HiTrust Common Security Framework Compliance Training Course

There is a strong global focus on combating money laundering. Compliance officers, AML Officers, MLROs, KYC analysts, Auditors, and Managers must understand how to ensure adherence to Subsidiary 373.01, the Prevention of Money Laundering and Funding of Terrorism Regulations (PMLFTR).

Under the PMLFTR, all Subject Persons, including those within the regulated financial services sector, are required to appoint a Money Laundering Reporting Officer (MLRO).

This practical course provides you with the knowledge and essential guidance needed to implement AML compliance within your organization, with particular attention to the regulatory environment in Malta.

Who is it for:

Any professional engaged in the fields of information security and information assurance.

What will I learn:

Candidates will be expected to demonstrate:

• The significant business advantages derived from effective information risk management.
• The ability to articulate and fully utilize the terminology associated with information risk management.
• The methods for conducting threat and vulnerability assessments, business impact analyses, and risk assessments.
• The core principles governing controls and risk treatment.
• Techniques for presenting findings in a format suitable for developing a risk treatment plan.
• The application of information classification schemes.

The EC-Council’s CCISO Program has certified leading information security professionals around the world. A core group of high-level information security executives, the CCISO Advisory Board, contributed by forming the foundation of the program and outlining the content that would be covered by the exam, body of knowledge, and training. Some members of the Board contributed as authors, others as exam writers, others as quality assurance checks, and still others as trainers. Each segment of the program was developed with the aspiring CISO in mind and looks to transfer the knowledge of seasoned professionals to the next generation in the areas that are most critical in the development and maintenance of a successful information security program.

The Certified CISO (CCISO) program is the first of its kind training and certification program aimed at producing top-level information security executives. The CCISO does not focus solely on technical knowledge but on the application of information security management principles from an executive management point of view. The program was developed by sitting CISOs for current and aspiring CISOs.

This instructor-led, live training in Kenya (online or onsite) is designed for beginner to intermediate system administrators and security professionals who wish to learn how to implement Cloudflare for content delivery and cloud security, as well as mitigate DDoS attacks.

Upon completion of this training, participants will be equipped to:

• Configure Cloudflare for their websites.
• Set up DNS records and SSL certificates.
• Deploy Cloudflare for content delivery and caching.
• Shield their websites from DDoS attacks.
• Establish firewall rules to control and restrict traffic to their websites.

This instructor-led, live training in Kenya (online or onsite) is designed for compliance professionals in the payment services sector who aim to develop, implement, and enforce an effective compliance program within their organizations.

Upon completion of this training, participants will be able to:

• Grasp the regulatory rules established by government authorities for payment service providers.
• Develop the internal policies and procedures necessary to meet regulatory requirements.
• Implement a compliance program that aligns with applicable laws.
• Ensure that all corporate processes and procedures adhere to the compliance framework.
• Safeguard the business’s reputation while protecting it from potential litigation.

This instructor-led live training in Kenya (online or onsite) is aimed at intermediate-level cybersecurity professionals who wish to enhance their understanding of GRC frameworks and apply them to secure and compliant business operations.

By the end of this training, participants will be able to:

• Understand the key components of cybersecurity governance, risk, and compliance.
• Conduct risk assessments and develop risk mitigation strategies.
• Implement compliance measures and manage regulatory requirements.
• Develop and enforce security policies and procedures.

This instructor-led, live training in Kenya (online or onsite) is aimed at intermediate to advanced IT professionals and business leaders who wish to develop a structured approach to handling data breaches.

By the end of this training, participants will be able to:

• Understand the causes and consequences of data breaches.
• Develop and implement data breach prevention strategies.
• Establish an incident response plan to contain and mitigate breaches.
• Conduct forensic investigations and assess the impact of breaches.
• Comply with legal and regulatory requirements for breach notification.
• Recover from data breaches and strengthen security postures.

This course offers an expert introduction to the newly enacted Accessibility Law, empowering developers with the practical skills needed to design, develop, and maintain fully accessible applications. Beginning with a contextual discussion on the law's importance and implications, the course rapidly transitions into hands-on coding practices, tools, and testing techniques to ensure compliance and inclusivity for users with disabilities.

The ISO/IEC 27002 Lead Manager training equips you with the necessary expertise and knowledge to assist organizations in implementing and managing Information Security controls as outlined in ISO/IEC 27002.

Upon completing this course, you will be eligible to take the exam and apply for the “PECB Certified ISO/IEC 27002 Lead Manager” credential. This PECB Lead Manager Certification demonstrates that you have mastered the principles and techniques for implementing and managing Information Security controls based on ISO/IEC 27002.

Who should attend?

• Managers or consultants aiming to implement an Information Security Management System (ISMS) based on ISO/IEC 27001 and ISO/IEC 27002
• Project managers or consultants seeking to master the Information Security Management System implementation process
• Individuals responsible for information security, compliance, risk, and governance within an organization
• Members of information security teams
• Expert advisors in information technology
• Information Security officers
• Privacy officers
• IT professionals
• CTOs, CIOs, and CISOs

Learning objectives

• Master the implementation of Information Security controls by adhering to the framework and principles of ISO/IEC 27002
• Gain a comprehensive understanding of the concepts, approaches, standards, methods, and techniques required for the effective implementation and management of Information Security controls
• Understand the relationship between the components of Information Security controls, including responsibility, strategy, acquisition, performance, conformance, and human behavior
• Recognize the importance of information security for organizational strategy
• Master the implementation of information security management processes
• Master the formulation and implementation of security requirements and objectives

Educational approach

• This training combines theory and practice
• Course sessions include lectures illustrated with examples from real-world cases
• Practical exercises based on case studies
• Review exercises designed to assist with exam preparation
• Practice tests that mimic the certification exam format

General Information

• Certification fees are included in the exam price
• Training materials containing over 500 pages of information and practical examples will be distributed to participants
• Participants will receive a certificate of participation granting 31 CPD (Continuing Professional Development) credits
• In the event of an exam failure, you can retake the exam within 12 months at no additional cost

Information security threats and attacks are constantly evolving and becoming more sophisticated. The most effective defence against these risks lies in the proper implementation and management of information security controls and best practices. Furthermore, robust information security is a critical expectation and requirement for customers, legislators, and other key stakeholders.

This training course is designed to equip participants with the skills needed to implement an Information Security Management System (ISMS) in accordance with ISO/IEC 27001. It aims to provide a thorough understanding of ISMS best practices and establish a framework for its ongoing management and improvement.

Upon completing the training course, participants may sit for the exam. Those who successfully pass can apply for the “PECB Certified ISO/IEC 27001 Lead Implementer” credential, which validates their ability and practical knowledge to implement an ISMS based on the requirements of ISO/IEC 27001.

Who Can Attend?

• Project managers and consultants involved in or concerned with the implementation of an ISMS
• Expert advisors aiming to master the implementation of an ISMS
• Individuals responsible for ensuring conformity to information security requirements within an organization
• Members of an ISMS implementation team

General information

• Certification fees are included in the exam price
• Training material containing over 450 pages of information and practical examples will be distributed
• A participation certificate awarding 31 CPD (Continuing Professional Development) credits will be issued
• In case of exam failure, you can retake the exam within 12 months free of charge

Educational approach

• This training course contains essay-type exercises, multiple-choice quizzes, examples, and best practices used in the implementation of an ISMS.
• The participants are encouraged to communicate with each other and engage in discussions when completing quizzes and exercises.
• The exercises are based on a case study.
• The structure of the quizzes is similar to that of the certification exam.

Learning objectives

This training course will help you:

• Gain a comprehensive understanding of the concepts, approaches, methods, and techniques used for the implementation and effective management of an ISMS
• Acknowledge the correlation between ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks
• Understand the operation of an information security management system and its processes based on ISO/IEC 27001
• Learn how to interpret and implement the requirements of ISO/IEC 27001 in the specific context of an organization
• Acquire the necessary knowledge to support an organization in effectively planning, implementing, managing, monitoring, and maintaining an ISMS

Target Audience

This course is designed for all staff members who need a practical grasp of Compliance and effective Risk Management.

Course Structure

The training utilizes a blended learning methodology that incorporates:

• Guided discussions
• Slide presentations
• Case studies
• Real-world examples

Learning Objectives

Upon completion of the course, participants will be equipped to:

Gain a robust understanding of Compliance fundamentals, alongside national and global initiatives focused on managing related risks.

Articulate how organizations and their teams can implement an effective Compliance Risk Management Framework.

Outline the duties of the Compliance Officer and the Money Laundering Reporting Officer, and comprehend how these roles fit into the broader business structure.

Pinpoint critical risk areas within Financial Crime, specifically regarding international operations, offshore centres, and high-net-worth clients.

Open Source Software (OSS) Management involves the oversight of the lifecycle of open-source components within an organization, ensuring their secure, compliant, and efficient utilization.

This instructor-led, live training (available online or onsite) is designed for intermediate-level IT professionals aiming to implement best practices for managing open-source software in enterprise and government settings.

Upon completion of this training, participants will be able to:

• Implement effective OSS policies and governance frameworks.
• Utilize SBOM and SCA tools to identify, track, and manage open-source dependencies.
• Mitigate risks related to licensing and security vulnerabilities.
• Streamline OSS adoption to maximize innovation and cost savings.

Course Format

• Interactive lectures and discussions.
• Case studies and scenario-based exercises.
• Hands-on demonstrations using OSS management tools.

Customization Options

• This course can be tailored to specific organizational OSS policies and toolchains. Please contact us to arrange.

This instructor-led, live Payment Card Industry Professional training in Kenya (online or onsite) offers a professional qualification for industry practitioners aiming to showcase their expertise and deep understanding of the PCI Data Security Standard (PCI DSS).

Upon completing this training, participants will be able to:

• Grasp the payment process and the PCI standards established to safeguard it.
• Comprehend the roles and responsibilities of entities within the payment industry.
• Gain profound insight into and understanding of the 12 PCI DSS requirements.
• Demonstrate knowledge of PCI DSS and its application to organizations involved in the transaction process.

The strength of any organization’s governance relies heavily on its board of directors, which in turn depends on the effectiveness of its chairman. Despite this, the role of board leadership receives the least amount of training and support, even though it is critical for board success. Frequently, board leaders and chief executives find themselves in power struggles. This course reveals the strategies employed by the world’s top board leaders and shares practical, real-world insights from experienced board professionals.

Are you aiming for your inaugural board position? Perhaps you have recently secured a board role and are preparing for your first meeting? Or maybe your organization wants to equip rising managers and diverse talent with the essential knowledge required for boardroom inclusion and effectiveness. This intensive one-day programme provides everything you need to be competent, well-informed, and fully prepared the moment you step through those boardroom doors.