ISO/IEC 27002 Introduction Training Course

There is a strong global focus on combating money laundering. Compliance officers, AML Officers, MLROs, KYC analysts, Auditors, and Managers must understand how to ensure adherence to Subsidiary 373.01, the Prevention of Money Laundering and Funding of Terrorism Regulations (PMLFTR).

Under the PMLFTR, all Subject Persons, including those within the regulated financial services sector, are required to appoint a Money Laundering Reporting Officer (MLRO).

This practical course provides you with the knowledge and essential guidance needed to implement AML compliance within your organization, with particular attention to the regulatory environment in Malta.

Description:

This four-day CGEIT training event serves as the definitive preparation for the examination, designed to equip you with the knowledge necessary to pass the rigorous CGEIT exam on your first attempt.
The CGEIT qualification is an internationally recognised symbol of excellence in IT governance, awarded by ISACA. It is tailored for professionals tasked with managing IT governance or those holding significant advisory or assurance responsibilities in this field.
Earning CGEIT status will enhance your market visibility and amplify your influence at the executive level.

Objectives:

This seminar is structured to prepare delegates for the CGEIT examination. It enables participants to build upon their existing knowledge and understanding, ensuring they are thoroughly prepared to meet the standards defined by ISACA.

Target Audience:

This course is intended for IT and business professionals who possess substantial experience in IT governance and are preparing to undertake the CGEIT exam.

This instructor-led, live training in Kenya (online or onsite) is designed for compliance professionals in the payment services sector who aim to develop, implement, and enforce an effective compliance program within their organizations.

Upon completion of this training, participants will be able to:

• Grasp the regulatory rules established by government authorities for payment service providers.
• Develop the internal policies and procedures necessary to meet regulatory requirements.
• Implement a compliance program that aligns with applicable laws.
• Ensure that all corporate processes and procedures adhere to the compliance framework.
• Safeguard the business’s reputation while protecting it from potential litigation.

This instructor-led live training in Kenya (online or onsite) is aimed at intermediate-level cybersecurity professionals who wish to enhance their understanding of GRC frameworks and apply them to secure and compliant business operations.

By the end of this training, participants will be able to:

• Understand the key components of cybersecurity governance, risk, and compliance.
• Conduct risk assessments and develop risk mitigation strategies.
• Implement compliance measures and manage regulatory requirements.
• Develop and enforce security policies and procedures.

This course offers an expert introduction to the newly enacted Accessibility Law, empowering developers with the practical skills needed to design, develop, and maintain fully accessible applications. Beginning with a contextual discussion on the law's importance and implications, the course rapidly transitions into hands-on coding practices, tools, and testing techniques to ensure compliance and inclusivity for users with disabilities.

This instructor-led live training in Kenya (online or on-site) is designed for developers and administrators who wish to produce software and products that are HiTrust compliant.

By the end of this training, participants will be able to:

• Understand the key concepts of the HiTrust CSF (Common Security Framework).
• Identify the HITRUST CSF administrative and security control domains.
• Learn about the different types of HiTrust assessments and scoring.
• Understand the certification process and requirements for HiTrust compliance.
• Know the best practices and tips for adopting the HiTrust approach.

Objectives

• Acquire a comprehensive understanding of ISO 27001:2023
• Learn how to conduct audits in alignment with the standard
• Explore industry best practices

Course Objectives

• Acquire comprehensive knowledge of ISO 27001:2023 standards.
• Understand the methodology for conducting audits in alignment with the standard.
• Familiarize yourself with industry best practices.

Objectives

• Understand the updates in the ISO 27001 2023 edition
• Learn how to conduct audits in line with the standard
• Discover industry best practices

Why should you attend?

The PECB ISO/IEC 27001 Foundation training equips you with the fundamental knowledge required to implement and manage an Information Security Management System (ISMS) in accordance with ISO/IEC 27001. Throughout this course, you will gain a comprehensive understanding of ISMS components, such as policy formulation, procedural guidelines, performance metrics, executive commitment, internal auditing, management reviews, and strategies for continuous improvement.

Upon successful completion of this course, you will be eligible to sit for the examination and apply for the “PECB Certified ISO/IEC 27001 Foundation” credential. This certificate validates your grasp of the core methodologies, requirements, framework, and management approaches associated with information security.

Who should attend?

• Professionals currently engaged in Information Security Management.
• Individuals aiming to acquire knowledge regarding the primary processes of Information Security Management Systems (ISMS).
• Those aspiring to build a career in Information Security Management.

Educational approach

• Lectures are enriched with practical questions and real-world examples.
• Practical exercises incorporate case studies and interactive discussions.
• Practice tests mirror the format and rigour of the official Certification Exam.

The ISO/IEC 27002 Lead Manager training equips you with the necessary expertise and knowledge to assist organizations in implementing and managing Information Security controls as outlined in ISO/IEC 27002.

Upon completing this course, you will be eligible to take the exam and apply for the “PECB Certified ISO/IEC 27002 Lead Manager” credential. This PECB Lead Manager Certification demonstrates that you have mastered the principles and techniques for implementing and managing Information Security controls based on ISO/IEC 27002.

Who should attend?

• Managers or consultants aiming to implement an Information Security Management System (ISMS) based on ISO/IEC 27001 and ISO/IEC 27002
• Project managers or consultants seeking to master the Information Security Management System implementation process
• Individuals responsible for information security, compliance, risk, and governance within an organization
• Members of information security teams
• Expert advisors in information technology
• Information Security officers
• Privacy officers
• IT professionals
• CTOs, CIOs, and CISOs

Learning objectives

• Master the implementation of Information Security controls by adhering to the framework and principles of ISO/IEC 27002
• Gain a comprehensive understanding of the concepts, approaches, standards, methods, and techniques required for the effective implementation and management of Information Security controls
• Understand the relationship between the components of Information Security controls, including responsibility, strategy, acquisition, performance, conformance, and human behavior
• Recognize the importance of information security for organizational strategy
• Master the implementation of information security management processes
• Master the formulation and implementation of security requirements and objectives

Educational approach

• This training combines theory and practice
• Course sessions include lectures illustrated with examples from real-world cases
• Practical exercises based on case studies
• Review exercises designed to assist with exam preparation
• Practice tests that mimic the certification exam format

General Information

• Certification fees are included in the exam price
• Training materials containing over 500 pages of information and practical examples will be distributed to participants
• Participants will receive a certificate of participation granting 31 CPD (Continuing Professional Development) credits
• In the event of an exam failure, you can retake the exam within 12 months at no additional cost

Information security threats and attacks are constantly evolving and becoming more sophisticated. The most effective defence against these risks lies in the proper implementation and management of information security controls and best practices. Furthermore, robust information security is a critical expectation and requirement for customers, legislators, and other key stakeholders.

This training course is designed to equip participants with the skills needed to implement an Information Security Management System (ISMS) in accordance with ISO/IEC 27001. It aims to provide a thorough understanding of ISMS best practices and establish a framework for its ongoing management and improvement.

Upon completing the training course, participants may sit for the exam. Those who successfully pass can apply for the “PECB Certified ISO/IEC 27001 Lead Implementer” credential, which validates their ability and practical knowledge to implement an ISMS based on the requirements of ISO/IEC 27001.

Who Can Attend?

• Project managers and consultants involved in or concerned with the implementation of an ISMS
• Expert advisors aiming to master the implementation of an ISMS
• Individuals responsible for ensuring conformity to information security requirements within an organization
• Members of an ISMS implementation team

General information

• Certification fees are included in the exam price
• Training material containing over 450 pages of information and practical examples will be distributed
• A participation certificate awarding 31 CPD (Continuing Professional Development) credits will be issued
• In case of exam failure, you can retake the exam within 12 months free of charge

Educational approach

• This training course contains essay-type exercises, multiple-choice quizzes, examples, and best practices used in the implementation of an ISMS.
• The participants are encouraged to communicate with each other and engage in discussions when completing quizzes and exercises.
• The exercises are based on a case study.
• The structure of the quizzes is similar to that of the certification exam.

Learning objectives

This training course will help you:

• Gain a comprehensive understanding of the concepts, approaches, methods, and techniques used for the implementation and effective management of an ISMS
• Acknowledge the correlation between ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks
• Understand the operation of an information security management system and its processes based on ISO/IEC 27001
• Learn how to interpret and implement the requirements of ISO/IEC 27001 in the specific context of an organization
• Acquire the necessary knowledge to support an organization in effectively planning, implementing, managing, monitoring, and maintaining an ISMS

ISO 9001 and ISO 27001 stand as globally recognised benchmarks for Quality Management Systems and Information Security Management Systems, respectively.

Designed for professionals at an intermediate level, this instructor-led live training (available online or on-site) focuses on helping participants accurately interpret these standards and execute internal audits with confidence.

Upon completing this training, attendees will be equipped to:

• Grasp the core principles and specific requirements of ISO 9001 and ISO 27001.
• Apply clause and control interpretations to practical, real-world scenarios.
• Effectively plan and execute internal audits that align with ISO standards.
• Spot nonconformities and propose appropriate corrective actions.

Course Delivery Format

• Engaging lectures and interactive discussions.
• Simulated audit exercises and in-depth case studies.
• Practical analysis of quality and security challenges.

Customisation Options

• For tailored training arrangements, please reach out to us directly.

This instructor-led, live training session in Kenya (available online or onsite) is tailored for intermediate to expert-level IT professionals looking to enhance their competencies and qualifications in information security or allied fields.

By the conclusion of this training, participants will be able to:

• Understand the differences between ISO/IEC 27001:2013 and ISO/IEC 27001:2022.
• Acquire the knowledge and skills required to plan and implement the transition from the 2013 to the 2022 version of the standard efficiently.
• Apply this knowledge in real-world scenarios, thereby facilitating a smooth transition within their respective organizations.