC 27001:2013
manage a team of auditors by applying widely recognized Ÿ Perform ISO/IEC 27001:2013 internal audits
audit principles, procedures and techniques. Ÿ Execute ISO/IEC 27001:2013 certification audits on
During this training, the participants will acquire the behalf of a certification body
Ÿ Manage ISMS audit teams
necessary knowledge and skills to proficiently plan and
perform internal and external audits in compliance with
ISO 19011:2018, as well as understanding the
Audience
certification process according to ISO/IEC 17021-1:2015 This course is aimed at students with (future) roles like
and ISO/IEC 27006:2015. Ÿ Internal auditors
The course consists of a mix of presentation, discussion Ÿ ISMS certification auditors
and exercises based on real-world examples. Ÿ Project managers, consultants and information
security team members participating in ISMS audits
Outline Ÿ IT and information security practitioners moving into
audit roles
Introduction to ISMS Concepts per ISO/IEC 27001:2013
Ÿ
Ÿ
Normative, Regulatory and Legal Framework
Fundamental Principles of Information Security
Prerequisites
Ÿ ISO/IEC 27001:2013 Certification Process General understanding of common business processes.
Ÿ Information Security Management System (ISMS)
Ÿ Clauses of ISO/IEC 27001:2013 Some past exposure to information or IT security,
Planning and Initiating the Audit management systems and audits helpful, but not
Ÿ Fundamental Audit Concepts and Principles required.
Ÿ Audit Approach based on Evidence and Risk
Ÿ
Ÿ
Preparation of an ISO/IEC 27001:2013 Certification Audit
ISMS Documentation Audit
Examination and Certification
Ÿ Conducting an Opening Meeting The course ends with a three hour written essay-style
Conducting the Audit exam on the last day available in multiple languages.
Ÿ Communication during the Audit
Ÿ Audit procedures: Observation, Document Review, Interview, This course is designed by PECB in Canada, who also mark
Sampling, Technical Verification, Corroboration and Evaluation the exam and issue respective certifications as per their
Ÿ Audit Test Plans criteria. PECB is a personnel certification body, accredited
Ÿ Formulation of Audit Findings to ISO/IEC 17024:2012 by IAS. See www.pecb.com for full
Ÿ Documenting Nonconformities
details.
Concluding and Follow-up of the Audit
Ÿ Audit Documentation Exam and first year certification fees are included in the
Ÿ Quality Review course fees. PECB‘s certification requirements apply.
Ÿ Conducting a Closing Meeting and Conclusion of the Audit
Ÿ Evaluation of Corrective Action Plans
Ÿ Surveillance and Re-Certification Audits
Ÿ Internal Audit Management Program
SoftQualM
Training
More Courses, Dates, T&Cs, Info and Booking:
www.ISOintheSun.com or +34 609 124 289
PECB ISO/IEC 27001 Information Security
Management System (ISMS) Lead Implementer
5 Days - € 1750 - 31 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
Next Dates: 17. - 21. May 2021 and 4. - 8. October 2021
This five day course provides an overview to
the structure of an Information Security Management System (ISMS) based on ISO/IEC 27001:2013,
and how to implement the same in an organisation, eg for the purpose of certification.
Overview Objectives
This five day course enables participants to develop the Completion of this course will enable students to
necessary expertise to support an organisation in Ÿ Understand the principles of an ISMS conforming to
implementing and managing an Information Security ISO/IEC 27001:2013, including the relationship
Management System based on ISO/IEC 27001:2013. between its components, eg risk management,
Participants will also gain a thorough understanding of controls, requirements of interested parties
Ÿ Apply concepts, approaches, standards, methods
best practices used to implement information security
controls from all areas of ISO/IEC 27002:2013. and techniques for the effective operation of an ISMS
Ÿ Advise organisations on ISMS best practices
This training incorporates project management practices Ÿ Manage teams implementing ISO/IEC 27001:2013
as well as further guidance from elsewhere in the
ISO/IEC 27000 family of standards, eg ISO/IEC 27003 Audience
(Implementation), ISO/IEC 27004 (Measurements),
ISO/IEC 27005 (Risk Management) etc. This course is aimed at students with (future) roles like
Ÿ Project managers, consultants and team members
The course consists of a mix of presentation, discussion implementing an ISMS
and exercises based on real-world examples. Ÿ (IT) Professionals moving into ISMS operation
Ÿ CxO and senior managers of an ISMS scope
Outline Ÿ Auditors requiring more ISMS implementation insight
Introduction to ISMS Concepts per ISO/IEC 27001:2013
Ÿ Normative, Regulatory and Legal Framework Prerequisites
Ÿ Fundamental Principles of Information Security
Ÿ Information Security Management System (ISMS) General understanding of common business processes.
Ÿ Clauses of ISO/IEC 27001:2013
Some past exposure to information or IT security,
Planning and Initiating the ISMS Implementation management systems and / or project management
Ÿ Gap Analysis, Business Case and Project Plan helpful, but not required.
Ÿ Defining Scope and Objectives of the ISMS
Ÿ Development of Information Security Policies
Ÿ Risk Management: Approach, Methodology, Identification, Examination and Certification
Analysis, Evaluation and Treatment of Risk
Ÿ Drafting the Statement of Applicability The course ends with a three hour written essay-style
exam on the last day available in multiple languages.
Implementing the ISMS
Ÿ Implementation of a Document Management Framework This course is designed by PECB in Canada, who also mark
Ÿ Design of Controls and Writing Procedures the exam and issue respective certifications as per their
Ÿ Implementation of Controls based ISO/IEC 27001:2013 Annex A
Ÿ Development of a Communication, Training & Awareness Program
criteria. PECB is a personnel certification body, accredited
Ÿ Incident Management to ISO/IEC 17024:2012 by IAS. See www.pecb.com for full
Ÿ Operations Management of the ISMS details.
Performance Evaluation and Improving the ISMS Exam and first year certification fees are included in the
Ÿ Monitoring the ISMS with Metrics, Performance Indicators etc course fees. PECB‘s certification requirements apply.
Ÿ Internal Audit, Management Review and Corrective Actions
Ÿ Implementation of a Continual Improvement Program
Ÿ Preparing for the Certification Audit
SoftQualM
Training
More Courses, Dates, T&Cs, Info and Booking:
www.ISOintheSun.com or +34 609 124 289
PECB ISO/IEC 27701 Privacy Information
Management System (PIMS) Lead Implementer
5 Days - € 1750 - 31 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
Next Dates: 24. - 28. May 2021 and 11. - 15. October 2021
This five day course provides an overview to
the structure of an Privacy Information Management System (PIMS) based on ISO/IEC 27701:2019,
and how to implement the same in an organisation, eg for the purpose of certification.
Overview Objectives
This five day course enables participants to develop the Completion of this course will enable students to
necessary expertise to support an organisation in Ÿ Understand the principles of a PIMS conforming to
implementing and managing an Privacy Information ISO/IEC 27701:2019, including the relationship to
Management System based on ISO/IEC 27701:2019. and ISMS, ISO/IEC 27001:2013, ISO/IEC 27002:2013
Participants will also gain a thorough understanding of etc and regulatory frameworks
Ÿ Apply concepts, approaches, standards, methods
requirements and guidance of ISO/IEC 27701:2019 as well
as their relationship ISO/IEC 27001:2013 et al and thus and techniques for the effective operation of an PIMS
Ÿ Advise organisations on PIMS best practices
that between a PIMS and an ISMS.
Ÿ Manage teams implementing ISO/IEC 27701:2019
Moreover, participants will gain a comprehensive
understanding of best practices of privacy information Audience
management and learn how to manage and process data
while complying with various data privacy regimes. This course is aimed at students with (future) roles like
Ÿ Project managers, consultants and team members
The course consists of a mix of presentation, discussion implementing privacy and data management
and exercises based on real-world examples. Ÿ Data and privacy officers
Ÿ CxO and senior managers of a PIMS and ISMS scope
Outline Ÿ Auditors requiring more PIMS implementation insight
Introduction to PIMS Concepts per ISO/IEC 27701:2019
Ÿ Normative, Regulatory and Legal Framework Prerequisites
Ÿ Fundamental Principles of Information Security and Privacy
Ÿ Privacy Information Management System (PIMS) General understanding of common business processes.
Planning the PIMS Implementation Some past exposure to information or IT security,
Ÿ PIMS Scope and Privacy Policy management systems and / or project management
Ÿ Privacy Risk Assessment helpful, but not required.
Ÿ Privacy Impact Assessment
Ÿ PIMS Statement of Applicability
Ÿ Selection of Controls Examination and Certification
Ÿ Documentation Management
The course ends with a three hour written essay-style
Implementing the PIMS exam on the last day available in multiple languages.
Ÿ Implementation of Controls
Ÿ Implementation of Controls specific to Controllers of Personally This course is designed by PECB in Canada, who also mark
Identifiable Information (PII) the exam and issue respective certifications as per their
Ÿ Implementation of Controls specific to PII
Ÿ Awareness, Training und Communication
criteria. PECB is a personnel certification body, accredited
to ISO/IEC 17024:2012 by IAS. See www.pecb.com for full
Performance Evaluation and Improving the PIMS details.
Ÿ Monitoring the PIMS with Metrics, Performance Indicators etc
Ÿ Internal Audit, Management Review and Corrective Actions Exam and first year certification fees are included in the
Ÿ Continual Improvement course fees. PECB‘s certification requirements apply.
Ÿ Preparing for the Certification Audit
SoftQualM
Training
More Courses, Dates, T&Cs, Info and Booking:
www.ISOintheSun.com or +34 609 124 289
PECB EU General Data Protection Regulation (GDPR)
Data Protection Officer
5 Days - € 1750 - 31 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
Next Dates: 14. - 18. June 2021 and 22. - 26. November 2021
This five day course provides an overview to
the requirements of the GDPR in force and applicable since of 25. May 2018,
and how to implement the same in an organisation dealing with data subjects in the European Union.
Overview Objectives
This five day course enables participants to develop the Completion of this course will enable students to
necessary knowledge, skills and competence to Ÿ Gain a comprehensive understanding of the
effectively implement and manage a compliance concepts and approaches of the GDPR
framework with regards to the protection of personal Ÿ Understand the new requirements that the GDPR
data. brings for EU and non-EU organisations and
By mastering all the necessary concepts of EU General when it is necessary to implement them
Ÿ Manage a team implementing the GDPR
Data Protection Regulation (GDPR), participants will gain
Ÿ Gain the knowledge and skills required to advise
a thorough understanding of the gap between the GDPR
and the current organizational processes including privacy organisations how to manage personal data
policies, procedures, working instructions, consent forms,
data protection impact assessments, in order to assists
Audience
organisations in the adoption process to the new This course is aimed at students with (future) roles like
regulation. Ÿ Project managers, consultants, advisors and team
The course consists of a mix of presentation, discussion members implementing the GDPR
and exercises based on real-world examples. Ÿ Data Protection Officers and senior managers
responsible for the personal data protection
Outline Ÿ Members of information security, incident
management and business continuity teams
Introduction to GDPR Essentials
Ÿ
Ÿ
Fundamental Principles of the GDPR
Initiating the GDPR Implementation
Prerequisites
Ÿ Understanding the Organisation General understanding of common business processes.
Ÿ Clarifying the Data Protection Objectives
Ÿ Analysis of the Existing System Some past exposure to data protection helpful, but not
Planning the Implementation of the GDPR required.
Ÿ Leadership and Project Approval
Ÿ Data Protection Policy Examination and Certification
Ÿ Definition of the Organizational Structure
Ÿ Data Classification The course ends with a three hour written essay-style
Ÿ Risk Assessment under the GDPR exam on the last day available in multiple languages.
Deploying the GDPR This course is designed by PECB in Canada, who also mark
Ÿ Privacy Impact Assessment (PIA)
Ÿ Design of Security Controls and Drafting of Specific Policies the exam and issue respective certifications as per their
Ÿ Implementation of Controls criteria. PECB is a personnel certification body, accredited
Ÿ Definition of the Document Management Process to ISO/IEC 17024:2012 by IAS. See www.pecb.com for full
Ÿ Communication, Training and Awareness Plan details.
Monitoring and Improving the GDPR compliance Exam and first year certification fees are included in the
Ÿ Operations and Incident Management
Ÿ Monitoring, Measurement, Analysis and Evaluation course fees. PECB‘s certification requirements apply.
Ÿ Internal Audit
Ÿ Data Breaches and Corrective Actions
Ÿ Continual Improvement
SoftQualM
Training
More Courses, Dates, T&Cs, Info and Booking:
www.ISOintheSun.com or +34 609 124 289
CISSP Bootcamp
(Certified Information Systems Security Professional)
5 Days - € 2450 - 31 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
Next Dates: 12. - 16. April 2021 and 25. - 29. October 2021
This five day course will prepare for the CISSP Certified Information Systems Security Professional exam,
covering the entire CBK (Common Body of Knowledge)
as defined by (ISC)2.
Overview Objectives
This training provides a comprehensive review of Completion of this course will enable students to
information security concepts and industry best practices, Ÿ Understand the 8 domains of knowledge that are
covering the 8 domains of the CISSP CBK (Common Body of covered on the CISSP exam
Knowledge). Ÿ Analyse questions on the exam and be able to select
Several types of activities are used throughout the course the correct answer
Ÿ Apply the knowledge and testing skills learned in
to reinforce topics and increase knowledge retention.
These activities include open ended questions from the class to pass the CISSP exam
Ÿ Understand and explain all of the concepts covered
instructor to the students, matching and poll questions,
group activities, open/closed questions, and group in the 8 domains of knowledge
Ÿ Apply the skills learned across the 8 domains to
discussions. the interactive learning technique is based
on sound adult learning theories. solve security problems when you return to work
This training course will help candidates review and Audience
refresh their information security knowledge and help
identify areas they need to study for the CISSP exam and This course is aimed at students with (future) roles like
features. Ÿ Security consultants, architects and managers, IT
directors and managers
The vendor-neutral CISSP certification is the ideal Ÿ Security analysts, security systems engineers,
credential for those with proven deep technical and network architects
managerial competence, skills, experience, and credibility Ÿ Chief information security officers (CISOs),
to design, engineer, implement, and manage their overall directors of security etc.
information security program to protect organizations Ÿ Security auditors
from growing sophisticated attacks.
The CISSP certification is recognized worldwide. Prerequisites
Basic knowledge of information systems is recommended.
Outline
Minimum of four students are required to run this course.
Security and Risk Management
Asset Security Examination and Certification
Security Engineering This course has been designed and is delivered by
Nitroxis and their trainers.
Communications and Network Security
Note: this course does not include the CISSP exam. This has
Identity and Access Management to be taken at the dedicated test facilities as defined by
Security Assessment and Testing (ISC)2. (ISC)2‘s certification requirements apply.
Security Operations
Software Development Security
SoftQualM
Training
More Courses, Dates, T&Cs, Info and Booking:
www.ISOintheSun.com or +34 609 124 289CISA Bootcamp
(Certified Information Systems Auditor)
5 Days - € 2450 - 31 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
Next Dates: 12. - 16. April 2021 and 25. - 29. October 2021
This five day course prepares for the CISA® Certified Information Systems Auditor exam,
covering the entire Common Body of Knowledge (CBK)
as defined by the ISACA® (Information Systems Audit and Control Association).
Overview Objectives
This training provides a comprehensive review of Completion of this course will enable students to
information security auditing concepts and industry best Ÿ Know the 5 major areas covered by
practices, covering the 5 major areas of the CISA CBK the CISA® certification
(Common Body of Knowledge). Ÿ Understand the concepts of IT audit and
This training course will help candidates review and IT governance
Ÿ Preparing for the CISA Certification Exam, eg by using
refresh their information security auditing knowledge and
help identify areas they need to study for the CISA exam. multiple choices questions from previous CISA
sessions (or comparable exams).
CISA certification is recognized worldwide.
Audience
Outline
This course is aimed at students with (future) roles like
Information Systems Auditing Process Ÿ Information system directors, CISOs
Ÿ Audit Standards and Types, Ethics, Risk-based Approach Ÿ Auditors moving into the information security domain
Ÿ Project Management, Sampling, Evidence Collection Ÿ Staff responsible for business continuity
Ÿ Data Analytics, Reporting, QA and Audit Process Improvement Ÿ People for which the control of information security is
Governance and Management of IT fundamental in achieving their goals
Ÿ IT Strategy, Frameworks, Standards, Organisational Structures
Ÿ Enterprise Architecture and Risk Management, Maturity Models Prerequisites
Ÿ IT Resource and Service Provider Management
Ÿ Performance Monitoring and Reporting Basic knowledge of information systems is recommended.
Ÿ Quality Assurance and Quality Management of IT
Minimum of two students are required to run this course.
Information Systems Acquisition, Development and
Implementation Examination and Certification
Ÿ Project Management, Business Case, Feasibility Analysis This course has been designed and is delivered by
Ÿ System Development Methodologies, Controls
Ÿ System Migration, Infrastructure Deployment and Data Conversion Nitroxis and their trainers.
Ÿ Testing Methodologies, Post-Implementation Review
Note: this course does not include the CISA exam. This has
Information Systems Operation and Resilience to be taken at the dedicated test facilities as defined by
Ÿ IT Asset, Performance, Incident and Problem Management ISACA. ISACA‘s certification requirements apply.
Ÿ Change, Configuration, Release and Patch Management
Ÿ End-User Computing, Database Management etc.
Ÿ Backup, Storage, Restoration and Recovery, Business Continuity
Protection of Information Assets
Ÿ Privacy, Data Classification, IAM, Encryption, Physical Controls
Ÿ Network, Endpoint, Mobile, Wireless & IoT Security, Virtualization
Ÿ Security Awareness, Attacks, Testing and Monitoring
Ÿ Incident Response Management, Evidence Collection and Forensics
SoftQualM
Training
More Courses, Dates, T&Cs, Info and Booking:
www.ISOintheSun.com or +34 609 124 289CISM Bootcamp
(Certified Information Security Manager)
3 Days - € 1450 - 21 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
Next Dates: 12. - 14. April 2021 and 25. - 27. October 2021
This three day course prepares for the CISM® Certified Information Systems Manager exam,
covering the entire Common Body of Knowledge (CBK)
as defined by the ISACA® (Information Systems Audit and Control Association).
Overview Objectives
This training provides a comprehensive review of Completion of this course will enable students to
information security concepts and industry best practices, Ÿ Know the 4 domains covered by
covering the 4 domains of the CISM CBK (Common Body of the CISM® certification
Knowledge). Ÿ Understand the concepts of information security
This training course will help candidates review and management
Ÿ Preparing for the CISM Certification Exam, eg by
refresh their information security management knowledge
and help identify areas they need to study for the CISM using multiple choices questions from previous CISM
exam. sessions (or comparable exams).
CISM certification is recognized worldwide. Audience
Outline This course is aimed at students with (future) roles like
Ÿ Information system directors, CISOs
Information Security Governance Ÿ Staff responsible for business continuity
Ÿ Alignment of policy security information on the business strategy Ÿ People for which the control of information security is
and direction fundamental in achieving their goals
Ÿ Policy security information development Ÿ Auditors requiring more information security
Ÿ Commitment of senior management and support for information
security across the enterprise
management insight
Ÿ Roles and responsibilities in the governance of information
security Prerequisites
Information Security Risk Management and Compliance Basic knowledge of information systems is recommended.
Ÿ Development of a systematic and analytical approach and the
ongoing process of risk management
Minimum of two students are required to run this course.
Ÿ Identification, analysis and risk assessment
Ÿ Definition of strategies risk treatment Examination and Certification
Ÿ Risk management communication
This course has been designed and is delivered by
Information Security Program Development and Nitroxis and their trainers.
Management
Ÿ The security information architecture
Note: this course does not include the CISM exam. This has
Ÿ Methods to define the required security measures to be taken at the dedicated test facilities as defined by
Ÿ Contract management and information security requirements ISACA. ISACA‘s certification requirements apply.
Ÿ Metrics and evaluation of IT security performance
Information Security Incident Management
Ÿ Components of a security incident management plan
Ÿ Concepts and practices in the management of security incidents
Ÿ Method classification
Ÿ Notification and escalation process
Ÿ Detection techniques and incidents analysis
SoftQualM
Training
More Courses, Dates, T&Cs, Info and Booking:
www.ISOintheSun.com or +34 609 124 289CRISC Bootcamp
(Certified In Risk and Information System Control)
3 Days - € 1450 - 21 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
Next Dates: 12. - 14. April 2021 and 25. - 27. October 2021
This three day course prepares for the CRISC® Certified In Risk and Information System Control exam,
covering the entire Common Body of Knowledge (CBK)
as defined by the ISACA® (Information Systems Audit and Control Association).
Overview Objectives
This training provides a comprehensive review of Completion of this course will enable students to
information security concepts and industry best practices, Ÿ Master the risk management approach according the
covering the 4 key areas of the CRISC CBK (Common Body CRISC
of Knowledge). Ÿ Apply the best response strategies to the risks
This training course will help candidates review and weighing on the information systems
Ÿ Define information system controls
refresh their IT risk management knowledge and help
Ÿ Use best risk and control monitoring practices
identify areas they need to study for the CRISC exam.
Ÿ Preparing for the CRISC Certification Exam, eg by
CRISC certification is recognized worldwide. using multiple choices questions from previous CRISC
sessions (or comparable exams).
Outline
IT Risk Identification
Audience
Ÿ Risk Capacity, Appetite, Tolerance, Culture and Communication This course is aimed at students with (future) roles like
Ÿ Risk Concepts and Principles, IT Risk Strategy Ÿ Governance, information and cyber security
Ÿ IT Concepts and Areas of Concern for the Risk Practitioner consultants, CISOs
Ÿ Methods of Risk Identification
Ÿ Risk and control professionals
Ÿ IT Risk Scenarios, Register, Ownership and Awareness
Ÿ IT and compliance professionals
IT Risk Assessment Ÿ Project managers, business analysts
Ÿ Risk Assessment Techniques Ÿ Auditors requiring more IT risk management insight
Ÿ Analysing Risk Scenarios, Risks and State of Controls
Ÿ
Ÿ
Analysis Methodologies, Risk Ranking
Project and Program Management
Prerequisites
Ÿ Documenting Risk Assessments Basic knowledge of information systems is recommended.
Risk Response and Mitigation Minimum of two students are required to run this course.
Ÿ Aligning Risk Response with Business Objectives
Ÿ
Ÿ
Risk Response Options and Action Plans
Control Design, Implementation, Monitoring and Effectiveness
Examination and Certification
Ÿ Vulnerabilities Associated with New Controls This course has been designed and is delivered by
Ÿ Impact of Emerging Technologies on Design and Implementation of
Controls Nitroxis and their trainers.
Risk and Control Monitoring and Reporting Note: this course does not include the CRISC exam. This
has to be taken at the dedicated test facilities as defined
Ÿ Key Risk and Performance Indicators
Ÿ Data Collection and Extraction Tools and Techniques by ISACA. ISACA‘s certification requirements apply.
Ÿ Monitoring Controls, Control Assessment Types and Results
Ÿ Changes of the IT Risk Profile
SoftQualM
Training
More Courses, Dates, T&Cs, Info and Booking:
www.ISOintheSun.com or +34 609 124 289PECB ISO 22301 Business Continuity
Management System (BCMS) Lead Auditor
5 Days - € 1750 - 31 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
Next Dates: 17. - 21. May 2021 and 8. - 12. November 2021
This five day course provides an overview to
the structure of a Business Continuity Management System (BCMS) based on ISO 22301:2019,
and how to audit the same internally or in the context of certification.
Overview Objectives
This five day course enables participants to develop the Completion of this course will enable students to
necessary expertise to audit a Business Continuity Ÿ Understand the principles of a BCMS conforming to
Management System against ISO 22301:2019 and to ISO 22301:2019
manage a team of auditors by applying widely recognized Ÿ Perform ISO 22301:2019 internal audits
audit principles, procedures and techniques. Ÿ Execute ISO 22301:2019 certification audits on
During this training, the participants will acquire the behalf of a certification body
Ÿ Manage BCMS audit teams
necessary knowledge and skills to proficiently plan and
perform internal and external audits in compliance with
ISO 19011:2018, as well as understanding the
Audience
certification process according to ISO/IEC 17021-1:2015. This course is aimed at students with (future) roles like
The course consists of a mix of presentation, discussion Ÿ Internal auditors
and exercises based on real-world examples. Ÿ BCMS certification auditors
Ÿ Project managers, consultants and business
Outline continuity team members participating in BCMS
audits
Introduction to BCMS Concepts per ISO 22301:2019 Ÿ Business continuity practitioners moving into audit
Ÿ Normative, Regulatory and Legal Framework roles
Ÿ Fundamental Principles of Business Continuity
Ÿ ISO 22301:2019 Certification Process
Ÿ Business Continuity Management System (BCMS) Prerequisites
Ÿ Clauses of ISO 22301:2019
General understanding of common business processes.
Planning and Initiating the Audit
Ÿ Fundamental Audit Concepts and Principles Some past exposure to business continuity, management
Ÿ Audit Approach based on Evidence and Risk systems and audits helpful, but not required.
Ÿ Preparation of an ISO 22301:2019 Certification Audit
Ÿ BCMS Documentation Audit
Ÿ Conducting an Opening Meeting
Examination and Certification
Conducting the Audit The course ends with a three hour written essay-style
Ÿ Communication during the Audit exam on the last day available in multiple languages.
Ÿ Audit procedures: Observation, Document Review, Interview,
Sampling, Technical Verification, Corroboration and Evaluation This course is designed by PECB in Canada, who also mark
Ÿ Audit Test Plans the exam and issue respective certifications as per their
Ÿ Formulation of Audit Findings criteria. PECB is a personnel certification body, accredited
Ÿ Documenting Nonconformities
to ISO/IEC 17024:2012 by IAS. See www.pecb.com for full
Concluding and Follow-up of the Audit details.
Ÿ Audit Documentation
Ÿ Quality Review Exam and first year certification fees are included in the
Ÿ Conducting a Closing Meeting and Conclusion of the Audit course fees. PECB‘s certification requirements apply.
Ÿ Evaluation of Corrective Action Plans
Ÿ Surveillance and Re-Certification Audits
Ÿ Internal Audit Management Program
SoftQualM
Training
More Courses, Dates, T&Cs, Info and Booking:
www.ISOintheSun.com or +34 609 124 289PECB ISO 22301 Business Continuity
Management System (BCMS) Lead Implementer
5 Days - € 1750 - 31 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
Next Dates: 24. - 28. May 2021 and 15. - 19. November 2021
This five day course provides an overview to
the structure of a Business Continuity Management System (BCMS) based on ISO 22301:2019,
and how to implement the same in an organisation, eg for the purpose of certification.
Overview Objectives
This five day course enables participants to develop the Completion of this course will enable students to
necessary expertise to support an organisation in Ÿ Understand the principles of a BCMS conforming to
implementing and managing a Business Continuity ISO 22301:2019, including the relationship between
Management System based on ISO 22301:2019. its components, eg risk management, requirements
Participants will also gain a thorough understanding of of interested parties
Ÿ Apply concepts, approaches, standards, methods
best practices used to implement business continuity
processes from the ISO 22399. and techniques for the effective operation of a BCMS
Ÿ Advise organisations on BCMS best practices
This training incorporates project management practices Ÿ Manage teams implementing ISO 22301:2019
as well as links to aspects of the predecessor standard
BS 25999. Audience
The course consists of a mix of presentation, discussion This course is aimed at students with (future) roles like
and exercises based on real-world examples. Ÿ Project managers, consultants and team members
implementing a BCMS
Outline Ÿ (IT) Professionals moving into BCMS operation
Ÿ CxO and senior managers of a BCMS scope
Introduction to BCMS Concepts per ISO 22301:2019
Ÿ Normative, Regulatory and Legal Framework Ÿ Auditors requiring more BCMS implementation insight
Ÿ Fundamental Principles of Business Continuity
Ÿ ISO 22301:2019 Certification Process Prerequisites
Ÿ Business Continuity Management System (BCMS)
Ÿ Clauses of ISO 22301:2019 General understanding of common business processes.
Planning and Initiating the BCMS Implementation Some past exposure to business continuity, management
Ÿ Gap Analysis, Business Case and Project Plan
systems and / or project management helpful, but not
Ÿ Defining Scope and Objectives of the BCMS
Ÿ Development of Business Continuity Policies required.
Ÿ Business Impact Analysis (BIA) and Risk Assessment
Implementing the BCMS
Examination and Certification
Ÿ Implementation of a Document Management Framework The course ends with a three hour written essay-style
Ÿ Design of Business Continuity Processes and Writing Procedures
Ÿ Implementation of Business Continuity Processes exam on the last day available in multiple languages.
Ÿ Development of a Communication, Training & Awareness Program
Ÿ Incident and Emergency Management
This course is designed by PECB in Canada, who also mark
Ÿ Operations Management of the BCMS the exam and issue respective certifications as per their
criteria. PECB is a personnel certification body, accredited
Performance Evaluation and Improving the BCMS to ISO/IEC 17024:2012 by IAS. See www.pecb.com for full
Ÿ Monitoring the BCMS with Metrics, Performance Indicators etc
Ÿ Internal Audit, Management Review and Corrective Actions details.
Ÿ Implementation of a Continual Improvement Program
Ÿ Preparing for the Certification Audit
Exam and first year certification fees are included in the
course fees. PECB‘s certification requirements apply.
SoftQualM
Training
More Courses, Dates, T&Cs, Info and Booking:
www.ISOintheSun.com or +34 609 124 289PECB ISO/IEC 20000 Service Management
System (SMS) Lead Auditor
5 Days - € 1750 - 31 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
Next Dates: 5. - 9. April 2021 and 15. - 19. November 2021
This five day course provides an overview to
the structure of a Service Management System (SMS) based on ISO/IEC 20000-1:2018,
and how to audit the same internally or in the context of certification.
Overview Objectives
This five day course enables participants to develop the Completion of this course will enable students to
necessary expertise to audit a Service Management Ÿ Understand the principles of a SMS conforming to
System against ISO/IEC 20000-1:2018 and to manage a ISO/IEC 20000-1:2018
team of auditors by applying widely recognized audit Ÿ Perform ISO/IEC 20000-1:2018 internal audits
principles, procedures and techniques. Ÿ Execute ISO/IEC 20000-1:2018 certification audits on
During this training, the participants will acquire the behalf of a certification body
Ÿ Manage SMS audit teams
necessary knowledge and skills to proficiently plan and
perform internal and external audits in compliance with
ISO 19011:2018, as well as understanding the
Audience
certification process according to ISO/IEC 17021-1:2015. This course is aimed at students with (future) roles like
The course consists of a mix of presentation, discussion Ÿ Internal auditors
and exercises based on real-world examples. Ÿ SMS certification auditors
Ÿ Project managers, consultants and service
Outline management team members participating in SMS
audits
Introduction to SMS Concepts per ISO/IEC 20000-1:2018 Ÿ IT and service management practitioners moving into
Ÿ Normative, Regulatory and Legal Framework audit roles
Ÿ Fundamental Principles of Service Management
Ÿ ISO/IEC 20000-1:2018 Certification Process
Ÿ Service Management System (SMS) Prerequisites
Ÿ Clauses of ISO/IEC 20000-1:2018
General understanding of common business processes.
Planning and Initiating the Audit
Ÿ Fundamental Audit Concepts and Principles Some past exposure to service management,
Ÿ Audit Approach based on Evidence and Risk management systems and / or audits helpful, but not
Ÿ Preparation of an ISO/IEC 20000-1:2018 Certification Audit required.
Ÿ SMS Documentation Audit
Ÿ Conducting an Opening Meeting
Examination and Certification
Conducting the Audit
Ÿ Communication during the Audit The course ends with a three hour written essay-style
Ÿ Audit procedures: Observation, Document Review, Interview, exam on the last day available in multiple languages.
Sampling, Technical Verification, Corroboration and Evaluation
Ÿ Audit Test Plans This course is designed by PECB in Canada, who also mark
Ÿ Formulation of Audit Findings the exam and issue respective certifications as per their
Ÿ Documenting Nonconformities
criteria. PECB is a personnel certification body, accredited
Concluding and Follow-up of the Audit to ISO/IEC 17024:2012 by IAS. See www.pecb.com for full
Ÿ Audit Documentation details.
Ÿ Quality Review
Ÿ Conducting a Closing Meeting and Conclusion of the Audit Exam and first year certification fees are included in the
Ÿ Evaluation of Corrective Action Plans course fees. PECB‘s certification requirements apply.
Ÿ Surveillance and Re-Certification Audits
Ÿ Internal Audit Management Program
SoftQualM
Training
More Courses, Dates, T&Cs, Info and Booking:
www.ISOintheSun.com or +34 609 124 289PECB ISO/IEC 20000 Service Management
System (SMS) Lead Implementer
5 Days - € 1750 - 31 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
Next Dates: 5. - 9. April 2021 and 8. - 12. November 2021
This five day course provides an overview to
the structure of a Service Management System (SMS) based on ISO/IEC 20000-1:2018,
and how to implement the same in an organisation, eg for the purpose of certification.
Overview Objectives
This five day course enables participants to develop the Completion of this course will enable students to
necessary expertise to support an organisation in Ÿ Understand the principles of a SMS conforming to
implementing and managing a Service Management ISO/IEC 20000-1:2018, including the relationship
System based on ISO/IEC 20000-1:2018. between its components, eg risk management,
Participants will gain a thorough understanding of best controls, requirements of interested parties
Ÿ Apply concepts, approaches, standards, methods
practices used to implement a SMS across a wide range of
service sectors, not just IT services as covered by ITIL. and techniques for the effective operation of a SMS
Ÿ Advise organisations on SMS best practices
This training incorporates project management practices Ÿ Manage teams implementing ISO/IEC 20000-1:2018
as well as further guidance from elsewhere in the
ISO/IEC 20000 family of standards. Audience
The course consists of a mix of presentation, discussion This course is aimed at students with (future) roles like
and exercises based on real-world examples. Ÿ Project managers, consultants and team members
implementing a SMS or extending from ITIL etc
Outline Ÿ (IT) Professionals moving into SMS operation
Ÿ CxO and senior managers of a SMS scope
Introduction to SMS Concepts per ISO/IEC 20000-1:2018
Ÿ Normative, Regulatory and Legal Framework Ÿ Auditors requiring more SMS implementation insight
Ÿ Fundamental Principles of Service Management
Ÿ Comparison with ITIL V2 and V3 Prerequisites
Ÿ ISO/IEC 20000-1:2018 Certification Process
Ÿ Service Management System (SMS) General understanding of common business processes.
Ÿ Clauses of ISO/IEC 20000-1:2018
Some past exposure to information or IT security,
Planning and Initiating the SMS Implementation management systems and / or project management
Ÿ Gap Analysis, Business Case and Project Plan
Ÿ Defining Scope and Objectives of the SMS helpful, but not required.
Ÿ Development of Service Management Policies
Implementing the SMS
Examination and Certification
Ÿ Catalogue, Asset, Configuration and Relationship Management The course ends with a three hour written essay-style
Ÿ Budget, Demand and Capacity Management
Ÿ Change, Release and Deployment Management exam on the last day available in multiple languages.
Ÿ Incident and Problem Management
Ÿ Service Availability and Continuity Management
This course is designed by PECB in Canada, who also mark
Ÿ Information Security Management the exam and issue respective certifications as per their
Ÿ Operations Management of the SMS criteria. PECB is a personnel certification body, accredited
to ISO/IEC 17024:2012 by IAS. See www.pecb.com for full
Performance Evaluation and Improving the SMS
Ÿ Monitoring the SMS with Metrics, Performance Indicators etc details.
Ÿ Internal Audit, Management Review and Corrective Actions
Ÿ Implementation of a Continual Improvement Program
Exam and first year certification fees are included in the
Ÿ Preparing for the Certification Audit course fees. PECB‘s certification requirements apply.
SoftQualM
Training
More Courses, Dates, T&Cs, Info and Booking:
www.ISOintheSun.com or +34 609 124 289PECB ISO 31000 Risk Manager
3 Days - € 1100 - 21 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
Next Dates: 26. - 28. April 2021 and 29. November - 1. December 2021
This three day course provides an overview to
the generic principles of risk management based on ISO 31000:2018,
and how to apply the same across an organisation, eg for operational or financial risk,
the various risk-based management systems like IMS, QMS, EMS, SMS, BCMS, ISMS, OH&SMS etc.
Overview Objectives
This three day course enables participants to develop the Completion of this course will enable students to
necessary expertise to support an organisation in Ÿ Understand concepts, approaches, methods, tools
implementing risk management processes based on and techniques for effective risk management
ISO 31000:2018. according to ISO 31000:2018
Ÿ Understand the relationship between risk
The generic character of ISO 31000:2018 makes it
applicable across organisations at subject matter as well management and requirements of interested parties
Ÿ Implement, maintain and manage an ongoing risk
as enterprise level.
management program
ISO 31000:2018 provides a comprehensive model for any Ÿ Advise organisations on best practices in risk
kind of management system, standard, operational or management
regulatory context requiring a risk-based approach,
whether a formal risk management process is required or Audience
not.
This course is aimed at students with (future) roles like
Examples are ISO 9001:2015, ISO 14001:2015, Ÿ Risk managers and Business process owners
ISO/IEC 20000-1:2018, ISO 22301:2019, ISO/IEC Ÿ Project managers, consultants and team members
27001:2013, ISO 45001:2018, SOX, revenue assurance, implementing and operating management systems
program and project management, data protection, GDPR Ÿ Regulatory compliance managers
etc. Ÿ Auditors requiring more risk management insight
The course consists of a mix of presentation, discussion
and exercises based on real-world examples. Prerequisites
General understanding of common business processes.
Outline
Some past exposure to risk management and / or
Introduction to Risk Management per ISO 31000:2018 management systems helpful, but not required.
Ÿ Concepts and Definitions relating to Risk Management
Ÿ Risk Management Standards, Frameworks and Methodologies
Ÿ Implementation of a Risk Management Framework Examination and Certification
Ÿ Understanding an Organisation and its Context
The course ends with a two hour written essay-style exam
Elements of the Risk Management Framework on the last day available in multiple languages.
Ÿ Risk Identification
Ÿ Risk Analysis and Risk Evaluation This course is designed by PECB in Canada, who also mark
Ÿ Risk Treatment the exam and issue respective certifications as per their
Ÿ Risk Acceptance and Residual Risk Management
criteria. PECB is a personnel certification body, accredited
Ÿ Risk Communication and Consultation
Ÿ Risk Monitoring and Review to ISO/IEC 17024:2012 by IAS. See www.pecb.com for full
details.
Examples of Risk Assessment Methodologies
Ÿ Overview to IEC 31010:2009 Exam and first year certification fees are included in the
Ÿ Brainstorming, DELPHI course fees. PECB‘s certification requirements apply.
Ÿ Hazard Analysis using HAZOP and HACCP
Ÿ Scenario Analysis
Ÿ Fault and Failure Analysis using FTA, FMEA and FMECA
Ÿ Cause and Effect Diagram
SoftQualM
Training
More Courses, Dates, T&Cs, Info and Booking:
www.ISOintheSun.com or +34 609 124 289You can also read
