Building up information security according to ISO 27005 Training Course

This instructor-led, live training in Morocco (online or onsite) is aimed at beginner-level professionals who wish to gain an understanding of ISO 27001 and its role in enhancing information security within an organization.

By the end of this training, participants will be able to:

• Understand the purpose and benefits of an ISMS.
• Familiarize themselves with key ISO 27001 concepts, terms, and principles.
• Recognize the role of an auditor in ensuring compliance.
• Gain insight into the audit process and continual improvement within ISO 27001.

This instructor-led, live training in Morocco (online or onsite) is aimed at intermediate-level IT auditors who wish to effectively incorporate AI tools in their audit practices.

By the end of this training, participants will be able to:

• Grasp the core concepts of artificial intelligence and how it is applied in the context of IT auditing.
• Utilize AI technologies such as machine learning, NLP, and RPA to improve audit efficiency, accuracy, and scope.
• Perform risk assessments using AI tools, enabling continuous monitoring and proactive risk management.
• Integrate AI into audit planning, execution, and reporting, enhancing the overall effectiveness of IT audits.

This instructor-led, live training in Morocco (online or onsite) is aimed at advanced-level security analysts who wish to elevate their skills in utilizing advanced Micro Focus ArcSight ESM content to improve an organization's ability to detect, respond, and mitigate cyber threats with greater precision and speed.

By the end of this training, participants will be able to:

• Optimize the use of Micro Focus ArcSight ESM to enhance monitoring and threat detection capabilities.
• Construct and manage advanced ArcSight variables to refine event streams for more precise analysis.
• Develop and implement ArcSight lists and rules for effective event correlation and alerting.
• Apply advanced correlation techniques to identify complex threat patterns and reduce false positives.

Description:

Basel III is a global regulatory standard on bank capital adequacy, stress testing and market liquidity risk. Having initially been agreed upon by the Basel Committee on Banking Supervision in 2010–11, changes to The Accord have extended implementation to 31st March 2019. Basel III strengthens bank capital requirements by increasing bank liquidity and decreasing bank leverage.
Basel III differs from Basel I & II in that it requires different levels of reserves for different forms of deposits and other types of borrowings, so it does not supersede them so much as it does work alongside Basel I and Basel II.
This complex and constantly changing landscape can be hard to keep up with, our course and training will help you manage likely changes and their impact on your institution. We are accredited with and a training partner to the Basel Certification Institute and as such the quality and suitability of our training and material is guaranteed to be up to date and effective

Objectives:

• Preparation for the Certified Basel Professional Examination.
• Define hands-on strategies and techniques for the definition, measurement, analysis, improvement, and control of operational risk within a banking organization.

Target Audience:

• Board members with risk responsibilities
• CROs and Heads of Risk Management
• Members of the Risk Management team
• Compliance, legal and IT support staff
• Equity and Credit Analysts
• Portfolio Managers
• Rating Agency Analysts

Overview:

• Introduction to Basel norms and amendments to the Basel Accord (III)
• Regulations for market, credit, counterparty and liquidity risk
• Stress testing for various risk measures including how to formulate and deliver stress tests
• The likely effects of Basel III on the international banking industry, including demonstrations of its practical application
• Need For The New Basel Norms
• The Basel III Norms
• Objectives of The Basel III Norms
• Basel III – Timeline

Description:

This four day event (CGEIT training) is the ultimate preparation for exam time and is designed to ensure that you pass the challenging CGEIT exam on your first attempt.
The CGEIT qualification is an internationally recognised symbol of excellence in IT governance awarded by ISACA. It is designed for professionals responsible for managing IT governance or with significant advisory or assurance responsibility for IT governance.
Achieving CGEIT status will provide you with wider recognition in the marketplace, as well as increased influence at executive level.

Objectives:

This seminar has been designed to prepare Delegates for the CGEIT examination by enabling them to supplement their existing knowledge and understanding to be better prepared to pass the exam, as defined by ISACA.

Target Audience:

Our training course is for IT and business professionals, with significant IT governance experience who are undertaking the CGEIT exam.

Learning Objectives

This COBIT 2019 Foundation course is designed as an introduction to COBIT 2019 and enables you to understand how an integrated business framework for the governance and management of enterprise IT can be utilized to achieve IT business integration, cost reductions and increased productivity. The syllabus areas that this course is designed to cover are:

• New framework introduction
• Key concepts and terminology
• Governance and Framework Principles
• Governance system and components
• Governance and management objectives
• Performance management
• Designing a tailored governance system

This instructor-led, live training in Morocco (online or onsite) is aimed at payment services compliance professionals who wish to create, implement, and enforce a compliance program within an organization.

By the end of this training, participants will be able to:

• Understand the rules set forth by government regulators for payment service providers.
• Create the internal policies and procedures needed to satisfy government regulations.
• Implement a compliance program that adheres to relevant laws.
• Ensures that all corporate processes and procedures comply with the compliance program.
• Uphold the business's reputation while protecting it from lawsuits.

This instructor-led, live training in Morocco (online or onsite) is aimed at intermediate-level cybersecurity professionals who wish to enhance their understanding of GRC frameworks and apply them to secure and compliant business operations.

By the end of this training, participants will be able to:

• Understand the key components of cybersecurity governance, risk, and compliance.
• Conduct risk assessments and develop risk mitigation strategies.
• Implement compliance measures and manage regulatory requirements.
• Develop and enforce security policies and procedures.

Course goal:

To ensure that an individual has the core understanding of GRC processes and capabilities, and the skills to integrate governance, performance management, risk management, internal control, and compliance activities.

Overview:

• GRC Basic terms and definitions
• Principles of GRC
• Core components, practices and activities
• Relationship of GRC to other disciplines

HIPAA (Health Insurance Portability and Accountability Act of 1996) is a legislation in the United States that provides provisions for data privacy and security for handling and storing medical information. These guidelines are a good standard to follow in developing health applications, regardless of territory. HIPAA compliant applications are recognized and more trusted globally.

In this instructor-led, live training (remote), participants will learn the fundamentals of HIPAA as they step through a series of hands-on live-lab exercises.

By the end of this training, participants will be able to:

• Understand the basics of HIPAA
• Develop health applications that are compliant with HIPAA
• Use developer tools for HIPAA compliance

Audience

• Developers
• Product Managers
• Data Privacy Officers

Format of the Course

• Part lecture, part discussion, exercises and heavy hands-on practice.

Note

• To request a customized training for this course, please contact us to arrange.

This instructor-led, live training in Morocco (online or onsite) is aimed at developers and administrators who wish to produce software and products that are HiTRUST compliant.

By the end of this training, participants will be able to:

• Understand the key concepts of the HiTrust CSF (Common Security Framework).
• Identify the HITRUST CSF administrative and security control domains.
• Learn about the different types of HiTrust assessments and scoring.
• Understand the certification process and requirements for HiTrust compliance.
• Know the best practices and tips for adopting the HiTrust approach.

ISO/IEC 27002 Lead Manager training enables you to develop the necessary expertise and knowledge to support an organization in implementing and managing Information Security controls as specified in ISO/IEC 27002. 

After completing this course, you can sit for the exam and apply for the “PECB Certified ISO/IEC 27002 Lead Manager” credential.  A PECB Lead Manager Certification, proves that you have mastered the principles and techniques for the implementation and management of Information Security Controls based on ISO/IEC 27002.

Who should attend?

• Managers or consultants seeking to implement an Information Security Management System (ISMS) based on ISO/IEC 27001 and ISO/IEC 27002
• Project managers or consultants seeking to master the Information Security Management System implementation process
• Individuals responsible for the information security, compliance, risk, and governance, in an organization
• Members of information security teams
• Expert advisors in information technology
• Information Security officers
• Privacy officers
• IT professionals
• CTOs, CIOs and CISOs

Learning objectives

• Master the implementation of Information Security controls by adhering to the framework and principles of ISO/IEC 27002
• Gain a comprehensive understanding of the concepts, approaches, standards, methods and techniques required for the effective implementation and management of Information Security controls
• Comprehend the relationship between the components of Information Security controls, including responsibility, strategy, acquisition, performance, conformance, and human behavior
• Understand the importance of information security for the strategy of the organization
• Master the implementation of information security management processes
• Master the formulation and implementation of security requirements and objectives

Educational approach

• This training is based on both theory and practice
• Sessions of lectures illustrated with examples based on real cases
• Practical exercises based on case studies
• Review exercises to assist the exam preparation
• Practice test similar to the certification exam

General Information

• Certification fees are included on the exam price
• Training material containing over 500 pages of information and practical examples will be distributed to the participants
• A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued to the participants
• In case of exam failure, you can retake the exam within 12 months for free

Information security threats and attacks increase and improve constantly. The best form of defense against them is the proper implementation and management of information security controls and best practices. Information security is also a key expectation and requirement of customers, legislators, and other interested parties.

This training course is designed to prepare participants in implementing an information security management system (ISMS) based on ISO/IEC 27001. It aims to provide a comprehensive understanding of the best practices of an ISMS and a framework for its continual management and improvement.

After attending the training course, you can take the exam. If you successfully pass it, you can apply for a “PECB Certified ISO/IEC 27001 Lead Implementer” credential, which demonstrates your ability and practical knowledge to implement an ISMS based on the requirements of ISO/IEC 27001.

Who Can Attend?

• Project managers and consultants involved in and concerned with the implementation of an ISMS 
• Expert advisors seeking to master the implementation of an ISMS
• Individuals responsible for ensuring conformity to information security requirements within an organization
• Members of an ISMS implementation team

General information

• Certification fees are included in the exam price
• Training material containing over 450 pages of information and practical examples will be distributed
• A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued
• In case of exam failure, you can retake the exam within 12 months free of charge

Educational approach

• This training course contains essay-type exercises, multiple-choice quizzes, examples, and best practices used in the implementation of an ISMS.
• The participants are encouraged to communicate with each other and engage in discussions when completing quizzes and exercises. 
• The exercises are based on a case study. 
• The structure of the quizzes is similar to that of the certification exam.

Learning objectives

This training course will help you:

• Gain a comprehensive understanding of the concepts, approaches, methods, and techniques used for the implementation and effective management of an ISMS
• Acknowledge the correlation between ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks
• Understand the operation of an information security management system and its processes based on ISO/IEC 27001
• Learn how to interpret and implement the requirements of ISO/IEC 27001 in the specific context of an organization
• Acquire the necessary knowledge to support an organization in effectively planning, implementing, managing, monitoring, and maintaining an ISMS

Audiance

All staff who need a working knowledge of Compliance and the Management of Risk

Format of the course

A combination of:

• Facilitated Discussions
• Slide Presentations
• Case Studies
• Examples

Course Objectives

By the end of this course, delegates will be able to:

• Understand the major facets of Compliance and the national and international efforts being made to manage the risk related to it
• Define the ways in which a company and its staff might set up a Compliance Risk Management Framework
• Detail the roles of Compliance Officer and Money Laundering Reporting Officer and how they should be integrated into a business
• Understand some other “hot spots” in Financial Crime – especially as they relate to International Business, Offshore Centres and High-Net-Worth Clients

This instructor-led, live Payment Card Industry Professional training in Morocco (online or onsite) provides an individual qualification for industry practitioners who wish to demonstrate their professional expertise and understanding of the PCI Data Security Standard (PCI DSS).

By the end of this training, participants will be able to:

• Understand the payment process and the PCI standards designed to protect it.
• Understand the roles and responsibilities for entities involved in the payment industry.
• Have deep insight into, and understanding of, the 12 PCI DSS requirements.
• Demonstrate knowledge of PCI DSS and how it applies to organizations that are involved in the transaction process.