ISO 37301 Compliance Management System Training Course

This instructor-led, live training session in Kenya (online or onsite) is designed for beginner-level quality assurance professionals, regulatory compliance staff, medical device engineers, and other individuals involved in medical device manufacturing who wish to develop a foundational understanding of ISO 13485. This knowledge will help them implement and maintain a compliant quality management system and ensure regulatory compliance within their organisations.

By the end of this training, participants will be able to:

• Understand the structure, purpose, and requirements of ISO 13485:2016.
• Learn about the quality management principles specific to medical devices.
• Gain insights into key processes and documentation required for compliance.
• Understand the steps to implement and maintain an ISO 13485 quality management system (QMS).

Why should you attend?

This training course is designed to help participants understand the fundamental concepts and principles of a business continuity management system (BCMS) based on ISO 22301. By attending this training course, participants will learn more about the structure and requirements of the standard including the BCMS policy, the top management’s commitment, internal audit, management review, and continual improvement process.

After attending the training course, you can sit the exam and, if you successfully pass it, you can apply for the “PECB Certificate Holder in ISO 22301 Foundation” credential. A PECB Foundation certificate shows that you have knowledge on the fundamental concepts, principles, methodologies, requirements, framework, and management approach used in business continuity.

Who should attend?

• Individuals involved in business continuity
• Individuals seeking to gain knowledge about the main processes of business continuity management systems (BCMS)
• Individuals interested to pursue a career in business continuity

Learning objectives

• Acknowledge the correlation between ISO 22301 and other standards and regulatory frameworks
• Understand the components and the operation of a BCMS based on ISO 22301 and its principal processes
• Understand the concepts, approaches, methods, and techniques used for the implementation and management of a BCMS

Educational approach

• Lecture sessions include discussion questions and examples.
• The exercises include multiple-choice quizzes.
• The participants are encouraged to intercommunicate and engage in discussion and the completion of quizzes.
• Quizzes are similar to the certificate exam.

The ISO 22301 Introduction training course empowers you to grasp the fundamental concepts of a Business Continuity Management System (BCMS).

Upon completing the ISO 22301 Introduction course, you will appreciate the significance of a Business Continuity Management System and recognize the advantages it offers to businesses, society, and government entities.

Who is this course for?

• Professionals with an interest in Business Continuity Management
• Individuals aiming to acquire knowledge regarding the core processes of a Business Continuity Management System (BCMS)

Learning Objectives

• Comprehend the concepts, methodologies, techniques, and approaches utilized to implement a Business Continuity Management System
• Identify the fundamental components of a Business Continuity Management System

Upon completing this training course, you will be eligible to sit for the examination. Should you successfully pass, you can apply for the “Certified ISO 22301 Lead Implementer” credential. This internationally recognized certificate serves as proof of your professional capability and practical knowledge to implement a Business Continuity Management System (BCMS) in accordance with ISO 22301 requirements within an organization.

Who should attend?

• Project managers and consultants engaged in business continuity
• Expert advisors aiming to master the implementation of a business continuity management system
• Individuals tasked with ensuring organizational conformity to BCMS requirements
• Members of the BCMS team

Learning objectives

• Develop a comprehensive understanding of the concepts, approaches, methods, and techniques used to implement and effectively manage a BCMS
• Learn how to interpret and apply ISO 22301 requirements within the specific context of an organization
• Gain insight into the operation of a business continuity management system and its processes as defined by ISO 22301
• Acquire the necessary knowledge to support an organization in effectively planning, implementing, managing, monitoring, and continually improving a BCMS

Educational approach

• This training course combines theoretical foundations, implementation best practices, and ISO 22301 requirements essential for BCMS implementation.
• Lecture sessions are reinforced with practical exercises derived from case studies, including role-playing and discussions.
• Participants are encouraged to interact actively, engage in discussions, and participate in exercises.
• The exercises mirror the format of the certification exam.

General Information

• Certification fees are included in the exam price. After course completion, you will be able to book the exam.
• Participants receive training materials containing over 450 pages of explanatory information and practical examples.
• An Attendance Record worth 31 CPD (Continuing Professional Development) credits will be issued to participants who attend the training course.
• Candidates who do not pass the exam can retake it within 12 months of the initial attempt at no additional cost.

Objectives

• Acquire a comprehensive understanding of ISO 27001:2023
• Learn how to conduct audits in alignment with the standard
• Explore industry best practices

Course Objectives

• Acquire comprehensive knowledge of ISO 27001:2023 standards.
• Understand the methodology for conducting audits in alignment with the standard.
• Familiarize yourself with industry best practices.

Objectives

• Understand the updates in the ISO 27001 2023 edition
• Learn how to conduct audits in line with the standard
• Discover industry best practices

Why should you attend?

The PECB ISO/IEC 27001 Foundation training equips you with the fundamental knowledge required to implement and manage an Information Security Management System (ISMS) in accordance with ISO/IEC 27001. Throughout this course, you will gain a comprehensive understanding of ISMS components, such as policy formulation, procedural guidelines, performance metrics, executive commitment, internal auditing, management reviews, and strategies for continuous improvement.

Upon successful completion of this course, you will be eligible to sit for the examination and apply for the “PECB Certified ISO/IEC 27001 Foundation” credential. This certificate validates your grasp of the core methodologies, requirements, framework, and management approaches associated with information security.

Who should attend?

• Professionals currently engaged in Information Security Management.
• Individuals aiming to acquire knowledge regarding the primary processes of Information Security Management Systems (ISMS).
• Those aspiring to build a career in Information Security Management.

Educational approach

• Lectures are enriched with practical questions and real-world examples.
• Practical exercises incorporate case studies and interactive discussions.
• Practice tests mirror the format and rigour of the official Certification Exam.

The ISO/IEC 27002 Lead Manager training equips you with the necessary expertise and knowledge to assist organizations in implementing and managing Information Security controls as outlined in ISO/IEC 27002.

Upon completing this course, you will be eligible to take the exam and apply for the “PECB Certified ISO/IEC 27002 Lead Manager” credential. This PECB Lead Manager Certification demonstrates that you have mastered the principles and techniques for implementing and managing Information Security controls based on ISO/IEC 27002.

Who should attend?

• Managers or consultants aiming to implement an Information Security Management System (ISMS) based on ISO/IEC 27001 and ISO/IEC 27002
• Project managers or consultants seeking to master the Information Security Management System implementation process
• Individuals responsible for information security, compliance, risk, and governance within an organization
• Members of information security teams
• Expert advisors in information technology
• Information Security officers
• Privacy officers
• IT professionals
• CTOs, CIOs, and CISOs

Learning objectives

• Master the implementation of Information Security controls by adhering to the framework and principles of ISO/IEC 27002
• Gain a comprehensive understanding of the concepts, approaches, standards, methods, and techniques required for the effective implementation and management of Information Security controls
• Understand the relationship between the components of Information Security controls, including responsibility, strategy, acquisition, performance, conformance, and human behavior
• Recognize the importance of information security for organizational strategy
• Master the implementation of information security management processes
• Master the formulation and implementation of security requirements and objectives

Educational approach

• This training combines theory and practice
• Course sessions include lectures illustrated with examples from real-world cases
• Practical exercises based on case studies
• Review exercises designed to assist with exam preparation
• Practice tests that mimic the certification exam format

General Information

• Certification fees are included in the exam price
• Training materials containing over 500 pages of information and practical examples will be distributed to participants
• Participants will receive a certificate of participation granting 31 CPD (Continuing Professional Development) credits
• In the event of an exam failure, you can retake the exam within 12 months at no additional cost

The ISO/IEC 27005 Lead Risk Manager training equips you with the essential expertise to assist organizations in managing risks associated with all assets pertinent to Information Security, using the ISO/IEC 27005 standard as the reference framework. Throughout this course, you will develop a thorough understanding of the process model required to design and implement an Information Security Risk Management program. Additionally, the training provides deep insights into best practices for risk assessment methodologies, including OCTAVE, EBIOS, MEHARI, and the harmonized TRA. This course also facilitates the implementation of the ISMS framework outlined in the ISO/IEC 27001 standard.

Upon mastering the core concepts of Information Security Risk Management based on ISO/IEC 27005, you will be eligible to sit for the exam and apply for the “PECB Certified ISO/IEC 27005 Lead Risk Manager” credential. Holding a PECB Lead Risk Manager Certificate demonstrates your practical knowledge and professional competence to support and lead teams in managing Information Security Risks.

Who should attend?

• Information Security risk managers
• Members of Information Security teams
• Personnel responsible for Information Security, compliance, and risk within an organization
• Individuals implementing or seeking compliance with ISO/IEC 27001, or those involved in risk management programs
• IT consultants
• IT professionals
• Information Security officers
• Privacy officers

Examination - Duration: 3 hours

The “PECB Certified ISO/IEC 27005 Lead Risk Manager” exam fully complies with the requirements of the PECB Examination and Certification Programme (ECP). The exam assesses the following competency domains:

• Domain 1: Fundamental principles and concepts of Information Security Risk Management
• Domain 2: Implementation of an Information Security Risk Management program
• Domain 3: Information security risk assessment
• Domain 4: Information security risk treatment
• Domain 5: Information security risk communication, monitoring, and improvement
• Domain 6: Information security risk assessment methodologies

General Information

• Certification fees are included in the exam price
• Comprehensive training materials, including over 350 pages of content and practical examples, will be provided
• A participation certificate awarding 21 CPD (Continuing Professional Development) credits will be issued
• In the event of an exam failure, you may retake the exam within 12 months at no additional cost

Information security threats and attacks are constantly evolving and becoming more sophisticated. The most effective defence against these risks lies in the proper implementation and management of information security controls and best practices. Furthermore, robust information security is a critical expectation and requirement for customers, legislators, and other key stakeholders.

This training course is designed to equip participants with the skills needed to implement an Information Security Management System (ISMS) in accordance with ISO/IEC 27001. It aims to provide a thorough understanding of ISMS best practices and establish a framework for its ongoing management and improvement.

Upon completing the training course, participants may sit for the exam. Those who successfully pass can apply for the “PECB Certified ISO/IEC 27001 Lead Implementer” credential, which validates their ability and practical knowledge to implement an ISMS based on the requirements of ISO/IEC 27001.

Who Can Attend?

• Project managers and consultants involved in or concerned with the implementation of an ISMS
• Expert advisors aiming to master the implementation of an ISMS
• Individuals responsible for ensuring conformity to information security requirements within an organization
• Members of an ISMS implementation team

General information

• Certification fees are included in the exam price
• Training material containing over 450 pages of information and practical examples will be distributed
• A participation certificate awarding 31 CPD (Continuing Professional Development) credits will be issued
• In case of exam failure, you can retake the exam within 12 months free of charge

Educational approach

• This training course contains essay-type exercises, multiple-choice quizzes, examples, and best practices used in the implementation of an ISMS.
• The participants are encouraged to communicate with each other and engage in discussions when completing quizzes and exercises.
• The exercises are based on a case study.
• The structure of the quizzes is similar to that of the certification exam.

Learning objectives

This training course will help you:

• Gain a comprehensive understanding of the concepts, approaches, methods, and techniques used for the implementation and effective management of an ISMS
• Acknowledge the correlation between ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks
• Understand the operation of an information security management system and its processes based on ISO/IEC 27001
• Learn how to interpret and implement the requirements of ISO/IEC 27001 in the specific context of an organization
• Acquire the necessary knowledge to support an organization in effectively planning, implementing, managing, monitoring, and maintaining an ISMS

ISO 9001 and ISO 27001 stand as globally recognised benchmarks for Quality Management Systems and Information Security Management Systems, respectively.

Designed for professionals at an intermediate level, this instructor-led live training (available online or on-site) focuses on helping participants accurately interpret these standards and execute internal audits with confidence.

Upon completing this training, attendees will be equipped to:

• Grasp the core principles and specific requirements of ISO 9001 and ISO 27001.
• Apply clause and control interpretations to practical, real-world scenarios.
• Effectively plan and execute internal audits that align with ISO standards.
• Spot nonconformities and propose appropriate corrective actions.

Course Delivery Format

• Engaging lectures and interactive discussions.
• Simulated audit exercises and in-depth case studies.
• Practical analysis of quality and security challenges.

Customisation Options

• For tailored training arrangements, please reach out to us directly.

Who should attend?

• Auditors looking to conduct and lead information security management system (ISMS) audits
• Managers or consultants aiming to master the ISMS audit process
• Professionals responsible for ensuring organizational conformity with ISMS requirements
• Technical experts preparing for information security management system audits
• Advisory specialists in information security management

Learning objectives

Upon completing this training, participants will be capable of:

1. Articulating the core concepts and principles of an ISMS based on ISO/IEC 27001
2. Interpreting ISO/IEC 27001 ISMS requirements from an auditor’s viewpoint
3. Evaluating ISMS conformity with ISO/IEC 27001 standards, aligned with fundamental audit concepts and principles
4. Planning, executing, and closing an ISO/IEC 27001 compliance audit in line with ISO/IEC 17021-1 requirements, ISO 19011 guidelines, and other auditing best practices
5. Managing an ISO/IEC 27001 audit program

Educational approach

• This training integrates theoretical knowledge with best practices from ISMS audits
• Lectures are supported by examples derived from case studies
• Hands-on exercises utilize a case study approach, incorporating role-playing and discussions
• Practice tests mirror the format of the Certification Exam

This instructor-led, live training session in Kenya (available online or onsite) is tailored for intermediate to expert-level IT professionals looking to enhance their competencies and qualifications in information security or allied fields.

By the conclusion of this training, participants will be able to:

• Understand the differences between ISO/IEC 27001:2013 and ISO/IEC 27001:2022.
• Acquire the knowledge and skills required to plan and implement the transition from the 2013 to the 2022 version of the standard efficiently.
• Apply this knowledge in real-world scenarios, thereby facilitating a smooth transition within their respective organizations.