ISO/IEC 27005 Lead Risk Manager Training Course

This instructor-led, live training in Uzbekistan (online or onsite) is aimed at beginner-level professionals who wish to gain an understanding of ISO 27001 and its role in enhancing information security within an organization.

By the end of this training, participants will be able to:

• Understand the purpose and benefits of an ISMS.
• Familiarize themselves with key ISO 27001 concepts, terms, and principles.
• Recognize the role of an auditor in ensuring compliance.
• Gain insight into the audit process and continual improvement within ISO 27001.

Description:

Basel III is a global regulatory framework for bank capital adequacy, stress testing, and market liquidity risk. Initially agreed upon by the Basel Committee on Banking Supervision between 2010 and 2011, the implementation of these standards was extended to March 31, 2019. Basel III enhances bank capital requirements by improving liquidity and reducing leverage.
Unlike Basel I and II, Basel III requires different levels of reserves for various types of deposits and borrowings, complementing rather than replacing the earlier accords.
Navigating this complex and evolving regulatory landscape can be challenging. Our course and training will help you manage these changes and their impact on your institution effectively. We are accredited by the Basel Certification Institute and ensure that our training materials are up-to-date and of the highest quality.

Objectives:

• Prepare for the Certified Basel Professional Examination.
• Develop practical strategies and techniques for defining, measuring, analyzing, improving, and controlling operational risk within a banking organization.

Target Audience:

• Board members with risk management responsibilities
• Chief Risk Officers (CROs) and Heads of Risk Management
• Risk Management team members
• Compliance, legal, and IT support staff
• Equity and Credit Analysts
• Portfolio Managers
• Rating Agency Analysts

Overview:

• An introduction to Basel norms and the amendments in Basel III
• Regulations for market, credit, counterparty, and liquidity risk
• Stress testing methodologies, including how to design and conduct stress tests
• The potential impact of Basel III on the international banking sector, with practical demonstrations of its application
• The necessity for new Basel norms
• The components of Basel III
• The objectives of Basel III
• The timeline for Basel III implementation

Description:

This four-day event (CGEIT training) is the ultimate preparation to help you pass the challenging CGEIT exam on your first attempt. The CGEIT qualification is an internationally recognized symbol of excellence in IT governance, awarded by ISACA. It is designed for professionals responsible for managing IT governance or those with significant advisory or assurance responsibilities in this area. Achieving CGEIT status will enhance your recognition in the marketplace and increase your influence at the executive level.

Objectives:

This seminar is tailored to prepare participants for the CGEIT examination by enhancing their existing knowledge and understanding, ensuring they are better equipped to pass the exam as defined by ISACA.

Target Audience:

Our training course is aimed at IT and business professionals with substantial IT governance experience who are preparing to take the CGEIT exam.

Course Goal:

To ensure that participants have a solid understanding of GRC processes and capabilities, and the skills needed to integrate governance, performance management, risk management, internal control, and compliance activities effectively.

Overview:

• Fundamental terms and definitions in GRC
• Key principles of GRC
• Core components, practices, and activities within GRC
• The relationship between GRC and other disciplines

Objectives

• Gaining knowledge of ISO 27001:2023
• Gaining knowledge on how to audit in accordance with the standard
• Getting to know good practices

Objectives

• Gaining knowledge of ISO 27001:2023
• Gaining knowledge on how to audit in accordance with the standard
• Getting to know good practices

Objectives

• Gaining knowledge about changes to ISO 27001 2023 edition
• Gaining knowledge on how to audit in accordance with the standard
• Getting to know good practices

Why should you attend?

The ISO/IEC 27001 Foundation training course provides a comprehensive understanding of the essential elements required to implement and manage an Information Security Management System as outlined in ISO/IEC 27001. Throughout this course, you will gain insights into various aspects of the ISMS, such as policy development, procedures, performance metrics, management commitment, internal audits, management reviews, and continuous improvement.

Upon completing this course, you will be eligible to take the exam and apply for the “PECB Certified ISO/IEC 27001 Foundation” certification. This credential demonstrates your proficiency in the fundamental methodologies, requirements, framework, and management approaches outlined in ISO/IEC 27001.

Who should attend?

• Professionals involved in Information Security Management
• Individuals aiming to gain knowledge about the core processes of Information Security Management Systems (ISMS)
• Those interested in pursuing a career in Information Security Management

Educational approach

• Lecture sessions are complemented with practical questions and examples to enhance understanding
• Practical exercises include real-world scenarios and group discussions to reinforce learning
• Practice tests mirror the format of the Certification Exam, helping you prepare effectively

ISO/IEC 27001 Lead Auditor

The ISO/IEC 27001 Lead Auditor training equips you with the essential expertise to conduct an Information Security Management System (ISMS) audit, using widely accepted audit principles, procedures, and techniques.

Why should you attend?

Throughout this training course, you will gain the knowledge and skills required to plan and execute both internal and external audits in accordance with ISO 19011 and the ISO/IEC 17021-1 certification process.

Through practical exercises, you will become proficient in audit techniques and be capable of managing an audit program, leading an audit team, communicating with clients, and resolving conflicts.

Once you have acquired the necessary expertise to perform these audits, you can take the exam and apply for a “PECB Certified ISO/IEC 27001 Lead Auditor” credential. Holding a PECB Lead Auditor Certificate will demonstrate your ability and competence to audit organizations based on best practices.

Who should attend?

• Auditors aiming to conduct and lead Information Security Management System (ISMS) certification audits
• Managers or consultants looking to master the ISMS audit process
• Individuals responsible for ensuring compliance with Information Security Management System requirements
• Technical experts preparing for an ISMS audit
• Expert advisors in Information Security Management

Learning objectives

• Understand the functioning of an Information Security Management System based on ISO/IEC 27001
• Recognize the relationship between ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks
• Understand an auditor’s role in planning, leading, and following up on a management system audit according to ISO 19011
• Learn how to lead an audit and manage an audit team
• Learn how to interpret the requirements of ISO/IEC 27001 in the context of an ISMS audit
• Acquire the competencies of an auditor to plan, lead, draft reports, and follow up on audits in compliance with ISO 19011

Educational approach

• This training combines theoretical knowledge with best practices used in ISMS audits
• Lecture sessions are complemented with examples based on case studies
• Practical exercises include role-playing and discussions based on a case study
• Practice tests mimic the Certification Exam

Information security threats and attacks are constantly evolving. The best defense against these threats is the effective implementation and management of information security controls and best practices. Ensuring robust information security is also a key expectation from customers, legislators, and other stakeholders.

This training course is designed to equip participants with the skills needed to implement an Information Security Management System (ISMS) based on ISO/IEC 27001. It aims to provide a thorough understanding of ISMS best practices and a framework for its continuous management and improvement.

After completing the training, you will be eligible to take the exam. If you pass, you can apply for the “PECB Certified ISO/IEC 27001 Lead Implementer” credential, which confirms your ability and practical knowledge in implementing an ISMS according to the requirements of ISO/IEC 27001.

Who Can Attend?

• Project managers and consultants involved in or concerned with the implementation of an ISMS
• Expert advisors looking to master the implementation of an ISMS
• Individuals responsible for ensuring compliance with information security requirements within an organization
• Members of an ISMS implementation team

General Information

• Certification fees are included in the exam price.
• Training materials containing over 450 pages of information and practical examples will be provided.
• A participation certificate with 31 CPD (Continuing Professional Development) credits will be issued.
• If you fail the exam, you can retake it within 12 months at no additional cost.

Educational Approach

• The training course includes essay-type exercises, multiple-choice quizzes, examples, and best practices for implementing an ISMS.
• Participants are encouraged to communicate with each other and engage in discussions while completing quizzes and exercises.
• Exercises are based on a case study.
• The structure of the quizzes mirrors that of the certification exam.

Learning Objectives

This training course will help you:

• Gain a comprehensive understanding of the concepts, approaches, methods, and techniques used for implementing and effectively managing an ISMS.
• Recognize the relationship between ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks.
• Understand how an information security management system operates and its processes based on ISO/IEC 27001.
• Learn to interpret and implement the requirements of ISO/IEC 27001 in the context of a specific organization.
• Acquire the knowledge needed to support an organization in effectively planning, implementing, managing, monitoring, and maintaining an ISMS.

ISO 9001 and ISO 27001 are internationally recognized standards for quality management systems and information security management systems, respectively.

This instructor-led, live training (available both online and on-site) is designed for intermediate-level professionals who wish to interpret these ISO standards and conduct internal audits effectively.

By the end of this training, participants will be able to:

• Comprehend the principles and requirements of ISO 9001 and ISO 27001.
• Interpret the clauses and controls in practical scenarios.
• Plan and execute internal audits in line with ISO standards.
• Identify nonconformities and suggest corrective actions.

Format of the Course

• Interactive lectures and discussions.
• Simulated auditing exercises and case studies.
• Practical analysis of quality and security scenarios.

Course Customization Options

• To request a customized training program for this course, please contact us to arrange.

The ISO/IEC 27001 Transition training course enables participants to thoroughly understand the differences between ISO/IEC 27001:2013 and ISO/IEC 27001:2022. In addition, participants will acquire knowledge on the new concepts presented by ISO/IEC 27001:2022.

Who can attend?

• Auditors who wish to conduct and lead information security management system (ISMS) audits
• Managers or consultants aiming to master the ISMS audit process
• Individuals responsible for maintaining compliance with ISMS requirements within an organization
• Technical experts preparing to undertake ISMS audits
• Expert advisors in information security management

Learning objectives

By the end of this training course, participants will be able to:

1. Explain the fundamental concepts and principles of an information security management system (ISMS) based on ISO/IEC 27001
2. Interpret the ISO/IEC 27001 requirements for an ISMS from an auditor's perspective
3. Evaluate whether an ISMS complies with ISO/IEC 27001 requirements, in line with fundamental audit concepts and principles
4. Plan, conduct, and conclude an ISO/IEC 27001 compliance audit, adhering to ISO/IEC 17021-1 requirements, ISO 19011 guidelines, and other auditing best practices
5. Manage an ISO/IEC 27001 audit program

Educational approach

• This training combines theoretical knowledge with practical experience in ISMS audits
• Lecture sessions are enriched with examples drawn from case studies
• Practical exercises involve a case study that includes role-playing and discussions
• Practice tests mirror the Certification Exam format

Audience

This course is designed for all staff who require a comprehensive understanding of Compliance and Risk Management.

Format of the Course

The course is structured as a blend of:

• Facilitated Discussions
• Slide Presentations
• Case Studies
• Practical Examples

Course Objectives

By the end of this course, participants will be able to:

• Grasp the key aspects of Compliance and the national and international initiatives aimed at managing associated risks.
• Identify the methods for establishing a Compliance Risk Management Framework within a company and its workforce.
• Explain the roles of the Compliance Officer and Money Laundering Reporting Officer, and how these positions should be integrated into business operations.
• Recognize other critical areas in Financial Crime, particularly those relevant to International Business, Offshore Centers, and High-Net-Worth Clients.

This instructor-led, live training in Uzbekistan (online or onsite) is aimed at intermediate to expert-level IT professionals who wish to enhance their skills and qualifications in information security or related fields.

By the end of this training, participants will be able to:

• Understand the differences between ISO/IEC 27001:2013 and ISO/IEC 27001:2022.
• Gain the knowledge and skills to plan and implement the transition from the 2013 to the 2022 version of the standard efficiently.
• Apply the knowledge in real-world scenarios, facilitating a smooth transition in their respective organizations.