BCS Foundation Certificate in Information Security Management Principles (CISMP) Training Course

Course Description

A comprehensive course focused on AI security, governance, compliance, and risk management for enterprise implementations. Designed for security professionals, compliance officers, and technology leaders responsible for secure AI deployment and governance frameworks.

There is a growing international focus on combating money laundering. Compliance officers, AML Officers, MLROs, KYC analysts, auditors, and managers must understand how to ensure compliance with Subsidiary Legislation 373.01, the Prevention of Money Laundering and Funding of Terrorism Regulations (PMLFTR).

Under the PMLFTR, all Subject Persons, including those operating within the regulated financial services sector, are required to appoint a Money Laundering Reporting Officer (MLRO).

This practical course equips you with the knowledge and essential guidance needed to effectively manage AML compliance within your organisation, with particular emphasis on Malta’s regulatory environment.

Description:

Basel III is a global regulatory standard governing bank capital adequacy, stress testing, and market liquidity risk. Initially agreed upon by the Basel Committee on Banking Supervision in 2010–11, amendments to the Accord have extended implementation until 31st March 2019. Basel III strengthens bank capital requirements by enhancing bank liquidity and reducing bank leverage.
Unlike Basel I and II, Basel III mandates varying reserve levels for different types of deposits and borrowings; rather than replacing them, it operates alongside these earlier frameworks.
Given the complexity and constant evolution of this regulatory landscape, keeping pace can be challenging. Our course and training are designed to help you anticipate likely changes and manage their impact on your institution. We are accredited and serve as a training partner to the Basel Certification Institute, ensuring that the quality and relevance of our training materials remain up to date and effective.

Objectives:

• Prepare participants for the Certified Basel Professional Examination.
• Define practical strategies and techniques for the definition, measurement, analysis, improvement, and control of operational risk within a banking organisation.

Target Audience:

• Board members with risk responsibilities
• Chief Risk Officers (CROs) and Heads of Risk Management
• Members of the Risk Management team
• Compliance, legal, and IT support staff
• Equity and Credit Analysts
• Portfolio Managers
• Rating Agency Analysts

Overview:

• Introduction to Basel norms and amendments to the Basel Accord (III)
• Regulations covering market, credit, counterparty, and liquidity risk
• Stress testing for various risk measures, including guidance on formulating and delivering stress tests
• The likely effects of Basel III on the international banking industry, including demonstrations of its practical application
• The need for the new Basel norms
• The Basel III norms
• Objectives of the Basel III norms
• Basel III – Timeline

This instructor-led, live training in Uzbekistan (online or onsite) is designed for advanced-level professionals seeking a comprehensive understanding of fraud examination concepts and preparation for the Certified Fraud Examiner (CFE) exam.

Upon completing this training, participants will be able to:

• Acquire a thorough understanding of fraud examination principles and the overall fraud examination process.
• Learn to identify, investigate, and prevent various types of financial fraud schemes.
• Understand the legal framework surrounding fraud, including the legal elements of fraud, applicable laws, and regulations.
• Develop practical skills for conducting fraud investigations, such as evidence collection, interviewing techniques, and data analysis.
• Learn to design and implement effective fraud prevention and deterrence programs within organizations.
• Gain the confidence and knowledge necessary to successfully pass the Certified Fraud Examiner (CFE) exam.

Description:

This four-day CGEIT training event serves as comprehensive preparation for the exam, designed to help you pass the challenging CGEIT certification on your first attempt.
The CGEIT designation is an internationally recognized symbol of excellence in IT governance, awarded by ISACA. It is intended for professionals responsible for managing IT governance or those with significant advisory or assurance responsibilities regarding IT governance.
Achieving CGEIT status will enhance your recognition in the marketplace and increase your influence at the executive level.

Objectives:

This seminar is designed to prepare delegates for the CGEIT examination by enabling them to supplement their existing knowledge and understanding, thereby improving their readiness to pass the exam as defined by ISACA.

Target Audience:

Our training course is intended for IT and business professionals with significant IT governance experience who are preparing for the CGEIT exam.

Learning Objectives

This COBIT 2019 Foundation course serves as an introductory guide to the COBIT 2019 framework. It equips participants with the knowledge needed to leverage an integrated business framework for the governance and management of enterprise IT. This approach helps achieve IT-business alignment, reduce costs, and boost productivity. The key areas covered in the course include:

• Overview of the new framework
• Essential concepts and terminology
• Principles of governance and the framework
• Components of the governance system
• Objectives for governance and management
• Performance management strategies
• Designing a customized governance system

This instructor-led, live training in Uzbekistan (online or on-site) is designed for compliance professionals in the payment services sector who aim to develop, implement, and enforce a comprehensive compliance program within their organisation.

By the conclusion of this training, participants will be able to:

• Comprehend the regulatory rules established by government authorities for payment service providers.
• Develop the internal policies and procedures required to meet governmental regulatory standards.
• Implement a compliance framework that aligns with applicable laws.
• Ensure all corporate processes and procedures adhere to the established compliance programme.
• Protect the organisation's reputation while mitigating legal risks.

This instructor-led live training in Uzbekistan (online or onsite) is targeted at intermediate-level cybersecurity professionals who wish to expand their understanding of GRC frameworks and apply them to secure and compliant business operations.

By the end of this training, participants will be able to:

• Understand the key components of cybersecurity governance, risk, and compliance.
• Conduct risk assessments and develop risk mitigation strategies.
• Implement compliance measures and manage regulatory requirements.
• Develop and enforce security policies and procedures.

This course offers a comprehensive introduction to the newly enacted Accessibility Law, empowering developers with the practical skills needed to design, build, and sustain fully accessible applications. Beginning with an exploration of the law's significance and implications, the curriculum rapidly transitions into hands-on coding practices, tool utilization, and testing methodologies to guarantee compliance and inclusivity for users with disabilities.

Course Objective:

Equip participants with a foundational understanding of GRC processes and capabilities, along with the practical skills needed to effectively integrate governance, performance management, risk management, internal control, and compliance initiatives.

Course Summary:

• Essential terminology and definitions in GRC
• Core principles of GRC
• Key components, best practices, and operational activities
• Integration of GRC with other professional disciplines

This instructor-led, live training in Uzbekistan (online or onsite) is aimed at developers and administrators who wish to produce software and products that are HiTRUST compliant.

By the end of this training, participants will be able to:

• Understand the key concepts of the HiTrust CSF (Common Security Framework).
• Identify the HITRUST CSF administrative and security control domains.
• Learn about the different types of HiTrust assessments and scoring.
• Understand the certification process and requirements for HiTrust compliance.
• Know the best practices and tips for adopting the HiTrust approach.

ISO/IEC 27002 Lead Manager training equips you with the essential expertise and knowledge required to assist organizations in implementing and managing Information Security controls as outlined in ISO/IEC 27002.

Upon completing this course, you are eligible to sit for the exam and apply for the “PECB Certified ISO/IEC 27002 Lead Manager” credential. This PECB Lead Manager Certification validates your mastery of the principles and techniques necessary for implementing and managing Information Security Controls in accordance with ISO/IEC 27002.

Who should attend?

• Managers or consultants aiming to implement an Information Security Management System (ISMS) based on ISO/IEC 27001 and ISO/IEC 27002
• Project managers or consultants looking to master the Information Security Management System implementation process
• Professionals responsible for information security, compliance, risk, and governance within an organization
• Members of information security teams
• Expert advisors in information technology
• Information Security officers
• Privacy officers
• IT professionals
• CTOs, CIOs, and CISOs

Learning objectives

• Gain mastery in implementing Information Security controls by adhering to the framework and principles of ISO/IEC 27002
• Develop a comprehensive understanding of the concepts, approaches, standards, methods, and techniques required for the effective implementation and management of Information Security controls
• Understand the relationships between the components of Information Security controls, including responsibility, strategy, acquisition, performance, conformance, and human behavior
• Comprehend the critical role of information security in supporting organizational strategy
• Master the implementation of information security management processes
• Master the formulation and implementation of security requirements and objectives

Educational approach

• This training combines theoretical foundations with practical application
• Instructional sessions featuring lectures supplemented by examples from real-world cases
• Practical exercises based on detailed case studies
• Review exercises designed to support exam preparation
• Practice tests that mirror the format and difficulty of the certification exam

General Information

• Certification fees are included in the exam price
• Training materials comprising over 500 pages of information and practical examples will be provided to participants
• Participants will receive a participation certificate worth 31 CPD (Continuing Professional Development) credits
• In the event of an unsuccessful exam attempt, candidates may retake the exam within 12 months at no additional cost

Information security threats and attacks are constantly evolving and becoming more sophisticated. The most effective defense against these risks lies in the proper implementation and management of information security controls and best practices. Furthermore, robust information security is a critical expectation and requirement for customers, legislators, and other stakeholders.

This training course is designed to equip participants with the skills needed to implement an Information Security Management System (ISMS) in accordance with ISO/IEC 27001. It aims to provide a thorough understanding of ISMS best practices and establish a framework for its ongoing management and enhancement.

Upon completing the training course, you have the opportunity to take the certification exam. If you pass successfully, you may apply for the “PECB Certified ISO/IEC 27001 Lead Implementer” credential, which validates your ability and practical knowledge to implement an ISMS based on the requirements of ISO/IEC 27001.

Who Can Attend?

• Project managers and consultants involved in or responsible for the implementation of an ISMS
• Expert advisors aiming to master the implementation of an ISMS
• Professionals tasked with ensuring organizational conformity to information security requirements
• Members of an ISMS implementation team

General information

• Certification fees are included in the exam price
• Training materials comprising over 450 pages of information and practical examples will be provided
• A participation certificate granting 31 CPD (Continuing Professional Development) credits will be issued
• In the event of an exam failure, you can retake the exam within 12 months at no additional cost

Educational approach

• This training course features essay-type exercises, multiple-choice quizzes, real-world examples, and best practices relevant to ISMS implementation.
• Participants are encouraged to interact with one another and engage in discussions while completing quizzes and exercises.
• The exercises are based on a detailed case study.
• The quiz structure mirrors that of the certification exam.

Learning objectives

This training course will help you:

• Gain a comprehensive understanding of the concepts, approaches, methods, and techniques used for implementing and effectively managing an ISMS
• Recognize the relationship between ISO/IEC 27001, ISO/IEC 27002, and other relevant standards and regulatory frameworks
• Understand the operation of an information security management system and its processes as defined by ISO/IEC 27001
• Learn how to interpret and implement the requirements of ISO/IEC 27001 within a specific organizational context
• Acquire the necessary knowledge to support an organization in effectively planning, implementing, managing, monitoring, and maintaining an ISMS

Audience

This course is designed for all staff members who need a practical grasp of Compliance and effective Risk Management.

Course Format

The training employs a blended methodology that encompasses:

• Facilitated discussions
• Slide-based presentations
• Case studies
• Real-world examples

Learning Objectives

Upon completion, participants will be equipped to:

Gain a robust understanding of the core components of Compliance, alongside national and international initiatives focused on managing related risks.

Articulate how organizations and their teams can implement a robust Compliance Risk Management Framework.

Outline the duties of the Compliance Officer and the Money Laundering Reporting Officer, and comprehend how these roles fit within the broader business structure.

Pinpoint significant risk areas within Financial Crime, especially concerning international operations, offshore centers, and high-net-worth clients.

Open Source Software (OSS) Management refers to the systematic oversight of the lifecycle of open-source components within an organization, ensuring their secure, compliant, and efficient utilization.

This instructor-led, live training session (available online or on-site) is designed for intermediate-level IT professionals who aim to implement best practices for managing open-source software in enterprise and government settings.

By the conclusion of this training, participants will be able to:

• Establish effective OSS policies and governance frameworks.
• Leverage SBOM and SCA tools to identify, track, and manage open-source dependencies.
• Mitigate risks related to licensing and security vulnerabilities.
• Streamline OSS adoption while maximizing innovation and cost efficiency.

Course Format

• Interactive lectures and group discussions.
• Case studies and scenario-based practical exercises.
• Hands-on demonstrations using OSS management tools.

Course Customization Options

• This course can be tailored to align with your organization's specific OSS policies and toolchains. Please contact us to arrange customization.