IT GOVERNANCE I INFORMATION RISK I … · olfpack Cyber Academy raining Catalogue WOLF PACK IT...
Transcript of IT GOVERNANCE I INFORMATION RISK I … · olfpack Cyber Academy raining Catalogue WOLF PACK IT...
Wolfpack Cyber Academy
Training Catalogue
www.wolfpackrisk.com
WOLF PACK
FOUNDATION I INTERMEDIATE I ADVANCEDIT GOVERNANCE I INFORMATION RISK I CYBERSECURITY I PRIVACY I
2017
2 | Wolfpack Cyber Academy Wolfpack Cyber Academy |3
About Wolfpack Information Risk:
Wolfpack Information Risk assists clients in managing their IT Governance, Information, Cyber security and Privacy programmes more efficiently. We help to predict the Cyber threats that affect particular industries. Wolfpack offers a range of assessments to determine where organisations have gaps in their people, process and technology areas.
Our specialist staff utilise the latest research, threat intelligence, high-impact training, awareness, monitoring and advisory solutions, to address these gaps. We have a strong sense of community and a genuine interest in making a difference in the fight against cybercrime. With this aim in mind, we strive to drive strategic collaborative initiatives on the African continent.
Grad
uate
D
evel
opm
ent
Contents
About Wolfpack Information Risk 3
Proposed Approach 3
Security Baseline Training 5
CompTIA Security+ 7
CompTIA CASP 8
Certified Cyber Security First Responder 10
CISM (Certified Information Security Manager) 13
COBIT 5 Foundation 15
ISO 27001 Foundation 17
ISO 27001 Lead Implementer 18
ISO 27001 Lead Auditor 20
ISO 22301 BCM Foundation 23
ISO 22301 BCM Lead Implementer 24
ISO 22301 BCM Lead Auditor 26
ISO 31000 Risk Foundation 29
ISO 31000 Risk Manager 30
ISO 31010 Risk Assessment Techniques 32
ISO 27005 IT Risk Foundation 34
ISO 27005 IT Risk Manager 35
ISO 27035 Lead Incident Response 37
PECB Certified Lead Pen Test Professional 39
PECB Certified Lead Privacy Implementer 40
MONITOR
ASSESS
TH
REAT
& V
ULNER
ABILITY MANAGEMENT INFORMATION RISK ASSESSMEN
T & CYBER RISK ANALYSIS
IMPROVE
REMEDIATION, SIMULATED ATTACKS & INCIDENT RESPONSE
THREAT INTELLIGENCE
TRAIN
ING
& AW
ARENESS ADVISORY
4 | Wolfpack Cyber Academy Wolfpack Cyber Academy |5
Duration Course Price (ex Vat) Exams
2 Days Wolfpack Security Baseline Training R 8 750.00 -
5 Days CompTIA Security+ R 9 000.00 R 1 662.00
5 Days CompTIA CASP R 17 050.00 R 2 216.00
5 Days Certified Cyber Security First Responder R 18 565.00 $ 300.00
4 Days CISM Exam Prep Course R 13 750.00 $ 760.00
3 Days COBIT 5 Foundation R 7 200.00 R 1 400.00 (Incl. in course)
2 Days ISO 27001 Foundation R 6 900.00 $ 120.00 (Incl. in course)
5 Days ISO 27001 Lead Implementer R 18 565.00 $ 120.00 (Incl. in course)
5 Days ISO 27001 Lead Auditor R 18 565.00 $ 120.00 (Incl. in course)
2 Days ISO 22301 BCM Foundation R 6 900.00 $ 120.00 (Incl. in course)
5 Days ISO 22301 BCM Lead Implementer R 18 565.00 $ 120.00 (Incl. in course)
5 Days ISO 22301 BCM Lead Auditor R 18 565.00 $ 120.00 (Incl. in course)
2 Days ISO 31000 Risk Foundation R 6 900.00 $ 120.00 (Incl. in course)
2 Days ISO 31000 Risk Manager R 6 900.00 $ 120.00 (Incl. in course)
2 Days ISO 27005 IT Risk Foundation R 6 900.00 $ 120.00 (Incl. in course)
2 Days ISO 27005 IT Risk Manager R 6 900.00 $ 120.00 (Incl. in course)
5 Days ISO 27035 Lead Incident Response R 18 565.00 $ 120.00 (Incl. in course)
5 Days PECB Lead Pen Test Professional R 18 565.00 $ 120.00 (Incl. in course)
5 Days PECB Certified Lead Privacy Implementer R 18 565.00 $ 120.00 (Incl. in course)
The purpose of the Wolfpack Cyber Academy Security Baseline Training is to provide students with a clear understanding of different security domains. Domains covered in this course are based on a consolidation of information and cyber security areas, derived from the Certified Information SystemsSecurity Professional (CISSP) and the International Organisation for Standards (ISO) 27001/2:2013 domains.
Wolfpack Cyber Academy Pricing Schedule 2017
Course
duration:
2 days
Cost
per delegate: R 8 750.00
Minimum number
of delegates: 10
Maximum number
of delegates:
30
This is a paper based course. No hardware and software will be required during the course.
Security Baseline Training
Course Modules
• Cyber Security Governance and Risk Management.
• Legal Regulations and Compliance.• Incident Management, Business
Continuity and Disaster Recovery Planning.
• Asset Management.• Human Resource and Supplier
Security.• Physical (Environmental) Security. • Security Architecture and Design.• Access Control.• Operations Security.• Cryptography.• Software Development and
Application Software Security.• Telecommunications and Network
Security.
Course Format
6 | Wolfpack Cyber Academy Wolfpack Cyber Academy |7
Cost
per delegate:
R 9 000.00
Minimum number
of delegates: 8
Maximum number
of delegates:
30
Course
duration:
5 days
Cost
of exam:
The CompTIA Security+ exam certifies
that the successful candidate has
obtained the required knowledge and
skills in order to identify risks and
participate in risk mitigation activities,
as well as provide infrastructure,
application, information and operational
security. In addition, the successful
candidate will apply security controls
to maintain confidentiality, integrity,
and availability, identify appropriate
technologies and products, troubleshoot
security events and incidents, and
operate with an awareness of applicable
policies, laws, and regulations.
The CompTIA Security+ exam is an
internationally recognised validation
of foundation-level security skills and
knowledge.
CompTIA Security +
CompTIA CASP
• Network Security. • Compliance and Operational
Security. • Threats and Vulnerabilities. • Application, Data and Host
Security. • Access Control and Identity
Management. • Cryptography.
Outcome and Assessment Target Audience
IT Security Professionals with:
• A minimum of 2 years experience in IT Administration with a focus on security.
• Day to day technical information security experience.
• Broad knowledge of security concerns and implementation .
Exam Domains
CompTIA Security +
The CompTIA Security+ Certification is a vendorneutral credential. The CompTIA Security+ exam is an internationally recognised validation of foundationlevel security skills and knowledge. Organisations and security professionals around the globe make use of it.
8 | Wolfpack Cyber Academy Wolfpack Cyber Academy |9
CompTIA CASP
The CASP exam is an internationally targeted validation of advanced-level security skills and knowledge. While there is no required prerequisite, the CASP certification is intended to follow CompTIA Security+ or equivalent experience and has a technical, “hands-on” focus at the enterprise level.
Cost
per delegate:
R 17 050.00
Course
duration:
5 days
Minimum number
of delegates:
8
Maximum number
of delegates:
30
Cost
of exam:
Successful candidates will gain the technical knowledge and skills required to conceptualise, engineer, integrate and implement secure solutions across complex environments.Candidates will apply critical thinking and judgment across a broad spectrum of security disciplines, propose and implement sustainable security solutions, map organisational strategies, translate business needs into security requirements, analyse risk impact and respond to security incidents. The CompTIA Advanced Security Practitioner (CASP) Certification is a vendor-neutral credential. The CASP exam is an internationally targeted validation of advanced-level security skills and knowledge.
Outcome and Assessment
• Enterprise Security. • Risk Management. • Incident Response.• Research and Analysis.• Integration of Computing,
Communications and Business Disciplines.
• Technical Integration of Enterprise Components.
Exam Domains
Target Audience
IT Security Professionals who have:
• A minimum of 10 years of experience in IT administration.
• At least 5 years of hands-on technical security experience.
Certified Cybersecurity First Responder
10 | Wolfpack Cyber Academy Wolfpack Cyber Academy |11
1
32
Domains % of Examination
Cost
per delegate:
R 18 565.00
Course
duration:
5 days
Minimum number
of delegates:
8
Maximum number
of delegates:
30
Cost
of exam: $ 300
Certified Cyber Security First Responder introduces the strategies, frameworks, methodologies and tools, which are used to manage cybersecurity risks and identify various types of common threats. Delegates will learn to design and operate secure computing and networking environments, assess and audit the organisation’s security, collect and analyse cybersecurity intelligence and handle incidents as they occur. The course also covers closely related information assurance topics, such as auditing and forensics in order to provide a sound basis for a comprehensive security based approach, aimed toward those on the front lines of defense.
Target Audience
• Cybersecurity Practitioners. • Students preparing for the
CyberSec First Responder: Threat Detection and Response (Exam CFR-101) certification examination.
• Students who are looking to fulfill DoD directive 8570.01 for information assurance (IA) training.
• Personnel performing IA functions, establishing IA policies and implementing security measures and procedures for the Department of Defence and affiliated information systems and networks.
Outcome and Assessment
• Assessing Information Security Risk.
• Creating an Information Assurance Life cycle Process.
• Analysing Threats to Computing and Network Environments.
• Designing Secure Computing and Network Environments.
• Operating Secure Computing and Network Environments.
• Assessing the Security Posture Within a Risk Management Framework.
• Collecting Cybersecurity Intelligence Information.
• Analysing Cybersecurity Intelligence Information.
• Responding to Cybersecurity Incidents.
• Investigating Cybersecurity Incidents.
• Auditing Secure Computing and Network Environments.
Number if items: 126
Duration: 180 minutes
Exam options:
Online or in Person (Castle Worldwide)
Item Formats:
Multiple Choice / Multiple Response / True-False
Two years work experience in computer network security technology or related field.
• The ability to recognise information security vulnerabilities and threats in the context of risk management.
• Operate some of the common operating systems relevant to a computing environment at a foundation level.
• Primary knowledge of the concepts and operational framework relating to common assurance safeguards in computing environments.
• Operate some of the basic network environment concepts, such as routing and switching, at foundation level.
• Elemental knowledge of the concepts and operational framework relating to common assurance safeguards in network environments.
• You can obtain this level of skills and knowledge by taking the following Logical Operations courses
• CompTIA® A+®: A Comprehensive Approach (Exams 200-801 and 220-802)
• CompTIA® Network+® (Exam N10-005)• CompTIA® Security+® (Exam SY0-401)• Course-specific Technical Requirements
Exam Domains
• Assessing Information Security Risks.
• Creating an Information Assurance Life cycle Process.
• Analysing Threats to Computing and Network Environments.
• Designing Secure Computing and Network Environments.
• Operating Secure Computing and Network Environments.
• Assessing the Security Posture within a Risk Management Framework.
• Collecting Cybersecurity Intelligence Information.
• Analysing Cybersecurity Intelligence Information.
• Responding to Cybersecurity Incidents.
• Investigating Cybersecurity Incidents.
• Auditing Secure Computing and Network Environment.
Exam Specifications
Prerequisites
Cyber Security First Responder
12 | Wolfpack Cyber Academy
CISM (Certified Information Security Manager)
Wolfpack Cyber Academy | 13
Around the world, the demand for skilled information security management professionals is on the rise. CISMcertification is the globally accepted standard of achievement in this area. This uniquely management-focused CISM certification ensures holders understand business, and know how to manage and adapt technology to their enterprise and industry. Since 2002, thousands of professionals worldwide have earned the industry-leading CISM to affirm both their high level of technical competence and qualifications for top-caliber leadership and management roles.
Cost
per delegate:
R 13 750.00
Course
duration:
4 days
Minimum number
of delegates:
8
Maximum number
of delegates:
30
Cost
of exam: $ 760.00
CISM
Target Audience
Outline
• Information Security Managers. • Aspiring Information Security
Managers. • IS/IT Consultants. • Chief Information Officers.
Designed specifically for Information Security
Professionals who are preparing to sit for the
CISM exam, the course focuses on the four
content areas of the Certified Information
Security Manager (CISM) job practice:
• Information Security Governance.
• Risk Management and Compliance.
• Information Security Program Development
and Management.
• Information Security Incident Management.
Outcome and Assessment
• Demonstrates your understanding of the relationship between an information security program and broader business goals and objectives.
• Distinguishes you as having not only information security expertise, but also knowledge and experience in the development and management of an information security program.
• Establishes you in an elite peer network.
• Is considered essential to ongoing education, career progression and value delivery to enterprises.
• ISACA certifications are globally accepted and recognised.
14 | Wolfpack Cyber Academy
COBIT 5 Foundation
Wolfpack Cyber Academy | 15
Cost
per delegate:
R 7 200.00
Course
duration:
3 days
Minimum number
of delegates:
8
Maximum number
of delegates:
30
Cost of exam: R 1 400
(Incl. in course)
This course exposes attendees to the integration of COBIT 5 with the KING III Code of Governance and other Best Practices, more specifically ISO 38500, ISO 27000 and ISO 20000/ ITIL. Cobit 5 Foundation forms a maturity model which will provide a wealth of insight and understanding on practical issues of IT Governance. The course on this page is offered by RMS Africa , an Affiliate of Quint Wellington Redwood, an Accredited Training Organisation of The APM Group Ltd.
Cobit 5 Foundation
• Information Security Managers.
• Aspiring Information Security
Managers.
• IS/IT Consultants.
• Chief Information Officers.
Outcome and Assessment Exam Domains
• The key features of COBIT 5. • COBIT 5 Principles. • COBIT 5 Enablers. • Introduction to COBIT 5
Implementation.
Target Audience
At the conclusion of the course the attendees will understand:
• The major drivers for the devel-opment of a framework.
• The business benefits of using COBIT 5.
• The COBIT 5 architecture. • The IT management issues and
challenges that affect enterprises. • The 5 key principles of COBIT 5
for the governance and manage-ment of Enterprise IT.
• How COBIT 5 enables IT to be governed and managed in a holistic manner for the entire enterprise.
• The key concepts in a Process Capability Assessment.
This is a paper based course. No hardware or software is required. The exam is written on the 3rd day and is included in the course price.
• Chief Information Officers. • Heads of Regulatory Compliance. • Chief Technology Officers. • Heads of Service Management. • Chief Operational Officers. • Information Security Managers• Risk and Compliance Officers. • IT/Internal Auditors. • IT Directors/Managers. • Business Continuity Managers.• Heads of IT Governance. • IT Consultants.• Heads of Risk Management.
16 | Wolfpack Cyber Academy Wolfpack Cyber Academy |17
ISO 27001 Foundation
This course enables the participants to learn about the best practices for implementing and managing an Information Security Management System (ISMS) as specified in ISO/IEC 27001, as well as the best practices for implementing the Information Security controls of the domains of the ISO/IEC 27002.
• Understand the implementation of an Information Security Management System in accordance with ISO/IEC 27001.
• Understand the relationship between an Information Security Management System, including risk management, controls and compliance with the requirements of different stakeholders of the organisation.
• Know the concepts, approaches, standards, methods and techniques allowing to effectively manage an Information Security Management System.
• Acquire the necessary Knowledge to contribute in implementing an Information Security.
• Management System (ISMS) as specified in ISO/IEC 27001.
This is a paper based course. Certification fees are included in the exam price.
Cost
per delegate:
R 6 900.00
Course
duration:
2 days
Minimum number
of delegates:
8
Maximum number
of delegates:
30
Cost of exam: $ 120
(Incl. in course)
Exam Domains
Target Audience
• Members of an information security team.
• IT Professionals who would like to gain
a comprehensive knowledge of the main
processes of an Information Security
Management System (ISMS).
• Staff involved in the implementation of
the ISO/IEC 27001 standard.
• Technicians involved in operations related
to an ISMS.
• Auditors.
• CxO and Senior Managers responsible for
the IT governance and risk management of
an enterprise.
Outcome and Assessment
• Fundamental Principles and
Concepts of Information Security.
• Information Security Management
System (ISMS).
PECB IS0 27001 Foundation
PECB ISO 27001 Lead Implementer
PECB ISO 27001 Lead Auditor
18 | Wolfpack Cyber Academy Wolfpack Cyber Academy |19
ISO 27001 Lead Implementer
This five-day intensive course enables participants to develop the necessary expertise to support an organisation in implementing and managing an Information Security Management System (ISMS) based on ISO/IEC 27001:2013. Participants will gain a thorough understanding of best practices used to implement information security controls from all areas of ISO/IEC 27002. This training is consistent with the project management practices established in ISO 10006 . This training is also fully compatible with ISO/IEC 27003 (Guidelines for the Implementation of an ISMS), ISO/IEC 27004 (Measurement of Information Security) and ISO/IEC 27005 (Risk Management in Information Security).
• Understand the implementation of an Information Security Management System in accordance with ISO/IEC 27001.
• Gain a comprehensive understanding of the concepts, approaches, standards, methods and techniques required for the effective management of an Information Security Management System.
• Understand the relationship between the components of an Information Security Management System, including risk management, controls and compliance with the requirements of different stakeholders of the organisation.
Course
duration:
5 days
Cost
per delegate: R 18 565.00
Minimum number
of delegates:
8
Maximum number
of delegates:
30
Cost of exam: $ 120.00
(Incl. in course) • Project Managers or Consultants wanting to prepare and to support an organisation in the implementation of an Information Security Management System (ISMS).
• ISO/IEC 27001 Auditors who wish to fully understand the Information Security Management System implementation process.
• CxO and Senior Managers responsible for the IT governance and risk management of an enterprise and the management of its risks.
• Members of an Information Security team.
• Expert Advisors in information technology.
• Technical Experts who would like to prepare for an information security function or for an ISMS project management function.
Outcome and Assessment
ISO 27001 Lead Implementer
Exam Domains
Certification fees are included in the exam price.The “PECB Certified ISO/IEC 27001 Lead Implementer” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competence domains:
• Fundamental Principles and Concepts of Information Security.
• Information Security Control best practice based on ISO 27002.
• Planning an ISMS based on ISO/IEC 27001.
• Implementing an ISMS based on ISO/IEC 27001.
• Performance Evaluation, Monitoring and Measurement of an ISMS based on ISO/IEC 27001.
• Continual Improvement of an ISMS based on ISO/IEC 27001
• Preparing for an ISMS certification audit
A certificate related to the selected credential, will be issued to participants who successfully pass the exam and comply with all the other requirements.
Target Audience
• Acquire the necessary expertise to support an organisation in implementing, managing and maintaining an ISMS as specified in ISO/IEC 27001.
• Receive the necessary expertise to manage a team implementing ISO/IEC 27001.
• Develop the knowledge and skills required to advise organisation’s on best practices in the management of information security.
• Improve the capacity for analysis and decision making in the context of information security management.
Exam Duration: 180 minutes
Certification Fees included
in exam price
This is a paper based
course.
20 | Wolfpack Cyber Academy Wolfpack Cyber Academy |21
ISO 27001 Lead Auditor
This five-day intensive course enables participants to develop the necessary expertise to audit an Information Security Management System (ISMS), as well as to manage a team of auditors by applying widely recognised audit principles, procedures and techniques. During this training, the participant will acquire the necessary knowledge and skills to proficiently plan and perform internal and external audits in compliance with ISO 19011. Based on practical exercises, the participant will develop the skills (mastering audit techniques) and competencies (managing audit teams and audit program, communicating with customers, conflict resolution, etc.) necessary to efficiently conduct an audit.
Course
duration:
5 days
Cost
per delegate: R 18 565.00
Minimum number
of delegates:
8
Maximum number
of delegates:
30
Cost of exam: $ 120.00
(Incl. in course)
Exam Domains
Target Audience
Outcome and Assessment
• Acquire the expertise to perform an ISO/IEC 27001 internal audit following ISO 19011 guidelines.
• Gain the expertise to perform an ISO/IEC 27001 certification audit following ISO 19011 guidelines and the specifications of ISO 17021 and ISO 27006.
• Receive the necessary expertise to manage an ISMS audit team.
• Understand the operation of an ISO/IEC 27001 conformant information security management.
ISO 27001 Lead Auditor
• Understand the relationship between an Information Security Management System, including risk management, controls and compliance with the requirements of different stakeholders of the organisation.
• Improve the ability to analyse the internal and external environment of an organisation, its risk assessment and audit decision-making.
• Internal Auditors.• Auditors who would like to
perform and lead Information Security Management System (ISMS) certification audits.
• Project Managers or consultants who want to master the Information Security Management System audit process.
• CxO and Senior Managers responsible for the IT governance of an enterprise and the management of its risks.
• Members of an Information security team.
• Expert Advisors in information technology.
• Technical Experts who would like to prepare for an Information security audit.
Certification fees are included in the exam price.The “PECB Certified ISO/IEC 27001 Lead Auditor” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP).
The exam covers the following competence domains:• Fundamental Principles and Concepts
of Information Security.• Information Security Management
System (ISMS).• Fundamental Audit Concepts and
Principles.• Preparation of an ISO/IEC
27001 audit.• Conducting an 27001 audit.• Closing an ISO/IEC 27001 audit.• Managing an ISO/IEC 27001 audit
program.A certificate will be issued to participants who successfully pass the exam and comply with all the other requirements related to the selected credential.After successfully completing the exam, participants can apply for the credentials of PECB Certified ISO/IEC 27001 Provisional Auditor, PECB Certified ISO/IEC 27001 Auditor or PECB Certified ISO/IEC 27001 Lead Auditor depending on their level of experience. Those credentials are available for internal and external auditors.
Exam Duration: 180 minutes
This is a paper based
course.
Certification Fees included
in exam price.
22 | Wolfpack Cyber Academy Wolfpack Cyber Academy |23
ISO 22301 BCM Foundation
This course enables participants to learn about the best practices for implementing
and managing a Business Continuity Management System (BCMS) as specified in ISO
22301:2010, as well as the best practices for implementing the business continuity
processes based on the ISO/PAS 22399. This training is fully compatible with BS
25999 (Business continuity management specification) and ISO 27031 (Guidelines
for information and communication technology readiness for business continuity).
• Understand the implementation of
a Business Continuity Management
System in accordance with ISO 22301,
ISO 27031 or BS 25999.
• Discern the relationship between
a Business Continuity Management
System and the requirements of
different stakeholders within the
organisation. This includes risk
management, controls and compliance.
• Know the concepts, approaches,
standards, methods and techniques
allowing to effectively manage a
Business Continuity Management
System.
• Acquire the necessary expertise to
contribute in implementing a Business
Continuity Management System (BCMS)
as specified in ISO22301, ISO 27031 or
BS 25999.
Course
duration:
2 days
Cost
per delegate: R 6 900.00
Minimum number
of delegates:
8
Maximum number
of delegates:
30
Cost of exam: $ 120.00
(Incl. in course)
Exam Domains
Target Audience Outcome and Assessment
• Members of a business continuity
team.
• IT Professionals who desire to gain
a comprehensive knowledge of
the main processes of a Business
Continuity Management System
(BCMS).
• Staff involved in the
implementation of the ISO 22301
standard.
• Technicians involved in operations
related to a BCMS.
• Fundamental Principles and Concepts
of Business Continuity.
• Business Continuity Management
System (BCMS).
• This is a paper based course.
PECB ISO 22301 BCM Foundation
PECB ISO 22301 BCM Lead Implementer
PECB ISO 22301 BCM Lead Auditor
24 | Wolfpack Cyber Academy Wolfpack Cyber Academy |25
ISO 22301 BCM Lead Implementer
This five-day intensive course enables participants to develop the necessary expertise to support an organisation in implementing and managing a Business Continuity Management System (BCMS) based on ISO 22301:2010. Participants will also gain a thorough understanding of best practices used to implement business continuity processes from the ISO 22399. This training is consistent with the project management practices established in ISO 10006 (Quality Management Systems - Guidelines for Quality Management in Projects). It is fully compatible with BS 25999 (Business continuity management specification) and ISO 27031 (Guidelines for information and communication technology readiness for business continuity).
Outcome and Assessment
Course
duration:
5 days
Cost
per delegate: R 18 565.00
Minimum number
of delegates:
8
Maximum number
of delegates:
30
Cost of exam: $ 120.00
(Incl. in course)
• Understand the implementation of a Business Continuity Management System (BCMS) in accordance with ISO 22301, ISO 27031 or BS 25999.
• Gain a comprehensive understanding of the concepts, approaches, standards, methods and techniques required for the effective management of a Business Continuity Management System.
• Grasp the relationship between the components of a Business Continuity Management System and the compliance with the requirements of different stakeholders within the organisation.
• Acquire the necessary expertise to manage a team, through implementing ISO22301 or BS 25999.
• Develop the knowledge and skills required to advise organisations on best practices in the management of business continuity.
• Improve the capacity for analysis and decision making in the context of business continuity management.
• Obtain the necessary expertise to support an organisation in implementing, managing and maintaining a BCMS as specified in ISO22301 or BS 25999.
Certification fees are included in the exam price.The exam covers the following competence domains:
• Fundamental principles and concepts of business continuity.
• Business continuity Control Best Practice.
• Planning a BCMS based on ISO 22301• Implementing a BCMS based on ISO
22301.• Performance evaluation, monitoring
and measurement of a BCMS based on ISO 22301.
• Continual improvement of a BCMS based on ISO 22301.
• Preparing for a BCMS certification audit.
Additional Information:• This is a paper based course. No
additional hardware or software will be required.
• The duration of the exam is three hours.
• For more information about exam, refer to PECB section on ISO 22301 Lead Implementer Exam.
• A certificate will be issued to participants who successfully pass the exam and comply with all the other requirements related to the selected credential.
Target Audience
ISO 22301 BCM Lead Implementer
Exam Domains
• Project Managers or Consultants
who would like to prepare and
to support an organisation in the
implementation of a Business
Continuity Management System
(BCMS).
• Business Continuity Auditors
who wish to fully understand the
implementation of a Business
Continuity Management System.
• Individuals responsible for the
business continuity conformity in
an organisation.
• Members of a business continuity
team.
• Expert Advisors in business
continuity.
• Members of an organisation
who are preparing for a business
continuity function or for a BCMS
project management function.
Exam Duration: 180 minutes
This is a paper based
course.
Certification Fees included
in exam price
26 | Wolfpack Cyber Academy Wolfpack Cyber Academy |27
ISO 22301 BCM Lead Auditor
This five-day intensive course enables participants to develop the necessary expertise
to audit a Business Continuity Management System (BCMS) and to manage a team of
auditors by applying widely recognised audit principles, procedures and techniques.
During this training, the participant will acquire the necessary knowledge and skills to
proficiently plan and perform internal and external audits in compliance with ISO 19011
the certification process according to 17021. Based on practical exercises, the participant
will develop the skills and competencies necessary to efficiently conduct an audit. The
skill set includes mastering audit techniques, managing audit teams and -programs,
communicating with customers and conflict resolution. This training is compatible with BS
25999 audit (Business continuity management specification) and ISO 27031 (Guidelines
for information and communication technology readiness for business continuity).
Outcome and Assessment
Course
duration:
5 days
Cost
per delegate: R 18 565.00
Minimum number
of delegates:
8
Maximum number
of delegates:
30
Cost of exam: $ 120.00
(Incl. in course)
• Gain the prowess to perform an ISO
22301 or BS 25999 internal audit
following ISO 19011 guidelines.
• Acquire the expertise to perform an
ISO 22301 or BS 25999 certification
audit following ISO 19011 guidelines
and the specifications of ISO 17021.
• Receive the expert skills necessary to
manage a BCMS audit team.
• Understand the operation of the
Business Continuity Management
System in accordance with ISO22301,
ISO 27031 or BS 25999.
• Grasp the relationship between a
Business Continuity Management
System and the requirements of
different stakeholders within the
organisation. This includes risk
management, compliance and
controls.
• Improve the ability to analyse the
internal and external environment
of an organisation, risk assessment
and audit decision-making in the
context of a BCMS.
Certification fees are included in the
exam price.
The exam covers the following
competence domains:
• Fundamental Principles and
Concepts of Business Continuity.
• Business Continuity Management
System (BCMS).
• Fundamental Audit Concepts and
Principles.
• Preparation of an ISO 22301 audit.
• Conducting of an ISO 22301 audit.
• Closing an ISO 22301 audit.
• Managing an ISO 22301 Audit
Program.
• The duration of the exam is 3 hours.
• This is a paper based course and no
additional hardware or software is
required.
• For more information about the exam,
refer to PECB section on ISO 22301
Lead Auditor Exam.
• A certificate will be issued to
participants who successfully pass the
exam and comply with all the other
requirements related to the selected
credential.
Exam Domains
Target Audience
ISO 22301 BCM Lead Auditor
• Internal Auditors.
• Auditors who would like to perform
and lead Business Continuity
Management System (BCMS)
certification audits.
• Project Managers or Consultants
who desire to master the Business
Continuity Management System
audit process.
• Individuals responsible for the
Business continuity conformity in
an organisation.
• Members of a business continuity
team.
• Expert Advisors in information
technology.
• Technical Experts preparing for a
Business continuity audit function.
Exam Duration: 180 minutes
This is a paper based
course.
Certification Fees included
in exam price
Additional Information
28 | Wolfpack Cyber Academy Wolfpack Cyber Academy |29
Target Audience
ISO 31000 Risk Foundation
This course enables participants to learn about the best practices in Risk Management as specified in ISO 31000. The participant will learn the essential concepts and processes that are considered most effective in risk management. This training will help participants understand an optimal risk assessment and manage risks promptly, through familiarising themselves with their life cycle.
ISO 31000 Risk Foundation
Course
duration:
2 days
Cost
per delegate: R 6 900.00
Minimum number
of delegates:
8
Maximum number
of delegates:
30
Cost of exam: $ 120.00
(Incl. in course)
Outcome and Assessment
Successful delegates will gain the
following skill set:
• Understand Risk Management in
accordance with ISO 31000.
• Grasp the relationship between the
components of Risk Management
and the compliance with the
requirements of different
stakeholders of an organisation.
• Know the concepts, approaches,
standards, methods and techniques
allowing to effectively manage risk.
• Acquire the necessary knowledge
to contribute in managing risk as
specified in ISO 31000.
• Delegates will complete a
certification exam.
• Members of a Risk Management Team.
• Risk Managers.• Project Managers.• Professionals who would
like to gain a comprehensive knowledge of the main concepts and processes in Risk Management.
• Auditors.
Course Format
• This is a paper based course. No additional hardware or software will be required.
PECB ISO 31000 Risk Foundation
PECB ISO 31000 Risk Manager
30 | Wolfpack Cyber Academy Wolfpack Cyber Academy |31
Exam Domains
ISO 31000 Risk Manager
In this two-day intensive course participants develop the competence to master a model
for implementing risk management processes throughout their organisation, using the
ISO 31000:2009 standard as a reference framework. Based on practical exercises, participants
acquire the necessary knowledge and skills to perform an optimal risk assessment and
manage risks in time by being familiar with their life cycle. During this training, we will
present the ISO 31000 general risk management standard, the process model it recommends,
and how companies may use the standard. This training is also fully compatible with
IEC/ISO 31010 which supports ISO 31000 by providing guidance for risk assessment.
• Discern the concepts, approaches, methods,
tools and techniques which allow effective
risk management according to ISO 31000
and IEC/ISO 31010.
• Understand the relationship between risk
management and compliance with the
requirements of different stakeholders of an
organisation.
• Acquire the competence to implement,
maintain and manage an ongoing risk
management program according to ISO
31000.
• Gain the competence to effectively advise
organisations on the best practices in risk
management.
• This is a paper based course. No additional
hardware or software will be required.
Outcome and Assessment
Course
duration:
2 days
Cost
per delegate: R 6 900.00
Minimum number
of delegates:
8
Maximum number
of delegates:
30
Cost of exam: $ 120.00
(Incl. in course)
Target Audience• Risk and Business Risk managers.
• Business Process Owners.
• Business Finance Managers.
• Regulatory Compliance Managers.
• Project Management.
• Individuals responsible for information
security or conformity within an
organisation.
• Fundamental Principles and Concepts
in Risk Management.
• Risk Management, Assessment and
Treatment Program.
• Risk Communication, Monitoring and
Improvement.
PECB ISO 31010 Risk Assessment Techniques
32 | Wolfpack Cyber Academy Wolfpack Cyber Academy |33
Target Audience
ISO 31010 Risk Assessment Techniques
Risk Management is return on investment. Organisations of all types and sizes face a range of risks that
may affect the achievement of their objectives. The ISO/IEC 31010 Standard is a supporting standard
for ISO 31000 Risk Management. It provides guidance on the selection and application of systematic
techniques for Risk Assessment. In an intensive two-days course, participants will learn about 31
techniques in Risk Assessment such as: Checklists, Delphi-technique, SWIFT (structured ‘what-if’
technique), Root Cause Analysis (RCA), Business Impact Analysis (BIA), FMEA and FMECA, HAZOP, HACCP,
Layers of Protection Analysis (LOPA), Bow Tie Analysis, Markov, Monte-Carlo and Bayesian Analysis.
The course combines all these techniques. It aims at demystifying the complexity of the various
techniques that can be used by private and public organizations of any size, industry and sector.
Outcome and Assessment
Course
duration:
2 days
Cost
per delegate: R 6 900.00
Minimum number
of delegates:
8
Maximum number
of delegates:
30
Cost of exam: $ 120.00
(Incl. in course)
• This course is a must for Professionals in
the field of Risk Assessment and valuable
for everyone involved in decision-making.
• Understand the concepts, approaches,
methods, tools and techniques, which allow
for effective risk management according to ISO
31000and IEC/ISO 31010.
• Grasp the relationship between risk
management and compliance with the
requirements of different stakeholders within
an organization.
• Gain the competence to implement, maintain
and manage an ongoing risk management
program according to ISO 31000.
• Acquire the acumen to effectively advise
organizations on the best practices in risk
management.
Course InformationCertification fees are included in the exam
price.
A certificate will be issued to participants
who successfully pass the exam and comply
with all the other requirements related to the
selected credential.
This is a paper based course and no hardware
or software is required.
PECB ISO 27005 IT Risk Foundation
PECB ISO 27005 IT Risk Manager
34 | Wolfpack Cyber Academy Wolfpack Cyber Academy |35
ISO 27005 IT Risk Foundation
This course enables participants to learn about the best practices in risk management
based on ISO/IEC 27005, as well as understanding how different parts of a risk management
program and the implementation stages of an optimal risk assessment are synchronised.
• Understand risk management approaches in accordance with ISO/IEC 27005.
• Know the concepts, approaches, standards, methods and techniques, which allow for effective risk management (based on ISO/IEC 27005).
Exam Domains
Target Audience Outcome and Assessment
Course
duration:
2 days
Cost
per delegate: R 6 900.00
Minimum number
of delegates:
8
Maximum number
of delegates:
30
Cost of exam: $ 120.00
(Incl. in course)
• Members of an Information Security
Team.
• IT Professionals who would like to
gain a comprehensive knowledge
of Risk Management within an
organisation.
• Staff involved in the implementation
of the ISO/IEC 27005 standard.
• CxO and Senior Managers
responsible for the IT governance of
an enterprise and the management
of its risks.
• Fundamental Principles and Concepts of Risk Management in
Information Security.
• Information Security Risk
Management methods.
• The exam duration is one hour.
Additional information
• Certification fees are included in the exam price.
• This is a paper based course. No additional hardware or software is required.
• A certificate of “PECB Certified ISO/IEC 27005 Foundation” will be issued to participants who successfully passed the exam and comply with all the other requirements related to this credential.
ISO 27005 IT Risk Manager
This two-day intensive course develops the competence to master the basic risk management elements related to all assets of relevance for information security using the ISO/IEC 27005:2011 standard as a reference framework. Based on practical exercises and case studies, participants acquire the necessary knowledge and skills to perform an optimal information security risk assessment and manage risks promptly, by being familiar with their life cycle. During this training, we will also present other risk assessment methods such as OCTAVE, EBIOS, MEHARI and Harmonized TRA.
Outcome and Assessment
Course
duration:
2 days
Cost
per delegate: R 6 900.00
Minimum number
of delegates:
8
Maximum number
of delegates:
30
Cost of exam: $ 120.00
(Incl. in course)
• Understand the concepts, approaches,
methods and techniques, which allow for
effective risk management according to ISO/
IEC 27005.
• Interpret the requirements of ISO/IEC 27001
on information security risk management.
• Discern the relationship between the
information security risk management, the
security controls. and the compliance with the
requirements of different stakeholders of an
organisation.• Acquire the competence to implement,
maintain and manage an ongoing information
security risk management program according
to ISO/IEC 27005.
• Gain the competence to effectively advise
organisations on the best practices in
information security risk management.
Target Audience
• Risk Managers.
• Members of the information
security team.
• Individuals responsible for
Information Security or Conformity
within an organisation.
• Staff implementing or seeking
to comply with ISO/IEC 27001 or
involved in a Risk Management
Program.
• IT Consultants.
Course Format
• This is a paper based course. No
additional hardware or software will be
required.
36 | Wolfpack Cyber Academy Wolfpack Cyber Academy |37
Additional Information
Target Audience
ISO 27035 Lead Incident Response
In this five-day intensive course participants develop the competence to master an implementation model for an incident management process throughout their organisation, using the ISO/IEC 27035 standard as a reference framework. Based on practical exercises, participants acquire the necessary knowledge and skills to manage information security incidents in time by being familiar with their life cycle. During this training, we will present the ISO/IEC 27035 information security incident management standard, a process model for designing and developing an organisational incident management process, as well as how companies may apply the standard. This training is also fully compatible with ISO/IEC 27035 which supports ISO 27001 by providing guidance for incident management.
Outcome and Assessment
Course
duration:
5 days
Cost
per delegate: R 18 555.00
Minimum number
of delegates:
8
Maximum number
of delegates:
30
Cost of exam: $ 120.00
(Incl. in course)
• Grasp the concepts, approaches, methods,
tools and techniques, which allow for
effective information security incident
management, according to ISO/IEC 27035.
• Understand, interpret and provide guidance
on how to implement and manage incident
management processes based on best
practices of ISO/IEC 27035 and other
relevant standards.
• Gain the proficiency to implement, maintain
and manage an ongoing information
security incident management program
according to ISO/IEC 27035.
• Acquire the competence to effectively
advise organisations on the best practices in
information security management.
• Incident Managers.• Business Process Owners.• Information Security Risk Managers.• Regulatory Compliance Managers.• Members of Incident Response Team.• Persons responsible for information
security or conformity within an organisation.
PECB ISO 27035 Lead Incident Response
Exam and certification fees are included in the
training price.
This is a paper based course.
The exam duration is three hours.
38 | Wolfpack Cyber Academy Wolfpack Cyber Academy |39
PECB Certified Lead Pen Test Professional
This five-day intensive course enables participants to develop the necessary expertise to lead a professional penetration test using a mix of practical techniques and management skills. The course has been designed by Industry experts with in-depth experience in the Penetration Testing fields. Unlike other certifications, this course focuses specifically on the knowledge and skills needed by a professional looking to lead or take part in a penetration test. We drill down into the latest technical knowledge, tools and techniques in key areas including Infrastructure, Web Application and Mobile security, as well as Social Engineering. In addition, the course focuses on how to practically apply what has been learned during current day-to-day penetration testing.
Target Audience Outcome and Assessment
PECB Certified Lead Pen Test Professional
Course
duration:
5 days
Cost
per delegate: R 18 565.00
Minimum number
of delegates:
8
Maximum number
of delegates:
30
Cost of exam: $ 120.00
(Incl. in course)
• Be able to interpret and illustrate the
main Penetration Testing Concepts and
Principles.
• Understand the core technical
knowledge needed to organize and
carry out an effective set of tests.
• Learn how to effectively plan a
penetration test and identify a scope
which is suitable and risk appropriate.
• Master the practical hands on skills,
as well as the relevant tools and
techniques in order to conduct
penetration testing effectively.
• Effectively manage the time and
resources needed to scale a specific
Penetration Test.
• Security Professionals who need
to gain formal Penetration Testing
skills.
• IT Staff enhancing their technical
skills and knowledge.
• Auditors who would like to
understand the Penetration Testing
processes.
• IT and Risk Managers seeking a
more detailed understanding of the
appropriate and beneficial use of
Penetration Tests.
• Incident Handlers and Business
Continuity Professionals exploring
the use of testing as part of their
regimes.
40 | Wolfpack Cyber Academy Wolfpack Cyber Academy |41
PECB Certified Lead Privacy Implementer PECB Lead Privacy Implementer
This five-day intensive course enables participants to develop the necessary expertise to support an organization in implementing and managing a Privacy Framework based on ISO 29100. Participants will gain a thorough understanding of how to design, build and lead organizations privacy programs covering business processes, ICT systems and services, through the use of best practices. The training provides a privacy framework which specifies a common privacy terminology, defines the actors and their roles in processing personally identifiable information (PII), describes privacy safeguarding considerations and provides references to known privacy principles for information technology. Based on this knowledge delegates will have the skills to build privacy frameworks that allow their organisation to maintain compliance to the many privacy directives and laws worldwide.
Target Audience Outcome and Assessment
Course
duration:
5 days
Cost
per delegate: R 18 565.00
Minimum number
of delegates:
8
Maximum number
of delegates:
30
Cost of exam: $ 120.00
(Incl. in course)
• Understand the core competences on
the Privacy Framework.
• Gain a comprehensive understanding
of the concepts, approaches, standards,
methods and techniques required for
the effective protection of personally
identifiable information (PII).
• Define privacy safeguarding
requirements related to PII.
• Understand the relationship between
the components of Privacy Framework
with existing security standards and
various applicable laws.
• Acquire the necessary expertise
in privacy governance and risk
management compliance.
• Project Managers or Consultants.
• Security Auditors who would like to
understand the privacy framework
implementation processes.
• Experienced IT Security Manager
professionals.
• Privacy Officers, Data Protection
Officers and Compliance
Professionals.
• Security Professionals with
frontline experience.
• Information Security staff.
• Expert Advisors in Information
technology.
• Legal Practitioners who would like
to gain a deeper understanding.
BE STRONG ENOUGH TO STAND ALONEBUT BE WISE ENOUGH TO STAND
TOGETHERWHEN THE TIME COMES
PROTECTION IN THE PACK
www.wolfpackrisk.com www.wolfpackrisk.com [email protected]