ISO in the Sun 2020 Program in the Sun 2020 Program.pdf · 5 Days - € 1750 - 31 CPDs - Costa...
Transcript of ISO in the Sun 2020 Program in the Sun 2020 Program.pdf · 5 Days - € 1750 - 31 CPDs - Costa...
![Page 1: ISO in the Sun 2020 Program in the Sun 2020 Program.pdf · 5 Days - € 1750 - 31 CPDs - Costa Teguise, Lanzarote, Canary Islands, Spain Next Dates: 20. - 24. April 2020 and 16. -](https://reader035.fdocuments.in/reader035/viewer/2022081612/5f8437ca2b1aa845fe34a979/html5/thumbnails/1.jpg)
ISO in the Sun
SoftQualMTraining
2020Course Program
![Page 2: ISO in the Sun 2020 Program in the Sun 2020 Program.pdf · 5 Days - € 1750 - 31 CPDs - Costa Teguise, Lanzarote, Canary Islands, Spain Next Dates: 20. - 24. April 2020 and 16. -](https://reader035.fdocuments.in/reader035/viewer/2022081612/5f8437ca2b1aa845fe34a979/html5/thumbnails/2.jpg)
More Courses, Dates, T&Cs, Info and Booking:www.ISOintheSun.com or +34 609 124 289
ISO in the SunWelcome to our
Course Program2020
As conformity with the ISO standards and other frameworks increasingly becomes a requirement to do business, management and their staff wonder how to get there.
ISO in the Sun is an ongoing series of courses on Risk, Information Security, Business Continuity, Service, Project and Integrated Management, hosted by in SoftQualMthe beautiful surroundings of Lanzarote in the Canary Islands, Spain.
We believe that the success of training courses is greatly enhanced by an enjoyable learning environment.
Individual as well as Integrated Management Systems addressing Risk, Information Security, Business Continuity, (IT) Services and other areas are getting ever more important for ever more organisations.
This is the ideal opportunity to combine your continuing professional education with a break in the sun.
Alternatively, you can also join our courses live online from wherever you are.
At the end of the training day you can relax at the beach and have dinner outside in one of the many restaurants - just as we do at lunch time - all thanks to the great climate here all year around where Winter doesn’t exist.
We are scheduling more events all the time, so please follow us on social media and our website or get in touch if interested in other subjects and dates.
We limit courses to ten students as well as running courses even with only one or two students.
You learn from instructors with a wealth of real-world experience. As for myself, I travel the world as consultant, auditor and trainer, and love sharing those experiences that often put things into perspective in my courses.
As an added benefit, students regularly confirm that they save significantly coming here compared to attending similar courses in the typical metropolitan settings.
Our Students come from all kinds of industries and sizes of organisations world-wide, from freelance consultants and auditors, SMEs to Multinationals and EU institutions.
Our courses are usually open and hence held in English yet exams often available in multiple languages. Our trainers are however multi-lingual and we can arrange courses eg in German as well as “in-house” in Lanzarote or for self-study. Simply enquire.
We look forward to welcoming you here in Lanzarote
Martin Holzke
SoftQualMTraining
Martin HolzkeFounder of ISO in the Sun
![Page 3: ISO in the Sun 2020 Program in the Sun 2020 Program.pdf · 5 Days - € 1750 - 31 CPDs - Costa Teguise, Lanzarote, Canary Islands, Spain Next Dates: 20. - 24. April 2020 and 16. -](https://reader035.fdocuments.in/reader035/viewer/2022081612/5f8437ca2b1aa845fe34a979/html5/thumbnails/3.jpg)
More Courses, Dates, T&Cs, Info and Booking:www.ISOintheSun.com or +34 609 124 289
Spring 2020 Schedule Overview
SoftQualMTraining
Ÿ IMS Lead Auditor20. - 24. April 2020 (5 Days) - € 1750
Information Security
Business Continuity
Ÿ PECB EU General Data Protection Regulation (GDPR) Data Protection Officer6. - 10. April 2020 (5 Days) - € 1750
Ÿ PECB ISO/IEC 27001 Information Security Management System (ISMS) Lead Auditor30. March - 3. April 2020 (5 Days) - € 1750
Ÿ PECB ISO/IEC 27701 Privacy Information Management System (PIMS) Lead Implementer27. April - 1. May 2020 (5 Days) - € 1750
Ÿ PECB ISO/IEC 20000 Service Management System (SMS) Lead Auditor16. - 20. March 2020 (5 Days) - € 1750
Service Management
Ÿ PECB ISO/IEC 20000 Service Management System (SMS) Lead Implementer4. - 8. May 2020 (5 Days) - € 1750
Ÿ PECB ISO 22301 Business Continuity Management System (BCMS) Lead Implementer2. - 6. March 2020 (5 Days) - € 1750
Integrated Management Systems (IMS)
Ÿ PECB ISO/IEC 27001 Information Security Management System (ISMS) Lead Implementer23. - 27. March 2020 (5 Days) - € 1750
Ÿ PECB ISO 22301 Business Continuity Management System (BCMS) Lead Auditor25. - 29. May 2020 (5 Days) - € 1750
Technical Courses
Ÿ PRINCE2 Practitioner23. - 24. April 2020 (2 Days) - € 1100
Ÿ PRINCE2 Foundation + Practitioner20. - 24. April 2020 (5 Days) - € 2100
Ÿ Managing Cyber Security Risk and Resilience25. - 29. May 2020 (5 Days) - € 1750
Ÿ Third Party Supplier and Vendor Risk Management18. - 22. May 2020 (5 Days) - € 1750
Ÿ PRINCE2 Foundation20. - 22. April 2020 (3 Days) - € 1300
Ÿ Installing, Configuring and Managing a Windows Server 2016 Public Key Infrastructure6 - 10. April 2020 (5 Days) - € 1950
Project Management
Risk Management
Ÿ PECB ISO 31000 Risk Manager14. - 16. April 2020 (3 Days) - € 1100
Ÿ PECB ISO/IEC 27005 Information Security Risk Manager24. - 26. February 2020 (3 Days) - € 1100
![Page 4: ISO in the Sun 2020 Program in the Sun 2020 Program.pdf · 5 Days - € 1750 - 31 CPDs - Costa Teguise, Lanzarote, Canary Islands, Spain Next Dates: 20. - 24. April 2020 and 16. -](https://reader035.fdocuments.in/reader035/viewer/2022081612/5f8437ca2b1aa845fe34a979/html5/thumbnails/4.jpg)
More Courses, Dates, T&Cs, Info and Booking:www.ISOintheSun.com or +34 609 124 289
Autumn 2020 Schedule Overview
SoftQualMTraining
Ÿ CISSP Bootcamp9. - 13. November 2020 (5 Days) - € 2450
Ÿ IMS Lead Auditor16. - 20. November 2020 (5 Days) - € 1750
Ÿ PECB EU General Data Protection Regulation (GDPR) Data Protection Officer9. - 13. November 2020 (5 Days) - € 1750
Integrated Management Systems (IMS)
Ÿ PECB ISO/IEC 27701 Privacy Information Management System (PIMS) Lead Implementer28. September - 2. October 2020 (5 Days) - € 1750
Ÿ PECB ISO/IEC 27001 Information Security Management System (ISMS) Lead Implementer21. - 25. September 2020 (5 Days) - € 1750
Information Security
Ÿ PECB ISO 22301 Business Continuity Management System (BCMS) Lead Implementer23. - 27. November 2020 (5 Days) - € 1750
Ÿ PECB ISO/IEC 20000 Service Management System (SMS) Lead Implementer12. - 16. October 2020 (5 Days) - € 1750
Ÿ PECB ISO/IEC 27001 Information Security Management System (ISMS) Lead Auditor7. - 11. September 2020 (5 Days) - € 1750
Service Management
Ÿ PECB ISO/IEC 20000 Service Management System (SMS) Lead Auditor19. - 23. October 2020 (5 Days) - € 1750
Business Continuity
Ÿ PECB ISO 22301 Business Continuity Management System (BCMS) Lead Auditor30. November - 4. December 2020 (5 Days) - € 1750
Risk Management
Ÿ PECB ISO 31000 Risk Manager28. - 30. October 2020 (3 Days) - € 1100
Ÿ PECB ISO/IEC 27005 Information Security Risk Manager2. - 4. November 2020 (3 Days) - € 1100
Ÿ Managing Cyber Security Risk and Resilience5. - 9. October 2020 (5 Days) - € 1750
Ÿ Installing, Configuring and Managing a Windows Server 2016 Public Key Infrastructure2 - 6. November 2020 (5 Days) - € 1950
Technical Courses
Project Management
Ÿ Third Party Supplier and Vendor Risk Management12. - 16. October 2020 (5 Days) - € 1750
Ÿ PRINCE2 Foundation26. - 28. October 2020 (3 Days) - € 1300
Ÿ PRINCE2 Practitioner29. - 30. October 2020 (2 Days) - € 1100
Ÿ PRINCE2 Foundation + Practitioner26. - 30. October 2020 (5 Days) - € 2100
![Page 5: ISO in the Sun 2020 Program in the Sun 2020 Program.pdf · 5 Days - € 1750 - 31 CPDs - Costa Teguise, Lanzarote, Canary Islands, Spain Next Dates: 20. - 24. April 2020 and 16. -](https://reader035.fdocuments.in/reader035/viewer/2022081612/5f8437ca2b1aa845fe34a979/html5/thumbnails/5.jpg)
More Courses, Dates, T&Cs, Info and Booking:www.ISOintheSun.com or +34 609 124 289
Next Dates: 20. - 24. April 2020 and 16. - 20. November 2020
5 Days - € 1750 - 31 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
This five day course provides an overview to the structure of an Integrated Management System (IMS) based on ISO/IEC Annex L,
and how to audit the same internally or in the context of certification.
Integrated Management System (IMS)Lead Auditor
Overview
At the same time, the course explains processes, methods and skills required to allow an auditor to assess such an IMS all the way through to certification in line with relevant ISO (certification) standards, in particular ISO/IEC 17021-1:2015 and ISO 19011:2018.
Ÿ Audit Methods
Ÿ Audit Methods - Part 1: Document Review, InterviewŸ IMS Element 3: Support (Annex L clause 7)
The course consists of a mix of presentation, discussion and exercises based on real-world examples.
This five day course introduces the structure of an Integrated Management System (IMS) derived from ISO/IEC's normative Annex L (Proposals for management system standards) as well as specific requirements of relevant ISO Standards implementing Annex L, namely ISO 9001:2015, ISO 14001:2015, ISO 45001:2018, ISO/IEC 20000-1:2018, ISO 22301:2019 and ISO/IEC 27001:2013, and how to add any further applicable requirements, eg PCI-DSS, SOX, GDPR etc.
Outline
Introducing IMS-Auditing
Assessing Elements of an IMS Ÿ IMS Element 1: Leadership (Annex L clause 5)
Ÿ The ISO Management System Audit ApproachŸ Setting the Scene: ISO Management Systems
Ÿ IMS Element 2: Context of the Organisation (Annex L clause 4)
Ÿ Audit Principles
Ÿ IMS Element 6: Performance Evaluation (Annex L clause 9)
Ÿ Certification Process per ISO/IEC 17021-1:2015 et al
Ÿ IMS Element 4: Planning (Annex L clause 6)
Ÿ IMS Element 7: Improvement (Annex L clause 10)
Auditing an IMS
Ÿ Overview of the different Types of Audits
Ÿ IMS Element 5: Operation (Annex L clause 8)
Ÿ IMS Element 8: Management Review (Annex L clause 9.3)
Ÿ Audit Methods - Part 2: Observation, Sampling
Ÿ Audit Methods - Part 3: Corroboration
Ÿ Audit Skills
Ÿ Recognise the range of different audit types, criteria and objectives
Ÿ Manage IMS audit teams
Objectives
Completion of this course will enable students toŸ Describe core processes of an Annex L based IMSŸ Identify additional specific requirements based on
the chosen IMS scope
Ÿ Understand applicable audit methods and develop skills to apply these
Ÿ Execute audit aspect of the certification process
Audience
Prerequisites
Some past exposure to management systems and / or audits helpful, but not required.
Examination and Certification
The course ends with a three hour written essay-style exam on the last day available in multiple languages.
Ÿ Performing self-assessments, pre-cert or internal audits of an IMS
Exam and first year certification fees are included in the course fees.
This course is aimed at students tasked with
Ÿ Acting as (lead) auditor on behalf of a certification body
General understanding of common business processes.
This course has been designed by and SoftQualMpartners, who also mark the exam and issue the IMS Lead Auditor certification in accordance with ISO/IEC 17024:2012.
Ÿ Assessing an organisation's processes as part of implementing an IMS
SoftQualMTraining
![Page 6: ISO in the Sun 2020 Program in the Sun 2020 Program.pdf · 5 Days - € 1750 - 31 CPDs - Costa Teguise, Lanzarote, Canary Islands, Spain Next Dates: 20. - 24. April 2020 and 16. -](https://reader035.fdocuments.in/reader035/viewer/2022081612/5f8437ca2b1aa845fe34a979/html5/thumbnails/6.jpg)
More Courses, Dates, T&Cs, Info and Booking:www.ISOintheSun.com or +34 609 124 289
PECB ISO/IEC 27001 Information Security Management System (ISMS) Lead Auditor
5 Days - € 1750 - 31 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
Next Dates: 30. March - 3. April 2020 and 7. - 11. September 2020
This five day course provides an overview to the structure of an Information Security Management System (ISMS) based on ISO/IEC 27001:2013,
and how to audit the same internally or in the context of certification.
Ÿ Fundamental Audit Concepts and Principles
Ÿ Documenting Nonconformities
Ÿ Preparation of an ISO/IEC 27001:2013 Certification AuditŸ ISMS Documentation Audit
Concluding and Follow-up of the Audit
Ÿ Fundamental Principles of Information Security
Ÿ Formulation of Audit Findings
Ÿ Conducting an Opening Meeting
Ÿ ISO/IEC 27001:2013 Certification Process
Ÿ Clauses of ISO/IEC 27001:2013
Ÿ Audit Test Plans
Ÿ Audit Documentation
The course consists of a mix of presentation, discussion and exercises based on real-world examples.
Ÿ Conducting a Closing Meeting and Conclusion of the AuditŸ Evaluation of Corrective Action Plans
Overview
This five day course enables participants to develop the necessary expertise to audit an Information Security Management System against ISO/IEC 27001:2013 and to manage a team of auditors by applying widely recognized audit principles, procedures and techniques.
During this training, the participants will acquire the necessary knowledge and skills to proficiently plan and perform internal and external audits in compliance with ISO 19011:2018, as well as understanding the certification process according to ISO/IEC 17021-1:2015 and ISO/IEC 27006:2015.
Outline
Introduction to ISMS Concepts per ISO/IEC 27001:2013Ÿ Normative, Regulatory and Legal Framework
Ÿ Information Security Management System (ISMS)
Planning and Initiating the Audit
Ÿ Audit Approach based on Evidence and Risk
Conducting the AuditŸ Communication during the AuditŸ Audit procedures: Observation, Document Review, Interview,
Sampling, Technical Verification, Corroboration and Evaluation
Ÿ Quality Review
Ÿ Surveillance and Re-Certification AuditsŸ Internal Audit Management Program
Ÿ Manage ISMS audit teams
Ÿ IT and information security practitioners moving into audit roles
Ÿ Execute ISO/IEC 27001:2013 certification audits on behalf of a certification body
Exam and first year certification fees are included in the course fees.
Completion of this course will enable students toŸ Understand the principles of an ISMS conforming to
ISO/IEC 27001:2013
This course is aimed at students with (future) roles like
Objectives
Ÿ Perform ISO/IEC 27001:2013 internal audits
Ÿ Internal auditorsŸ ISMS certification auditorsŸ Project managers, consultants and information
security team members participating in ISMS audits
Audience
Prerequisites
Some past exposure to information or IT security, management systems and audits helpful, but not required.
Examination and Certification
The course ends with a three hour written essay-style exam on the last day available in multiple languages.
General understanding of common business processes.
This course is designed by PECB in Canada, who also mark the exam and issue respective certifications as per their criteria. PECB is a personnel certification body, accredited to ISO/IEC 17024:2012 by IAS. See www.pecb.com for full details.
SoftQualMTraining
![Page 7: ISO in the Sun 2020 Program in the Sun 2020 Program.pdf · 5 Days - € 1750 - 31 CPDs - Costa Teguise, Lanzarote, Canary Islands, Spain Next Dates: 20. - 24. April 2020 and 16. -](https://reader035.fdocuments.in/reader035/viewer/2022081612/5f8437ca2b1aa845fe34a979/html5/thumbnails/7.jpg)
More Courses, Dates, T&Cs, Info and Booking:www.ISOintheSun.com or +34 609 124 289
PECB ISO/IEC 27001 Information Security
This five day course provides an overview to the structure of an Information Security Management System (ISMS) based on ISO/IEC 27001:2013,
and how to implement the same in an organisation, eg for the purpose of certification.
5 Days - € 1750 - 31 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
Management System (ISMS) Lead Implementer
Next Dates: 23. - 27. March 2020 and 21. - 25. September 2020
Overview
This five day course enables participants to develop the necessary expertise to support an organisation in implementing and managing an Information Security Management System based on ISO/IEC 27001:2013.
Participants will also gain a thorough understanding of best practices used to implement information security controls from all areas of ISO/IEC 27002:2013.
Ÿ Internal Audit, Management Review and Corrective Actions
This training incorporates project management practices as well as further guidance from elsewhere in the ISO/IEC 27000 family of standards, eg ISO/IEC 27003 (Implementation), ISO/IEC 27004 (Measurements), ISO/IEC 27005 (Risk Management) etc.
Introduction to ISMS Concepts per ISO/IEC 27001:2013
Ÿ Development of Information Security Policies
Ÿ Drafting the Statement of Applicability
Ÿ Implementation of a Document Management Framework
Outline
Ÿ Fundamental Principles of Information Security
Ÿ Gap Analysis, Business Case and Project Plan
Implementing the ISMS
Ÿ Development of a Communication, Training & Awareness Program
Planning and Initiating the ISMS Implementation
Performance Evaluation and Improving the ISMSŸ Monitoring the ISMS with Metrics, Performance Indicators etc
Ÿ Information Security Management System (ISMS)
The course consists of a mix of presentation, discussion and exercises based on real-world examples.
Ÿ Clauses of ISO/IEC 27001:2013
Ÿ Design of Controls and Writing Procedures
Ÿ Normative, Regulatory and Legal Framework
Ÿ Operations Management of the ISMS
Ÿ Defining Scope and Objectives of the ISMS
Ÿ Implementation of Controls based ISO/IEC 27001:2013 Annex A
Ÿ Implementation of a Continual Improvement Program
Ÿ Risk Management: Approach, Methodology, Identification, Analysis, Evaluation and Treatment of Risk
Ÿ Incident Management
Ÿ Preparing for the Certification Audit
Objectives
Completion of this course will enable students toŸ Understand the principles of an ISMS conforming to
ISO/IEC 27001:2013, including the relationship between its components, eg risk management, controls, requirements of interested parties
Ÿ Apply concepts, approaches, standards, methods and techniques for the effective operation of an ISMS
Ÿ Advise organisations on ISMS best practices Ÿ Manage teams implementing ISO/IEC 27001:2013
Audience
This course is aimed at students with (future) roles like Ÿ Project managers, consultants and team members
implementing an ISMSŸ (IT) Professionals moving into ISMS operation Ÿ CxO and senior managers of an ISMS scope
General understanding of common business processes.
This course is designed by PECB in Canada, who also mark the exam and issue respective certifications as per their criteria. PECB is a personnel certification body, accredited to ISO/IEC 17024:2012 by IAS. See www.pecb.com for full details.
Examination and Certification
The course ends with a three hour written essay-style exam on the last day available in multiple languages.
Some past exposure to information or IT security, management systems and / or project management helpful, but not required.
Exam and first year certification fees are included in the course fees.
Ÿ Auditors requiring more ISMS implementation insight
Prerequisites
SoftQualMTraining
![Page 8: ISO in the Sun 2020 Program in the Sun 2020 Program.pdf · 5 Days - € 1750 - 31 CPDs - Costa Teguise, Lanzarote, Canary Islands, Spain Next Dates: 20. - 24. April 2020 and 16. -](https://reader035.fdocuments.in/reader035/viewer/2022081612/5f8437ca2b1aa845fe34a979/html5/thumbnails/8.jpg)
More Courses, Dates, T&Cs, Info and Booking:www.ISOintheSun.com or +34 609 124 289
Management System (PIMS) Lead Implementer
Next Dates: 27. April - 1. May 2020 and 28. September - 2. October 2020
5 Days - € 1750 - 31 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
PECB ISO/IEC 27701 Privacy Information
This five day course provides an overview to the structure of an Privacy Information Management System (PIMS) based on ISO/IEC 27701:2019,
and how to implement the same in an organisation, eg for the purpose of certification.
Ÿ Selection of Controls
Ÿ Monitoring the PIMS with Metrics, Performance Indicators etc
Ÿ Implementation of Controls
Ÿ Privacy Impact AssessmentŸ PIMS Statement of Applicability
Ÿ Implementation of Controls specific to Controllers of Personally Identifiable Information (PII)
Overview
Ÿ Implementation of Controls specific to PII
Planning the PIMS Implementation
Moreover, participants will gain a comprehensive understanding of best practices of privacy information management and learn how to manage and process data while complying with various data privacy regimes.
The course consists of a mix of presentation, discussion and exercises based on real-world examples.
Ÿ Normative, Regulatory and Legal Framework
Ÿ PIMS Scope and Privacy Policy
Participants will also gain a thorough understanding of requirements and guidance of ISO/IEC 27701:2019 as well as their relationship ISO/IEC 27001:2013 et al and thus that between a PIMS and an ISMS.
Ÿ Fundamental Principles of Information Security and Privacy
Ÿ Documentation Management
Implementing the PIMS
Ÿ Awareness, Training und Communication
Ÿ Internal Audit, Management Review and Corrective ActionsŸ Continual Improvement
This five day course enables participants to develop the necessary expertise to support an organisation in implementing and managing an Privacy Information Management System based on ISO/IEC 27701:2019.
Outline
Ÿ Privacy Information Management System (PIMS)
Introduction to PIMS Concepts per ISO/IEC 27701:2019
Ÿ Privacy Risk Assessment
Performance Evaluation and Improving the PIMS
Ÿ Preparing for the Certification Audit
Ÿ Project managers, consultants and team members implementing privacy and data management
Ÿ Understand the principles of a PIMS conforming to ISO/IEC 27701:2019, including the relationship to and ISMS, ISO/IEC 27001:2013, ISO/IEC 27002:2013 etc and regulatory frameworks
Objectives
Completion of this course will enable students to
Audience
Ÿ CxO and senior managers of a PIMS and ISMS scope
Ÿ Apply concepts, approaches, standards, methods and techniques for the effective operation of an PIMS
Ÿ Auditors requiring more PIMS implementation insight
General understanding of common business processes.
Prerequisites
This course is designed by PECB in Canada, who also mark the exam and issue respective certifications as per their criteria. PECB is a personnel certification body, accredited to ISO/IEC 17024:2012 by IAS. See www.pecb.com for full details.
This course is aimed at students with (future) roles like
Ÿ Data and privacy officers
Ÿ Manage teams implementing ISO/IEC 27701:2019
Some past exposure to information or IT security, management systems and / or project management helpful, but not required.
Ÿ Advise organisations on PIMS best practices
Exam and first year certification fees are included in the course fees.
Examination and Certification
The course ends with a three hour written essay-style exam on the last day available in multiple languages.
SoftQualMTraining
![Page 9: ISO in the Sun 2020 Program in the Sun 2020 Program.pdf · 5 Days - € 1750 - 31 CPDs - Costa Teguise, Lanzarote, Canary Islands, Spain Next Dates: 20. - 24. April 2020 and 16. -](https://reader035.fdocuments.in/reader035/viewer/2022081612/5f8437ca2b1aa845fe34a979/html5/thumbnails/9.jpg)
More Courses, Dates, T&Cs, Info and Booking:www.ISOintheSun.com or +34 609 124 289
PECB EU General Data Protection Regulation (GDPR)Data Protection Officer
Next Dates: 6. - 4. April 2020 and 9. - 13. November 2020
This five day course provides an overview to the requirements of the GDPR in force and applicable since of 25. May 2018,
and how to implement the same in an organisation dealing with data subjects in the European Union.
5 Days - € 1750 - 31 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
Ÿ Fundamental Principles of the GDPR
Outline
Overview
Ÿ Data Protection PolicyŸ Definition of the Organizational StructureŸ Data Classification
By mastering all the necessary concepts of EU General Data Protection Regulation (GDPR), participants will gain a thorough understanding of the gap between the GDPR and the current organizational processes including privacy policies, procedures, working instructions, consent forms, data protection impact assessments, in order to assists organisations in the adoption process to the new regulation.
The course consists of a mix of presentation, discussion and exercises based on real-world examples.
Ÿ Initiating the GDPR ImplementationŸ Understanding the Organisation
Ÿ Analysis of the Existing System
Introduction to GDPR Essentials
Planning the Implementation of the GDPR
This five day course enables participants to develop the necessary knowledge, skills and competence to effectively implement and manage a compliance framework with regards to the protection of personal data.
Ÿ Leadership and Project Approval
Ÿ Clarifying the Data Protection Objectives
Monitoring and Improving the GDPR compliance
Deploying the GDPR
Ÿ Communication, Training and Awareness Plan
Ÿ Operations and Incident Management
Ÿ Definition of the Document Management Process
Ÿ Risk Assessment under the GDPR
Ÿ Data Breaches and Corrective ActionsŸ Continual Improvement
Ÿ Internal Audit
Ÿ Design of Security Controls and Drafting of Specific PoliciesŸ Privacy Impact Assessment (PIA)
Ÿ Monitoring, Measurement, Analysis and Evaluation
Ÿ Implementation of Controls
Objectives
Completion of this course will enable students toŸ Gain a comprehensive understanding of the
concepts and approaches of the GDPR
Ÿ Data Protection Officers and senior managers responsible for the personal data protection
Examination and Certification
General understanding of common business processes.
Prerequisites
This course is designed by PECB in Canada, who also mark the exam and issue respective certifications as per their criteria. PECB is a personnel certification body, accredited to ISO/IEC 17024:2012 by IAS. See www.pecb.com for full details.
This course is aimed at students with (future) roles like
Ÿ Understand the new requirements that the GDPR brings for EU and non-EU organisations and when it is necessary to implement them
Ÿ Gain the knowledge and skills required to advise organisations how to manage personal data
The course ends with a three hour written essay-style exam on the last day available in multiple languages.
Audience
Exam and first year certification fees are included in the course fees.
Ÿ Members of information security, incident management and business continuity teams
Some past exposure to data protection helpful, but not required.
Ÿ Manage a team implementing the GDPR
Ÿ Project managers, consultants, advisors and team members implementing the GDPR
SoftQualMTraining
![Page 10: ISO in the Sun 2020 Program in the Sun 2020 Program.pdf · 5 Days - € 1750 - 31 CPDs - Costa Teguise, Lanzarote, Canary Islands, Spain Next Dates: 20. - 24. April 2020 and 16. -](https://reader035.fdocuments.in/reader035/viewer/2022081612/5f8437ca2b1aa845fe34a979/html5/thumbnails/10.jpg)
More Courses, Dates, T&Cs, Info and Booking:www.ISOintheSun.com or +34 609 124 289
CISSP Bootcamp5 Days - € 2450 - 31 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
Next Dates: 9. - 13. November 2020
This 5 day course will prepare for the CISSP exam Certified Information Systems Security Professional, covering the entire CBK (Common Body of Knowledge) as defined by (ISC)2.
The CISSP certification is recognized worldwide.
Several types of activities are used throughout the course to reinforce topics and increase knowledge retention. These activities include open ended questions from the instructor to the students, matching and poll questions, group activities, open/closed questions, and group discussions. the interactive learning technique is based on sound adult learning theories.
Overview
This training provides a comprehensive review of information security concepts and industry best practices, covering the 8 domains of CISSP CBK (Common Body of Knowledge).
Outline
Asset Security
This training course will help candidates review and refresh their information security knowledge and help identify areas they need to study for the CISSP exam and features
Security Operations
Security Assessment and Testing
Security Engineering
Security and Risk Management
Software Development Security
Identity and Access Management
Communications and Network Security
The vendor-neutral CISSP certification is the ideal credential for those with proven deep technical and managerial competence, skills, experience, and credibility to design, engineer, implement, and manage their overal information security program to protect organizations from growing sophisticated attacks.
Examination and Certification
This course is aimed at students with (future) roles like
Ÿ Apply the skills learned across the 8 domains to solve security problems when you return to work
Completion of this course will enable students to
Ÿ Understand and explain all of the concepts covered in the 8 domains of knowledge
Audience
Objectives
Ÿ Security Consultants, Security Managers, IT Director/Managers,
Ÿ Security Auditors, Security Architects,
Ÿ Chief Information Security Officers, Directors of Security etc.
Ÿ Understand the 8 domains of knowledge that are covered on the CISSP exam
Prerequisites
This course has been designed and is delivered by Nitroxis and their trainers.
Note: this course does not include the CISSP exam. This has to be taken at the dedicated test facilities as defined by (ISC)2.
Ÿ Apply the knowledge and testing skills learned in class to pass the CISSP exam
Ÿ Security Analysts, Security Systems Engineers, Network Architects,
Basic knowledge of Information Systems is recommended.
Ÿ Analyse questions on the exam and be able to select the correct answer
Minimum of four students are required to run this course.
SoftQualMTraining
![Page 11: ISO in the Sun 2020 Program in the Sun 2020 Program.pdf · 5 Days - € 1750 - 31 CPDs - Costa Teguise, Lanzarote, Canary Islands, Spain Next Dates: 20. - 24. April 2020 and 16. -](https://reader035.fdocuments.in/reader035/viewer/2022081612/5f8437ca2b1aa845fe34a979/html5/thumbnails/11.jpg)
More Courses, Dates, T&Cs, Info and Booking:www.ISOintheSun.com or +34 609 124 289
PECB ISO 22301 Business Continuity Management System (BCMS) Lead Auditor
5 Days - € 1750 - 31 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
Next Dates: 25. - 29. May 2020 and 30. November - 4. December 2020
This five day course provides an overview to the structure of a Business Continuity Management System (BCMS) based on ISO 22301:2019,
and how to audit the same internally or in the context of certification.
Ÿ Conducting a Closing Meeting and Conclusion of the Audit
Ÿ Internal Audit Management ProgramŸ Surveillance and Re-Certification Audits
Ÿ Quality Review
Ÿ Evaluation of Corrective Action Plans
This five day course enables participants to develop the necessary expertise to audit a Business Continuity Management System against ISO 22301:2019 and to manage a team of auditors by applying widely recognized audit principles, procedures and techniques.
During this training, the participants will acquire the necessary knowledge and skills to proficiently plan and perform internal and external audits in compliance with ISO 19011:2018, as well as understanding the certification process according to ISO/IEC 17021-1:2015.
Introduction to BCMS Concepts per ISO 22301:2019
The course consists of a mix of presentation, discussion and exercises based on real-world examples.
Outline
Ÿ Normative, Regulatory and Legal FrameworkŸ Fundamental Principles of Business ContinuityŸ ISO 22301:2019 Certification Process
Overview
Ÿ Business Continuity Management System (BCMS)
Ÿ Audit procedures: Observation, Document Review, Interview, Sampling, Technical Verification, Corroboration and Evaluation
Ÿ Audit Approach based on Evidence and RiskŸ Preparation of an ISO 22301:2019 Certification Audit
Ÿ Fundamental Audit Concepts and Principles
Conducting the Audit
Ÿ Clauses of ISO 22301:2019
Ÿ Conducting an Opening Meeting
Ÿ Audit Test PlansŸ Formulation of Audit Findings Ÿ Documenting Nonconformities
Ÿ Communication during the Audit
Planning and Initiating the Audit
Concluding and Follow-up of the AuditŸ Audit Documentation
Ÿ BCMS Documentation Audit
Ÿ Perform ISO 22301:2019 internal audits
Ÿ Internal auditors
Ÿ Manage BCMS audit teams
Examination and Certification
Ÿ BCMS certification auditorsŸ Project managers, consultants and business
continuity team members participating in BCMS audits
Completion of this course will enable students to
General understanding of common business processes.
Objectives
Ÿ Understand the principles of a BCMS conforming to ISO 22301:2019
Ÿ Execute ISO 22301:2019 certification audits on behalf of a certification body
Audience
This course is aimed at students with (future) roles like
Ÿ Business continuity practitioners moving into audit roles
Prerequisites
Some past exposure to business continuity, management systems and audits helpful, but not required.
The course ends with a three hour written essay-style exam on the last day available in multiple languages.
This course is designed by PECB in Canada, who also mark the exam and issue respective certifications as per their criteria. PECB is a personnel certification body, accredited to ISO/IEC 17024:2012 by IAS. See www.pecb.com for full details.
Exam and first year certification fees are included in the course fees.
SoftQualMTraining
![Page 12: ISO in the Sun 2020 Program in the Sun 2020 Program.pdf · 5 Days - € 1750 - 31 CPDs - Costa Teguise, Lanzarote, Canary Islands, Spain Next Dates: 20. - 24. April 2020 and 16. -](https://reader035.fdocuments.in/reader035/viewer/2022081612/5f8437ca2b1aa845fe34a979/html5/thumbnails/12.jpg)
More Courses, Dates, T&Cs, Info and Booking:www.ISOintheSun.com or +34 609 124 289
5 Days - € 1750 - 31 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
This five day course provides an overview to the structure of a Business Continuity Management System (BCMS) based on ISO 22301:2019,
and how to implement the same in an organisation, eg for the purpose of certification.
PECB ISO 22301 Business Continuity Management System (BCMS) Lead Implementer
Next Dates: 2. - 6. March 2020 and 23. - 27. November 2020
Ÿ Implementation of a Document Management Framework
Outline
Ÿ Fundamental Principles of Business ContinuityŸ ISO 22301:2019 Certification Process
Ÿ Incident and Emergency Management
Overview
Introduction to BCMS Concepts per ISO 22301:2019Ÿ Normative, Regulatory and Legal Framework
Participants will also gain a thorough understanding of best practices used to implement business continuity processes from the ISO 22399.
This training incorporates project management practices as well as links to aspects of the predecessor standard BS 25999.
The course consists of a mix of presentation, discussion and exercises based on real-world examples.
Ÿ Business Continuity Management System (BCMS)Ÿ Clauses of ISO 22301:2019
Ÿ Gap Analysis, Business Case and Project PlanŸ Defining Scope and Objectives of the BCMSŸ Development of Business Continuity PoliciesŸ Business Impact Analysis (BIA) and Risk Assessment
Ÿ Operations Management of the BCMS
Implementing the BCMS
Performance Evaluation and Improving the BCMS
Ÿ Implementation of a Continual Improvement Program
Ÿ Monitoring the BCMS with Metrics, Performance Indicators etc
Planning and Initiating the BCMS Implementation
Ÿ Implementation of Business Continuity ProcessesŸ Development of a Communication, Training & Awareness Program
Ÿ Internal Audit, Management Review and Corrective Actions
Ÿ Preparing for the Certification Audit
This five day course enables participants to develop the necessary expertise to support an organisation in implementing and managing a Business Continuity Management System based on ISO 22301:2019.
Ÿ Design of Business Continuity Processes and Writing Procedures
Prerequisites
Exam and first year certification fees are included in the course fees.
Ÿ Manage teams implementing ISO 22301:2019
Ÿ (IT) Professionals moving into BCMS operation
Ÿ Apply concepts, approaches, standards, methods and techniques for the effective operation of a BCMS
General understanding of common business processes.
This course is aimed at students with (future) roles like
Some past exposure to business continuity, management systems and / or project management helpful, but not required.
Objectives
Ÿ CxO and senior managers of a BCMS scope
Ÿ Project managers, consultants and team members implementing a BCMS
Ÿ Auditors requiring more BCMS implementation insight
Examination and Certification
This course is designed by PECB in Canada, who also mark the exam and issue respective certifications as per their criteria. PECB is a personnel certification body, accredited to ISO/IEC 17024:2012 by IAS. See www.pecb.com for full details.
Completion of this course will enable students toŸ Understand the principles of a BCMS conforming to
ISO 22301:2019, including the relationship between its components, eg risk management, requirements of interested parties
Ÿ Advise organisations on BCMS best practices
Audience
The course ends with a three hour written essay-style exam on the last day available in multiple languages.
SoftQualMTraining
![Page 13: ISO in the Sun 2020 Program in the Sun 2020 Program.pdf · 5 Days - € 1750 - 31 CPDs - Costa Teguise, Lanzarote, Canary Islands, Spain Next Dates: 20. - 24. April 2020 and 16. -](https://reader035.fdocuments.in/reader035/viewer/2022081612/5f8437ca2b1aa845fe34a979/html5/thumbnails/13.jpg)
More Courses, Dates, T&Cs, Info and Booking:www.ISOintheSun.com or +34 609 124 289
5 Days - € 1750 - 31 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
PECB ISO/IEC 20000 Service Management System (SMS) Lead Auditor
Next Dates: 16. - 20. March 2020 and 19. - 23. October 2020
This five day course provides an overview to the structure of a Service Management System (SMS) based on ISO/IEC 20000-1:2018,
and how to audit the same internally or in the context of certification.
Overview
The course consists of a mix of presentation, discussion and exercises based on real-world examples.
Introduction to SMS Concepts per ISO/IEC 20000-1:2018Ÿ Normative, Regulatory and Legal FrameworkŸ Fundamental Principles of Service Management
During this training, the participants will acquire the necessary knowledge and skills to proficiently plan and perform internal and external audits in compliance with ISO 19011:2018, as well as understanding the certification process according to ISO/IEC 17021-1:2015.
Outline
Ÿ ISO/IEC 20000-1:2018 Certification ProcessŸ Service Management System (SMS)Ÿ Clauses of ISO/IEC 20000-1:2018
Planning and Initiating the Audit Ÿ Fundamental Audit Concepts and Principles
This five day course enables participants to develop the necessary expertise to audit a Service Management System against ISO/IEC 20000-1:2018 and to manage a team of auditors by applying widely recognized audit principles, procedures and techniques.
Ÿ Audit Approach based on Evidence and RiskŸ Preparation of an ISO/IEC 20000-1:2018 Certification AuditŸ SMS Documentation AuditŸ Conducting an Opening Meeting
Conducting the Audit
Ÿ Surveillance and Re-Certification AuditsŸ Evaluation of Corrective Action Plans
Ÿ Audit Test Plans
Ÿ Audit procedures: Observation, Document Review, Interview, Sampling, Technical Verification, Corroboration and Evaluation
Ÿ Quality Review
Ÿ Communication during the Audit
Ÿ Formulation of Audit Findings Ÿ Documenting Nonconformities
Concluding and Follow-up of the AuditŸ Audit Documentation
Ÿ Conducting a Closing Meeting and Conclusion of the Audit
Ÿ Internal Audit Management Program
Ÿ Internal auditors
General understanding of common business processes.
Exam and first year certification fees are included in the course fees.
Ÿ Execute ISO/IEC 20000-1:2018 certification audits on behalf of a certification body
Ÿ IT and service management practitioners moving into audit roles
The course ends with a three hour written essay-style exam on the last day available in multiple languages.
Ÿ Understand the principles of a SMS conforming to ISO/IEC 20000-1:2018
Prerequisites
Ÿ Project managers, consultants and service management team members participating in SMS audits
Some past exposure to service management, management systems and / or audits helpful, but not required.
Ÿ Manage SMS audit teams
This course is designed by PECB in Canada, who also mark the exam and issue respective certifications as per their criteria. PECB is a personnel certification body, accredited to ISO/IEC 17024:2012 by IAS. See www.pecb.com for full details.
Completion of this course will enable students to
Ÿ Perform ISO/IEC 20000-1:2018 internal audits
Objectives
Audience
This course is aimed at students with (future) roles like
Ÿ SMS certification auditors
Examination and Certification
SoftQualMTraining
![Page 14: ISO in the Sun 2020 Program in the Sun 2020 Program.pdf · 5 Days - € 1750 - 31 CPDs - Costa Teguise, Lanzarote, Canary Islands, Spain Next Dates: 20. - 24. April 2020 and 16. -](https://reader035.fdocuments.in/reader035/viewer/2022081612/5f8437ca2b1aa845fe34a979/html5/thumbnails/14.jpg)
More Courses, Dates, T&Cs, Info and Booking:www.ISOintheSun.com or +34 609 124 289
PECB ISO/IEC 20000 Service Management System (SMS) Lead Implementer
5 Days - € 1750 - 31 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
This five day course provides an overview to the structure of a Service Management System (SMS) based on ISO/IEC 20000-1:2018,and how to implement the same in an organisation, eg for the purpose of certification.
Next Dates: 4. - 8. May 2020 and 12. - 16. October 2020
Ÿ Clauses of ISO/IEC 20000-1:2018
Ÿ ISO/IEC 20000-1:2018 Certification Process
Ÿ Internal Audit, Management Review and Corrective Actions
This training incorporates project management practices as well as further guidance from elsewhere in the ISO/IEC 20000 family of standards.
Ÿ Information Security Management
Ÿ Monitoring the SMS with Metrics, Performance Indicators etc
Participants will gain a thorough understanding of best practices used to implement a SMS across a wide range of service sectors, not just IT services as covered by ITIL.
Outline
Implementing the SMS
Ÿ Service Availability and Continuity Management
Ÿ Gap Analysis, Business Case and Project Plan
Ÿ Budget, Demand and Capacity Management
Ÿ Service Management System (SMS)
Ÿ Development of Service Management Policies
Ÿ Catalogue, Asset, Configuration and Relationship Management
Ÿ Defining Scope and Objectives of the SMS
Introduction to SMS Concepts per ISO/IEC 20000-1:2018
Ÿ Change, Release and Deployment Management
Performance Evaluation and Improving the SMS
Ÿ Implementation of a Continual Improvement Program
Planning and Initiating the SMS Implementation
Ÿ Preparing for the Certification Audit
Ÿ Normative, Regulatory and Legal Framework
This five day course enables participants to develop the necessary expertise to support an organisation in implementing and managing a Service Management System based on ISO/IEC 20000-1:2018.
Ÿ Fundamental Principles of Service Management Ÿ Comparison with ITIL V2 and V3
Ÿ Incident and Problem Management
Ÿ Operations Management of the SMS
The course consists of a mix of presentation, discussion and exercises based on real-world examples.
Overview
Some past exposure to information or IT security, management systems and / or project management helpful, but not required.
Prerequisites
Exam and first year certification fees are included in the course fees.
Ÿ Manage teams implementing ISO/IEC 20000-1:2018
Ÿ (IT) Professionals moving into SMS operation
Completion of this course will enable students to
Ÿ Apply concepts, approaches, standards, methods and techniques for the effective operation of a SMS
Ÿ Advise organisations on SMS best practices
Audience
This course is aimed at students with (future) roles like
Objectives
Ÿ Project managers, consultants and team members implementing a SMS or extending from ITIL etc
Ÿ CxO and senior managers of a SMS scope
Ÿ Understand the principles of a SMS conforming to ISO/IEC 20000-1:2018, including the relationship between its components, eg risk management, controls, requirements of interested parties
Ÿ Auditors requiring more SMS implementation insight
General understanding of common business processes.
Examination and Certification
The course ends with a three hour written essay-style exam on the last day available in multiple languages.
This course is designed by PECB in Canada, who also mark the exam and issue respective certifications as per their criteria. PECB is a personnel certification body, accredited to ISO/IEC 17024:2012 by IAS. See www.pecb.com for full details.
SoftQualMTraining
![Page 15: ISO in the Sun 2020 Program in the Sun 2020 Program.pdf · 5 Days - € 1750 - 31 CPDs - Costa Teguise, Lanzarote, Canary Islands, Spain Next Dates: 20. - 24. April 2020 and 16. -](https://reader035.fdocuments.in/reader035/viewer/2022081612/5f8437ca2b1aa845fe34a979/html5/thumbnails/15.jpg)
More Courses, Dates, T&Cs, Info and Booking:www.ISOintheSun.com or +34 609 124 289
Next Dates: 14. - 16. April 2020 and 28. - 30. October 2020
3 Days - € 1100 - 21 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
PECB ISO 31000 Risk Manager
This three day course provides an overview to the generic principles of risk management based on ISO 31000:2018,
and how to apply the same across an organisation, eg for operational or financial risk, the various risk-based management systems like IMS, QMS, EMS, SMS, BCMS, ISMS, OH&SMS etc.
The course consists of a mix of presentation, discussion and exercises based on real-world examples.
Ÿ Risk Management Standards, Frameworks and Methodologies
Ÿ Risk Acceptance and Residual Risk Management
Examples of Risk Assessment MethodologiesŸ Overview to IEC 31010:2009
Ÿ Cause and Effect Diagram
Overview
The generic character of ISO 31000:2018 makes it applicable across organisations at subject matter as well as enterprise level.
Outline
Elements of the Risk Management Framework
Ÿ Risk Communication and ConsultationŸ Risk Monitoring and Review
Ÿ Fault and Failure Analysis using FTA, FMEA and FMECA
Examples are ISO 9001:2015, ISO 14001:2015, ISO/IEC 20000-1:2018, ISO 22301:2019, ISO/IEC 27001:2013, ISO 45001:2018, SOX, revenue assurance, program and project management, data protection, GDPR etc.
Ÿ Risk Treatment
Ÿ Hazard Analysis using HAZOP and HACCP
Introduction to Risk Management per ISO 31000:2018
Ÿ Scenario Analysis
ISO 31000:2018 provides a comprehensive model for any kind of management system, standard, operational or regulatory context requiring a risk-based approach, whether a formal risk management process is required or not.
Ÿ Concepts and Definitions relating to Risk Management
Ÿ Implementation of a Risk Management Framework
This three day course enables participants to develop the necessary expertise to support an organisation in implementing risk management processes based on ISO 31000:2018.
Ÿ Understanding an Organisation and its Context
Ÿ Risk IdentificationŸ Risk Analysis and Risk Evaluation
Ÿ Brainstorming, DELPHI
The course ends with a two hour written essay-style exam on the last day available in multiple languages.
Prerequisites
Ÿ Project managers, consultants and team members implementing and operating management systems
Ÿ Risk managers and Business process owners
Ÿ Auditors requiring more risk management insight
General understanding of common business processes.
This course is designed by PECB in Canada, who also mark the exam and issue respective certifications as per their criteria. PECB is a personnel certification body, accredited to ISO/IEC 17024:2012 by IAS. See www.pecb.com for full details.
Examination and Certification
Exam and first year certification fees are included in the course fees.
Some past exposure to risk management and / or management systems helpful, but not required.
Ÿ Regulatory compliance managers
Ÿ Understand the relationship between risk management and requirements of interested parties
Ÿ Implement, maintain and manage an ongoing risk management program
Ÿ Advise organisations on best practices in risk management
Audience
Objectives
This course is aimed at students with (future) roles like
Completion of this course will enable students toŸ Understand concepts, approaches, methods, tools
and techniques for effective risk management according to ISO 31000:2018
SoftQualMTraining
![Page 16: ISO in the Sun 2020 Program in the Sun 2020 Program.pdf · 5 Days - € 1750 - 31 CPDs - Costa Teguise, Lanzarote, Canary Islands, Spain Next Dates: 20. - 24. April 2020 and 16. -](https://reader035.fdocuments.in/reader035/viewer/2022081612/5f8437ca2b1aa845fe34a979/html5/thumbnails/16.jpg)
More Courses, Dates, T&Cs, Info and Booking:www.ISOintheSun.com or +34 609 124 289
Next Dates: 24. - 26. February 2020 and 2. - 4. November 2020
This three day course provides an overview to the principles of risk management in information security based on ISO/IEC 27005:2018,
and how to apply the same across an organisation, eg for the context of certification to ISO/IEC 27001:2013.
PECB ISO/IEC 27005 Information SecurityRisk Manager
3 Days - € 1100 - 21 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
This three day course enables participants to develop the necessary expertise to support an organisation in implementing risk management processes related to all assets of relevance for information security based on ISO/IEC 27005:2018.
Outline
Ÿ Understanding an Organisation and its Context
ISO/IEC 27005:2018 builds onto the generic risk management principles set out in ISO 31000:2018, and applies those to the context of an information security management system (ISMS), thus providing a framework for satisfying the risk management requirements of ISO/IEC 27001:2013.
Ÿ Risk Management Standards, Frameworks and Methodologies
Elements of the Risk Management Framework Ÿ Risk Identification
Introduction to Information Security Risk Management per ISO/IEC 27005:2018
Ÿ Risk Analysis and Risk EvaluationŸ Risk Treatment
The course consists of a mix of presentation, discussion and exercises based on real-world examples.
Overview
Ÿ Concepts and Definitions relating to Risk Management
Ÿ Implementation of a Risk Management Framework
Ÿ Risk Acceptance and Residual Risk Management
Ÿ Risk Monitoring and Review
Ÿ Harmonised Risk Analysis Method (MEHARI)
Ÿ Harmonized Threat and Risk Assessment (TRA)
Ÿ Operational Critical Threat, Asset and Vulnerability Evaluation (OCTAVE)
Ÿ Expression of Needs and Identification of Security Objectives (EBIOS)
Ÿ Risk Communication and Consultation
Examples of Risk Assessment Methodologies
Audience
This course is aimed at students with (future) roles like Ÿ Risk managers and Information security officers
Ÿ Auditors requiring more risk management insight
Ÿ Understand concepts, approaches, methods, tools and techniques for effective information security risk management according to ISO/IEC 27005:2018
Ÿ Project managers, consultants and team members implementing and operating information security management systems
Prerequisites
General understanding of common business processes.
Some past exposure to risk management and / or management systems helpful, but not required.
Ÿ Understand the relationship between risk management, controls and ISO/IEC 27001:2013
Examination and Certification
Objectives
Completion of this course will enable students to
Ÿ Advise organisations on best practices in information security risk management
Ÿ Implement, maintain and manage an ongoing information security risk management program
The course ends with a two hour written essay-style exam on the last day available in multiple languages.
Exam and first year certification fees are included in the course fees.
This course is designed by PECB in Canada, who also mark the exam and issue respective certifications as per their criteria. PECB is a personnel certification body, accredited to ISO/IEC 17024:2012 by IAS. See www.pecb.com for full details.
SoftQualMTraining
![Page 17: ISO in the Sun 2020 Program in the Sun 2020 Program.pdf · 5 Days - € 1750 - 31 CPDs - Costa Teguise, Lanzarote, Canary Islands, Spain Next Dates: 20. - 24. April 2020 and 16. -](https://reader035.fdocuments.in/reader035/viewer/2022081612/5f8437ca2b1aa845fe34a979/html5/thumbnails/17.jpg)
More Courses, Dates, T&Cs, Info and Booking:www.ISOintheSun.com or +34 609 124 289
Next Dates: 25. - 29. May 2020 and 5. - 9. October 2020
This five day course provides an overview to cyber security strategies based on a wide range of available best practice approaches,
applicable in the context of supporting organisations in setting up cyber security resilience capabilities.
5 Days - € 1750 - 31 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
Managing Cyber Security Risk and Resilience
Ÿ The Cyber Risk Framework of the World Economic Forum, and the European Union Agency for Network and Information Security (ENISA)
Ÿ Payment Card Industry Standard (PCI – DSS)
Ÿ Standards of Good Practice for Information Security Ÿ The IT Capability Maturity Framework
Ÿ CIS Top 20 Critical Controls for effective Cyber Defence
Ÿ TCCYBERŸ NIST Cyber Security Framework
Ÿ HITRUST CSF
Information security risk management and a resilient approach to cyber security focus the organization on managing risk to critical assets by optimizing both protection and continuity strategies. Although a daunting challenge, improving an organization's capabilities does not always require significant additional financial investment.
Overview
The five day course builds on knowledge of information security management practices to equip participants with the know-how to manage cyber security risk and resilience to meet compliance objectives in organisations of any size.
The course consists of a mix of presentation, discussion and drawing on real live case studies.
Outline
Ÿ The current landscape of cyber security standards, best practice and guidance documents
Part One: Cyber Security Risk
Ÿ NCSC (UK) 10 Steps to Cyber Security and Cyber Essentials
Ÿ The role and the importance of people, processes and technology in cyber security
Ÿ Key requirements (outcomes) of an effective cyber security risk management strategy
Ÿ Using Cyber security and IT governance best practice frameworks such as COBIT 5
Ÿ Information security risk management as the core competence of cyber security management
Part Two: Cyber ResilienceŸ Essentials of Cyber Resilience (The Cyber Resilience Lifecycle)Ÿ Essentials of building a Cyber-Resilient OrganisationŸ How ISO22301 is essential to achieving cyber resilience in the
event of a cyber security attack
Ÿ Explain the relationship of cyber security and resilience to other forms of security, and draw together these domains for the organisation's maximum benefit
Objectives
Completion of this course will enable students toŸ Provide advice and guidance on cyber security and
resilience issues to help protect an organisation against cyber security threats
Ÿ CxO and senior managersŸ Auditors requiring more cyber security insight
Prerequisites
Examination and Certification
Ÿ Project managers, consultants and team members implementing cyber security resilience measures
Exam and first year certification fees are included in the course fees.
This course is aimed at students with (future) roles like
This course has been designed by and SoftQualMpartners, who also mark the exam and issue the Cyber Security Professional certification in accordance with ISO/IEC 17024:2012.
Some past exposure to business risk, cyber, information or IT security helpful, but not required.
Audience
General understanding of common business processes.
The course ends with a three hour written essay-style exam in English on the last day.
Ÿ Investigate and detect cyber crime
Ÿ Define stakeholders and provide a description of their roles with regards to cyber security
Ÿ (Security) Risk managers
Ÿ Understand the framework for resolving cyber security issues through collaboration
SoftQualMTraining
![Page 18: ISO in the Sun 2020 Program in the Sun 2020 Program.pdf · 5 Days - € 1750 - 31 CPDs - Costa Teguise, Lanzarote, Canary Islands, Spain Next Dates: 20. - 24. April 2020 and 16. -](https://reader035.fdocuments.in/reader035/viewer/2022081612/5f8437ca2b1aa845fe34a979/html5/thumbnails/18.jpg)
More Courses, Dates, T&Cs, Info and Booking:www.ISOintheSun.com or +34 609 124 289
This five day course provides an overview to principles of third party supplier and vendor security risk assessment and management
and how to implement the respective function in an organisation.
Third Party Supplier and Vendor Risk Management5 Days - € 1750 - 31 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
Next Dates: 18. - 22. May 2020 and 12. - 16. October 2020
Ÿ Due Diligence and Risk Assessment of Outsourcing ArrangementŸ Oversight of the Outsourcing Arrangement and Exit strategy
Ÿ Access, Information and Audit Rights
Monitoring and Control of Outsourcing Arrangements
Implementation of Outsourcing Process Activities
Ÿ Inventory and Risk-based Segmentation of Service Providers
Ÿ The Outsourcing Contractual PhaseŸ Pre-outsourcing Analysis
Ÿ Information System and Data Security
Ÿ Business ContinuityŸ Internal AuditŸ Communication, Training and Awareness, Documentation
Planning the Implementation of Outsourcing
Ÿ Clarifying Outsourcing ObjectivesŸ Analysis of existing Outsourcing
Ÿ Third-Party Supplier and Vendor Risk GovernanceŸ Risk Management Framework
Ÿ Outsourcing Policy
Ÿ Establishment of Management Control GroupsŸ Periodic Reviews, Reporting Policies and Procedures
Ÿ Essentials on Outsourcing to Cloud Service Providers
Ÿ Performing Information Security Control Assessments
Cloud Outsourcing
Outline
This five day course enables participants to develop the necessary expertise to support organisations implementing and effectively managing third-party supplier and vendor risk.
Overview
Hardly a day goes by without hearing about yet another organisation's data being compromised after hackers gained access to it through a third party supplier or vendor. Each incident highlights that in addition to in-house information security, organisations now also need to ensure that their third party suppliers and vendors' (cyber) security standards meet or exceed their own.
Introduction to Outsourcing Essentials
Ÿ Understanding the OrganisationŸ Fundamentals of effective Outsourcing
The course consists of a mix of presentation, discussion and drawing on real live case studies.
Ÿ Gain knowledge and skills required to advise organisations on how to implement effective risk-based outsourcing
Audience
This course is aimed at students with (future) roles like
Ÿ Understand best practice for establishing, implementing, operating, monitoring, reviewing, maintaining and improving third party supplier and vendor security controls to protect outsourced information assets
Ÿ Manage a team implementing outsourcing
Objectives
Completion of this course will enable students to
Ÿ Gain a comprehensive understanding of the concepts and approaches of effective risk-based outsourcing
Exam and first year certification fees are included in the course fees.
This course has been designed by and SoftQualMpartners, who also mark the exam and issue the Third Party Risk Management Professional certification in accordance with ISO/IEC 17024:2012.
Some past exposure to risk management and / or management systems helpful, but not required.
Ÿ Procurement Professionals / Auditors requiring third party supplier and vendor risk management insight
Ÿ Project managers, consultants and team members implementing third-party supplier and vendor risk management
Ÿ CxO and senior managers
General understanding of common business processes.
Prerequisites
Examination and Certification
The course ends with a three hour written essay-style exam in English on the last day.
SoftQualMTraining
![Page 19: ISO in the Sun 2020 Program in the Sun 2020 Program.pdf · 5 Days - € 1750 - 31 CPDs - Costa Teguise, Lanzarote, Canary Islands, Spain Next Dates: 20. - 24. April 2020 and 16. -](https://reader035.fdocuments.in/reader035/viewer/2022081612/5f8437ca2b1aa845fe34a979/html5/thumbnails/19.jpg)
More Courses, Dates, T&Cs, Info and Booking:www.ISOintheSun.com or +34 609 124 289
3 Days - € 1300 - 21 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
Next Dates: 20. - 22. April 2020 and 26. - 28. October 2020
This three day course provides an overview to the basics of PRINCE2 Project Management.
This course can be combined with the PRINCE2 Practitioner course at a special rate of € 2100 for both courses.
PRINCE2 Project Management Foundation
The course consists of a mix of presentation, discussion and exercises based on real-world examples.
Review exercises as well as a practice test assist the exam preparation.
Overview
This three day training enables participants to learn the basics of the PRINCE2 Project Management method. The participant will learn about the PRINCE2 Principles, Themes, Processes and Tailoring.
Ÿ Managing Product Delivery
Ÿ Introduction PRINCE2
Ÿ Business Case
Outline
Ÿ Controlling a Stage
Ÿ Tailoring PRINCE2 to the Project Environment Ÿ PRINCE2 Foundation Exam
Ÿ Organisation
Ÿ Initiating a Project
Day 1
Ÿ Change
Ÿ Progress
Day 3
Ÿ Risk
Ÿ Quality
Ÿ Closing a Project
Ÿ Starting Up a ProjectŸ PRINCE2 Process Model
Day 2
Ÿ Managing a Stage Boundary
Ÿ Plans
Ÿ Know the basic differences between the PRINCE2 Principles, Themes and Processes
This course is aimed at students with (future) roles like
Objectives
Exam fees are included in the course fees.
The course is delivered by Trainers of Polychor, a PRINCE2 Accredited Training Organisation. See polychor.com for full details.
Ÿ Understand basics of PRINCE2 Project Management
Audience
Ÿ Project managers
Ÿ CxO and senior managers sponsoring projects
The official one hour multiple choice PRINCE2 Foundation exam can be taken at the end of the training course or at a later date.
Ÿ Consultants and team members managing or supporting a project using PRINCE2
Examination and Certification
Prerequisites
Completion of this course will enable students to
Ÿ Prepare for the PRINCE2 Foundation exam
Some past exposure to project management helpful, but not required.
SoftQualMTraining
![Page 20: ISO in the Sun 2020 Program in the Sun 2020 Program.pdf · 5 Days - € 1750 - 31 CPDs - Costa Teguise, Lanzarote, Canary Islands, Spain Next Dates: 20. - 24. April 2020 and 16. -](https://reader035.fdocuments.in/reader035/viewer/2022081612/5f8437ca2b1aa845fe34a979/html5/thumbnails/20.jpg)
More Courses, Dates, T&Cs, Info and Booking:www.ISOintheSun.com or +34 609 124 289
Next Dates: 23. - 24. April 2020 and 29. - 30. October 2020
PRINCE2 Project Management Practitioner
This two day course teaches how to use the PRINCE2 Project Management method in real-life.
This course can be combined with the PRINCE2 Foundation course at a special rate of € 2100 for both courses.
2 Days - € 1100 - 14 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
Overview
This two day training enables participants to learn how to use the PRINCE2 Project Management method in a real-life situation by going through two complete test exams and by analysing the 'Managing Successful Projects with PRINCE2' book in detail to understand how all the PRINCE2 elements work together.
The course consists of a mix of presentation, discussion and exercises based on real-world examples.
Review exercises as well as a practice test assist the exam preparation.
Outline
Day 1
Ÿ PRINCE2 Test Exam 1Ÿ Analysis of the 'Managing Successful Project with PRINCE2' Book
Day 2Ÿ Review and Analysis of PRINCE2 Test Exam 2
Ÿ Summary of the PRINCE2 Method
Ÿ PRINCE2 Practitioner Exam
Objectives
Completion of this course will enable students toŸ To understand PRINCE2 Project Management method
in enough detail
The official two-and-a-half hours objective PRINCE2 Foundation exam can be taken at the end of the training course or at a later date.
Exam fees are included in the course fees.
Ÿ CxO and senior managers sponsoring projects
Audience
This course is aimed at students with (future) roles like
Prerequisites
Examination and Certification
The course is delivered by Trainers of Polychor, a PRINCE2 Accredited Training Organisation. See polychor.com for full details.
Ÿ Project managers
Preferably attend the PRINCE2 Foundation course using Polychor's training materials.
Ÿ Successfully participate in the PRINCE2 Practitioner exam
Must have passed the PRINCE2 Foundation exam.
Ÿ Consultants and team members managing or supporting a project using PRINCE2
SoftQualMTraining
![Page 21: ISO in the Sun 2020 Program in the Sun 2020 Program.pdf · 5 Days - € 1750 - 31 CPDs - Costa Teguise, Lanzarote, Canary Islands, Spain Next Dates: 20. - 24. April 2020 and 16. -](https://reader035.fdocuments.in/reader035/viewer/2022081612/5f8437ca2b1aa845fe34a979/html5/thumbnails/21.jpg)
More Courses, Dates, T&Cs, Info and Booking:www.ISOintheSun.com or +34 609 124 289
Installing, Configuring and Managing a Windows Server 2016 Public Key Infrastructure
5 Days - € 1950 - 36 CPDs - Arrecife, Lanzarote, Canary Islands, Spain or Live Online
Next Dates: 6. - 10. April 2020 and 2. - 6. November 2020
This five day course provides an overview to concepts of a Public Key Infrastructure (PKI) and demonstrates with hands-on labs
how to implement Active Directory Certificate Services in a Windows Server 2016 environment.
Overview
The course has a balance between the theoretical and practical part and contains exercises with real world examples. Total lab time of the course is more than 50%.
Ÿ Installing and Configuring Active Directory Certificate Services
Ÿ Implementing Code Signing
Ÿ Certificate Templates
Ÿ Use of SSL to Secure RDP Connections
Ÿ Understanding Cryptography
Ÿ Certificate EnrollmentŸ Key Archival and Recovery
Ÿ Backup and Clean-up Certificate Authority Database
Ÿ Installing and Configuring an Online Certificate Status Protocol
This five day course starts with the basics of a Public Key Infrastructure (PKI) and ends with more advanced topics. This intensive technical course is intended for anyone who is interested in implementing, configuring and managing Active Directory Certificate Services.
Contents
Ÿ Designing a Public Key Infrastructure
Ÿ Backup and Restore Certificate Authority
Ÿ Network Device Enrollment Service
Ÿ Implementing an SMTP Exit Module
Ÿ Use OpenSSL to Generate Certificate Requests
Ÿ Implementing IEEE 802.1x for Wired Networks using a Cisco Catalyst Switch
Ÿ Implementing IEEE 802.1x for Wireless Networks using Cisco Wireless Access Point
Ÿ Implementing Virtual Smart Cards using Trusted Platform Module
Ÿ Securing BitLocker USB drives with virtual smart cards
Ÿ Implementing Smart Card for Multi-Factor Authentication (Athena)
Ÿ Protecting a Certificate Authority Keys using a Hardware Security Module (YubiHSM2)
Ÿ Deploying Multi-protocol Security Keys for Multi-Factor Authentication (YubiKey4)
Ÿ Installing and Configuring Certificate Enrollment Policy Web Service
Order and focus of the hands-on labs can be adjusted based on interests of the participants.
Ÿ Implementing Key Attestation
Ÿ Implementing Least-Privilege Administrative Models
Knowledge of Windows 7 or Windows 10, Windows Server 2012 or Windows Server 2016, Active Directory, Network Infrastructure Roles, and Group Policies. Experience on how to create users, groups, group policies, installation of roles and features.
Examination and Certification
Minimum of three students are required to run this course.
Assessment and first year certification fees are included in the course fees.
The course ends with an assessment on the last day.
This course has been designed by and SoftQualMpartners, who also assess and issue the Active Directory Certificate Services Professional certification in accordance with ISO/IEC 17024:2012.
Prerequisites
An understanding of previous Microsoft Active Directory Certificate Services helpful, but not required.
Participants are required to bring their own computer (min. 16 GB RAM, 60 GB of free disk space) with VMware Professional 14 (licensed or trial version) installed. Virtual machines required will be supplied.
Ÿ Windows System Engineers (MCSA, MCSE)Ÿ Security Engineers, PKI consultants
Ÿ Understand the basics of a Public Key Infrastructure (PKI)
Ÿ Implement, configure and manage Windows Server 2016 Active Directory Certificate Services
Completion of this course will enable students to
Audience
Objectives
This course is aimed at students with (future) roles like
Ÿ Gain knowledge and skills required to advise organisations on how to implement Windows Server 2016 Active Directory Certificate Services
SoftQualMTraining
![Page 22: ISO in the Sun 2020 Program in the Sun 2020 Program.pdf · 5 Days - € 1750 - 31 CPDs - Costa Teguise, Lanzarote, Canary Islands, Spain Next Dates: 20. - 24. April 2020 and 16. -](https://reader035.fdocuments.in/reader035/viewer/2022081612/5f8437ca2b1aa845fe34a979/html5/thumbnails/22.jpg)
More Courses, Dates, T&Cs, Info and Booking:www.ISOintheSun.com or +34 609 124 289
Frequently Asked Questions
Exercises during the courses are very similar to the exam questions, hence closely participating in those exercises has proven to be the best exam preparation.
While you could attend multiple of the individual Lead Auditor courses, you would notice significant repetitions. We would hence rather recommend the Annex SL IMS Lead Auditor course in that case, which teaches auditor skills as well as introducing a range of management system standards.
Unless specifically stated, no.
Will I gain from attending multiple Lead Implementer courses or are they rather repetitive?
Yes. Unlike the Lead Auditor courses, the Lead Implementer courses significantly differ from each other. While implementation strategies are similar, the required processes vary widely from standard to standard.
Most exams are essay-based, i.e. students are presented with a number of questions to be answered free text.
Do the courses include practice exams?
Having said that, we find that many students eventually attend both. Why that? Implementers often get involved in internal audit, and hence also need audit skills. Likewise, many auditors find it helpful to gain a deeper understanding of detailed implementation of the management system.
How do I best qualify as Lead Auditor for multiple management system standards?
Should I attend Lead Auditor or Lead Implementer?
While the Lead Implementer courses focus on putting a management system in place, the Lead Auditor courses teach the skills how to evaluate the effectiveness of such a management system, whether through self-assessment, internal audit or certification. Both start with an overview to the management system standard, but the Lead Implementer courses naturally dive deeper into the detail.
So, choose depending on your job role.
Is Information Security not merely IT Security?
No, ISO/IEC 20000 applies to any kind of service, not just IT services as relevant to ITIL. While often applied to IT service organisations, other service providers, eg in hospitality, print etc. start to discover ISO/IEC 20000 as a helpful management system in their context.
Is Business Continuity merely an IT subject?
Is ISO/IEC 20000 not merely ITIL?
Which of Risk Management course is right for me?
While the ISO/IEC 27005 Risk Manager course is information security centric, ISO 31000 Risk Manager course casts the net wider looking at risk management in a generic manner thus making it also relevant and applicable for a wide range of other management systems and business activities, including being helpful to satisfy the requirements of a risk-based approach in the latest revisions of ISO 9001, ISO 14001 and ISO 45001.
No, information security affects all aspects of an organisation. No doubt, IT is a major factor in most places these days, and IT Security hence mostly is a significant part of information security. However, information security also deals with non-IT elements, eg verbal handling of sensitive information in public. Indeed, an ISMS could be implemented in an organisation without a single computer - admittedly a rare scenario today.
No, business continuity is about keeping an organisation going in a disruptive situation. This might include IT or not, but most commonly includes dealing with staff and location issues, especially in the context of natural disaster, medical emergencies, major (sports) events etc.
SoftQualMTraining
![Page 23: ISO in the Sun 2020 Program in the Sun 2020 Program.pdf · 5 Days - € 1750 - 31 CPDs - Costa Teguise, Lanzarote, Canary Islands, Spain Next Dates: 20. - 24. April 2020 and 16. -](https://reader035.fdocuments.in/reader035/viewer/2022081612/5f8437ca2b1aa845fe34a979/html5/thumbnails/23.jpg)
More Courses, Dates, T&Cs, Info and Booking:www.ISOintheSun.com or +34 609 124 289
General Information
Lanzarote, Spain
The Canary Islands are designated as special territory within the EU, which is not part of the EU VAT Area and hence no EU VAT is due nor any EU VAT number issued.
For full terms and conditions please see our website www.ISOintheSun.com.
NIF B76345255Calle Ángel Guerra 25, Apto 21
Prices listed in this brochure include courseware, exam fees and Canarian-style lunches.
Under Canarian tax rules however, fees are subject to 7% IGIC for clients based in the Canary Islands as well as for students attending in private, i.e. not being delegated and paid for by a company, regardless of their location.
35572 Tías
Courses are invoiced eight weeks before the course to be paid latest two weeks prior to start of the course. We reserve the right to cancel unpaid bookings. Bookings are taken until two weeks before the course.
Terms & Conditions
ISO in the Sun SoftQualM is operated by SoftQualM Tías SL
SoftQualMTraining
Ÿ via our website www.ISOintheSun.com
Ÿ per email to [email protected]
Ÿ or call +34 609 124 289
Booking and Infos
For booking, infos or other enquiries please contact us
![Page 24: ISO in the Sun 2020 Program in the Sun 2020 Program.pdf · 5 Days - € 1750 - 31 CPDs - Costa Teguise, Lanzarote, Canary Islands, Spain Next Dates: 20. - 24. April 2020 and 16. -](https://reader035.fdocuments.in/reader035/viewer/2022081612/5f8437ca2b1aa845fe34a979/html5/thumbnails/24.jpg)
More Courses, Dates, T&Cs, Info and Booking:www.ISOintheSun.com or +34 609 124 289
General Information
Hotel Lanzalot PlayaAvda Mancomunidad, 9
Lanzarote
Lanzarote is the most northerly of the Canary Islands. Though being part of Spain, the Canary Islands are located some 80 km off the coast of Morocco on the Northwest of Africa, almost 2000 km South of Madrid.
ISO in the Sun courses take place in
Location
Website: https://hotellancelot.com/en/
35500 Arrecife
SoftQualMTraining
Logistics
Lanzarote being a popular tourist destination, there are direct flights from many airports around Europe by a pretty much endless list of airlines. We personally regularly fly Iberia, Ryanair, EasyJet, Condor and Jet2 to just name some.
We will be more than happy to help source suitable flights and accommodation, whether you come just for the course or want to combine your visit with a break, whether on your own or with family.
If you come from overseas, it is probably best to fly into Madrid (or Barcelona) and connect short-haul, eg with any of the above airlines.
If you like to hire a car, we can recommend www.cabreramedina.com/EN. Reserve online for pickup at the airport. They also have a station not far from the Lanzelot Playa.
The Lanzelot Playa (Details above) offers a good range of accommodation. Alternatively, there are plenty other hotels in close proximity. Public Transport and airport transfers are available throughout.