Compliance

Reduce compliance costs and manage efficiently your risks, compliance, and governance e-Learning Course Demos

Agile and State-of-the-Art Compliance Training Transforming the Future of Compliance

SecuRetain’s compliance courses drive a culture of governance and compliance throughout the organization and demonstrate conformity for all required Compliances & Frameworks.
Default

Meet regulatory compliance requirements and prove security control enforcement

Default

Affordable compliance courses will educate employees to implement regulatory compliance requirements

Default

Track progress and course completion for yourself or an entire enterprise with the SecuRetain Platform

Default

Customize compliance courses to reflect your strategies, frameworks, guidelines, policies, and procedures

Default

Use this platform to distribute your training content along with SecuRetain courses in your own private space

Corporations can save more than 15% by developing in-house skills to implement SOC, ISO, NIST, CSF, & more. The series of courses aim to enhance end to end knowledge.

Preview e-Learning Courses

Comprehensive Compliance Based e-Learning Courses

Beneficial for all organizations, irrespective of their size, industry, and geography. SecuRetain will help employees grow personally and professionally.

Learning Outcomes from Compliance Based e-Learning Courses

Transform your Cybersecurity talent pool with fundamental learning and with in-depth knowledge in PCI, FCPA, GDPR, HIPPA, HITRUST, ISO 27001, SSAE18 SOC, FFIEC, FedRAMP, NIST, and more.
  • Anti Money Laundering, PCI - Basics, Consequences, Penalties, Applicable Laws, Insider Trading
  • GDPR – Global set of Rules and Regulations pertaining to Individual Privacy
  • HIPAA & HITRUST - Introduction, Frameworks, Governance, Controls, Regulations, Penalties pertaining to Healthcare industry
  • ISO 27001 - ISO 27000 compliance family, benefits of compliance, standard and certification, implementing ISMS and ISO 27001, ISMS mandatory processes, ISO 27001 Annex A controls Checklist
  • FFIEC - FFIEC risk and maturity, maturity levels, how to interpret and analyze assessment results, application of principles, create rating summary, cybersecurity maturity level calculation, and maturity results based on the maturity input
  • Fraud and Audit Management Series
  • SOC - Learn to implement SOC by training on series of 7 courses - SOC 2 vs. SOC 1, compliance frameworks, the difference between a Type I and Type II audit, decide the type of SOC report the organization's needs, driving the audit scope, foundation of SOC 1®, SOC 2®, and SOC 3® Reports, SOC 1, SOC 2, SOC 3, SOC 2 +, SOC for Cybersecurity. and SOC for Supply Chain Reports
  • SOC, NIST, ITGC – Introduction, Frameworks, Governance, Controls, Criteria, Regulations, Consequences, Penalties, Ratings
  • FCPA – Key concepts, Compliances, Implications, Enforcements, Penalties
  • FedRAMP – Strategy and plan, certification process, program steps to become FedRAMP compliant, Independent Verification and Validation, certification authorities, governance, and stakeholders

SecuRetain’s Compliance e-Learning Courses

Browse all Compliance category courses available for you on our SecuRetain platform
To search all courses on our SecuRetain platform. Click here!

Anti Money Laundering (AML) Awareness

  • Course ID: CO00103
  • Duration: 60 mins
  • CPE: 1 HR
  • Course Type: e-Learning
Book the course Course Objective

What you will learn:

  • What it is and how does it work?
  • Why people and organizations launder money?
  • How money laundering works: basic process
  • Legal consequences for money laundering, including state and federal (U.S.) penalties
  • Applicable laws and regulation
  • Insider trading

Data Privacy and Privacy Regulations (GDPR / CCPA) Part I

  • Course ID: CS00106
  • Duration: 60 mins
  • CPE: 1 HR
  • Course Type: e-Learning
Book the course Course Objective

What you will learn:

  • Learn about Privacy Imperative
  • Understand Strategic and Tactical Drivers
  • Learn about Privacy Strategy and Privacy Impact
  • Understand the Private Identifiable Information (PII) and Private Health Information
  • (PHI) data
  • Learn about Privacy Impact Assessments
  • Learn about HIPAA and HITECH
  • Learn about GDPR and CCPA
  • Understand the Breach Notification Requirements

Data Privacy and Privacy Regulations (GDPR / CCPA) Part II

  • Course ID: CS00107
  • Duration: 60 mins
  • CPE: 1 HR
  • Course Type: e-Learning
Book the course Course Objective

What you will learn:

  • Learn about Privacy Imperative
  • Understand Strategic and Tactical Drivers
  • Learn about Privacy Strategy and Privacy Impact
  • Understand the Private Identifiable Information (PII) and Private Health Information
  • (PHI) data
  • Learn about Privacy Impact Assessments
  • Learn about HIPAA and HITECH
  • Learn about GDPR and CCPA
  • Understand the Breach Notification Requirements

FedRAMP Fundamentals Part I

  • Course ID: CO00801
  • Duration: 60 mins
  • CPE: 1 HR
  • Course Type: e-Learning
Book the course Course Objective

What you will learn:

  • Understand FedRAMP
  • Learn about the importance of FedRAMP 
  • Learn the FedRAMP Strategy and Plan
  • Understand FedRAMP Preparations
  • Understand cloud security opportunities and FedRAMP Benefits
  • Study about FedRAMP certification process
  • Learn the program steps to become FedRAMP compliant
  • Study the Independent Verification and Validation Requirement
  • Learn about certification authorities, governance and stakeholders

FedRAMP Fundamentals Part II

  • Course ID: CO00802
  • Duration: 60 mins
  • CPE: 1 HR
  • Course Type: e-Learning
Book the course Course Objective

What you will learn:

  • Overview of FedRAMP process
  • Study about FedRAMP certification process
  • Understand the FedRAMP from an agency’s perspective
  • Understand the FedRAMP Standard Operating Procedures
  • Learn about the initial review SOP/checklists
  • Learn about the detailed review checklists
  • Understand the review and approve procedure
  • Understand the authorization process

FedRAMP Fundamentals Part III

  • Course ID: CO00803
  • Duration: 60 mins
  • CPE: 1 HR
  • Course Type: e-Learning
Book the course Course Objective

What you will learn:

  • Understand the FedRAMP
  • Study the FedRAMP Security Assessment Framework
  • Categorize
  • Select
  • Implement
  • Assess
  • Authorize
  • Monitor
  • Learn about NIST Special Publications history
  • Understand NIST 800-53, 800-18, 800-30, 800-37, 800-70, 800-60
  • Learn about implementing NIST 800-53 Special Publications

Foreign Corrupt Practices Act (FCPA) and UK Bribery Act 2010 Part II

  • Course ID: CO00302
  • Duration: 60 mins
  • CPE: 1 HR
  • Course Type: e-Learning
Book the course Course Objective

What you will learn:

  • Overview of the FCPA
  • Study the implications of the FCPA
  • Learn about the enforcement and penalties
  • Study the U.S. Sentencing guidelines
  • Understand the SEC and DOJ FCPA guidance
  • Study the DOJ and SEC hallmarks of an effective compliance program
  • Learn about the DOJ’s evaluation of compliance programs
  • Learn about UK Bribery Act 2010
  • Study the UK Bribery Act 2010 provisions
  • Study the consequences of non-compliance with the Bribery Act 2020 – Case Study

Foreign Corrupt Practices Act (FCPA) Part I - Awareness

  • Course ID: CO00301
  • Duration: 60 mins
  • CPE: 1 HR
  • Course Type: e-Learning
Book the course Course Objective

What you will learn:

  • Foreign Corrupt Practices Act (FCPA) Global Perspective
  • Overview of the FCPA and UK Bribery Act
  • FCPA Key Concepts
  • Anything of Value
  • Foreign Officials
  • Persons Subject to the FCPA
  • Implications of the FCPA
  • Consequences of Non-Compliance
  • Enforcement and Penalties
  • Effective Compliance Program & amp; Red Flags
  • DOJ’s Evaluation of Compliance Programs

General Data Protection Regulation (GDPR) Part II

  • Course ID: CO00702
  • Duration: 60 mins
  • CPE: 1 HR
  • Course Type: e-Learning
Book the course Course Objective

What you will learn:

  • Learn about data Subject Rights
  • Learn about Accountability and Governance principle
  • Understand Privacy by Design
  • Learn about the Data Protection Officer Role
  • Study the privacy Codes of Conduct principle
  • Understand Data Protection Impact Assessments (DPIA)

General Data Protection Regulation (GDPR) Part III

  • Course ID: CO00703
  • Duration: 60 mins
  • CPE: 1 HR
  • Course Type: e-Learning
Book the course Course Objective

What you will learn:

  • Learn about the Data Protection Officer’s (DPO) – Appointing DPO, DPO responsibilities, etc.
  • Learn how to implement GDPR security principal requirements
  • Understand rules related to international transfers
  • Learn about exemptions rules
  • Learn about GDPR data breach communication requirements
  • Understand the penalties for violation of GDPR requirements
  • Study the principles applicable to use of data for law enforcement purposes
  • Learn how to protect children data and GDPR requirements
  • Study the GDPR 10 step compliance checklist

General Data Protection Regulation (GDPR) Part IV

  • Course ID: CO00704
  • Duration: 60 mins
  • CPE: 1 HR
  • Course Type: e-Learning
Book the course Course Objective

What you will learn:

  • Understand the GDPR articles
  • Learn the 10 steps compliance checklist
  • Study the GDPR implementation approach
  • Learn how to prepare for the project and key concepts
  • Learn about data mapping
  • Study the readiness assessment, gap assessment, and privacy assessment process
  • Learn about data protection by design and by default a key concept
  • Learn to implement data subject rights
  • Understand the Data Protection Impact Assessment (DPIA) Process
  • Learn to amend third-party contracts and review third party procedures
  • Study the different steps to ensure the security of personal and sensitive data
  • Understand how to handle data breaches
  • Study the GDPR compliance audit and training requirement

Health Insurance Portability and Accountability Act (HIPAA) Awareness

  • Course ID: CO00102
  • Duration: 60 mins
  • CPE: 1 HR
  • Course Type: e-Learning
Book the course Course Objective

What you will learn:

  • Learn about HITECH and HIPAA compliance
  • The Security Rule, The Privacy Rule, The Breach Notification Rule, Omnibus
  • Rule. Chapter 181, Texas Medical Records Privacy Act
  • Understand How Health Care Privacy Laws affect your organization
  • Understand HIPAA IT Security Risk Assessment
  • Learn about Administrative, Technical and Physical Safeguards
  • Learn about Covered Entities
  • Learn about Use and Disclosure of PHI
  • Understand How HIPAA and HITECH are Related
  • Learn about HITECH and Breach Notification

HITRUST Part I - Foundation

  • Course ID: CO00601
  • Duration: 60 mins
  • CPE: 1 HR
  • Course Type: e-Learning
Book the course Course Objective

What you will learn:

  • Understand HITRUST basics
  • Learn about HITRUST framework
  • Understand the HITRUST driving factors
  • Study the HITRUST maturity model
  • Understand the HITRUST certification scoring model
  • Learn about the implementation and certification process
  • Study how to certify
  • Understand the criteria for HITRUST certification

HITRUST Part II - Implementation

  • Course ID: CO00602
  • Duration: 60 mins
  • CPE: 1 HR
  • Course Type: e-Learning
Book the course Course Objective

What you will learn:

  • Understand what is HITRUST
  • Learn about the HITRUST CSF components
  • Learn how to calculate HITRUST scores
  • Understand the steps in certification plan and plan considerations
  • Understand HITRUST Implementation Planning use case and learn to implement
  • Learn to calculate risk rating as per HITRUST
  • Understand the corrective action plan (CAP) and documentation
  • Learn how to calculate the CAP risk rating and prioritization

Information Security and Privacy Awareness

  • Course ID: CS00101
  • Duration: 60 mins
  • CPE: 1 HR
  • Course Type: e-Learning
Book the course Course Objective

What you will learn:

  • Learn How to Protect Information
  • Understand the Key Security Terms
  • Learn about Insider Risk
  • Learn about Privately Identifiable Information and Privately Healthcare Information
  • Learn about Physical Security, Facility Security and Clean Desk Policies
  • Learn about Social Engineering and Phishing
  • Learn about Acceptable Personal Use of Corporate Property and Email
  • Learn about Malicious Software and Incident Reporting
  • Learn about User Id and Password Protection
  • Understand Your Responsibility as a User

Information Security Management System (ISMS / ISO 27001) Part I

  • Course ID: CO00304
  • Duration: 60 mins
  • CPE: 1 HR
  • Course Type: e-Learning
Book the course Course Objective

What you will learn:

  • Understand what information and information security is 

  • Understand how to secure information 

  • Know about ISO 27000 compliance family 

  • Learn about ISO 27001and ISO 27002 and benefits of compliance 

  • Learn about ISO 27001 certification and standard 

  • Introduction to implementing ISMS and ISO 27001 

  • Learn about ISMS mandatory processes and documentation 

  • Introduction to ISO 27001 certification Annex A controls Checklist 



Information Security Management System (ISMS / ISO 27001) Part II

  • Course ID: CO00305
  • Duration: 60 mins
  • CPE: 1 HR
  • Course Type: e-Learning
Book the course Course Objective

What you will learn:

    
  • Understand the need for ISMS
  • Learn about ISO 27001certification and ISMS Mandatory Process
  • Introduction to implementing ISMS
  • Learn how to implement ISO 27001 ISMS 11 Step Program
  • Step by Step Guide on implementing ISMS program
  • Learn the practical examples and study the documentation samples
  • Learn about ISO 27001 Annex A Controls Checklist 14 Domains and 35 Control Objectives        
  • ISMS Part III includes implementation details for each control objective along guidance

Payment Card Industry (PCI) Awareness

  • Course ID: CO00201
  • Duration: 60 mins
  • CPE: 1 HR
  • Course Type: e-Learning
Book the course Course Objective

What you will learn:

  • Need for PCI DSS training
  • PCI data security
  • Relationship between PCI DSS and PA DSS
  • PCI DSS scope
  • PCI DSS requirement explained with examples
  • Control costs and gain tangible, real-world insights on best practices
  • Understand PCI compliance before going through an assessment
  • Apply PCI DSS security principles across business

System & Organization Controls (SOC) Part I

  • Course ID: CO00501
  • Duration: 60 mins
  • CPE: 1 HR
  • Course Type: e-Learning
Book the course Course Objective

What you will learn:

  • Learn about the System and Organization Controls (SOC) cybersecurity - SOC 1, SOC 2 and SOC3
  • Understand the businesses that should think about SOC 2
  • Learn about the driving factors for SOC compliance
  • Learn how SOC 2 is different from SOC 1 and other compliance frameworks
  • Understand the difference between a Type I and Type II audit
  • Learn to decide the type of SOC report the organizations needs to have
  • Learn about the factors driving the audit scope
  • Understand the foundation of SOC 1®, SOC 2®, and SOC 3® Reports
  • Learn about the SOC 2® and SOC 3® Trust Services Principles

System & Organization Controls (SOC) Part II

  • Course ID: CO00502
  • Duration: 60 mins
  • CPE: 1 HR
  • Course Type: e-Learning
Book the course Course Objective

What you will learn:

  • SOC evolution
  • Learn about SOC 2 audit and who can perform the audit
  • Learn how to apply relevant SSAE 18 AICPA Standards
  • SOC 1, SOC 2, SOC 3, SOC 2 +, SOC for Cyber Security and SOC for Supply Chain Reports
  • Understand scope and use 
  • Learn about the purpose and relevant standards 
  • Learn about the subject matter and components of the report 
  • Understand the use case for SOC for Cyber Security and SOC for Supply Chain
  • Learn about SOC 2 + Additional Subject Matter Reports
  • Learn the about TSC Mapping to Standards and Frameworks

System & Organization Controls (SOC) Part III

  • Course ID: CO00503
  • Duration: 60 mins
  • CPE: 1 HR
  • Course Type: e-Learning
Book the course Course Objective

What you will learn:

  • SOC evolution
  • Learn about SOC Report Options
  • In-depth knowledge of:
  • Trust Service Criteria
  • Common Criteria
  • Supplemental Criteria
  • Point of Focus
  • Learn to select the Trust Service Criteria for your organization
  • Understand the underlying expectations under each Trust Service Criteria
  • Understand the importance of Security criteria and why it is mandatory

System & Organization Controls (SOC) Part IV

  • Course ID: CO00504
  • Duration: 60 mins
  • CPE: 1 HR
  • Course Type: e-Learning
Book the course Course Objective

What you will learn:

  • Understand SOC evolution
  • Practical implementation knowledge of:
  • Common Criteria
  • Supplemental Criteria
  • Learn about Generally Accepted Privacy Principles (GAPP)
  • Understand what’s included in SOC report
  • Understand what’s included in Management Assertions and Description of the System
  • Understand the AICPA new guidelines - Description Criteria 200 (DC 200)

System & Organization Controls (SOC) Part V

  • Course ID: CO00505
  • Duration: 60 mins
  • CPE: 1 HR
  • Course Type: e-Learning
Book the course Course Objective

What you will learn:

  • Understand what a system description is
  • Understand the driving factors
  • Learn to write system description essentials
  • Learn to write:o System overview
  • Infrastructure details
  • Relevant Aspects of Controls
  • Complementary User-Entity Controls
  • Learn to describe the control environment, risk assessment process, information communication systems, and control monitoring process
  • Learn the step by step approach to the writing system description

System & Organization Controls (SOC) Part VI

  • Course ID: CO00506
  • Duration: 60 mins
  • CPE: 1 HR
  • Course Type: e-Learning
Book the course Course Objective

What you will learn:

  • Learn how user organization can adopt SOC report
  • Learn to identify the relevant report user organization will need from a vendor
  • Vendor management, due diligence, and SOC report
  • Understand the report content 
  • Understand different types of SOC reports
  • Report fundamentals and report content
  • Trust service criteria
  • What’s included in the SOC report (explained with the report examples):
  • Independent Service Auditor Report
  • Management Assertions
  • Overview of Operations
  • Relevant Aspects of the Control Environment
  • Description of the System
  • Description of Control Objectives, Control, and Results of Testing
  • Complementary User Entity Controls
  • Other Information Provided by Management
  • Learn to identify the type of report vendor shared
  • Understand how to evaluate the report content

System & Organization Controls (SOC) Part VII

  • Course ID: CO00507
  • Duration: 60 mins
  • CPE: 1 HR
  • Course Type: e-Learning
Book the course Course Objective

What you will learn:

  • Learn about trust service criteria and SOC reports
  • Learn how trust service criteria is organized
  • Learn how to prepare SOC Trust Service Criteria Control Documentation 
  • Detailed understanding of requirements
  • Learn how to write controls using suggested controls for each service criteria and category
  • Security, Availability, Processing Integrity, Confidentiality, Privacy 
  • Control Environment, Communication and Information, Risk Assessment, Monitoring Activities, Control Activities, Logical and Physical Access Controls, System Operations, Change Management, Risk Mitigation, Additional Criteria for Availability, Additional Criteria for Confidentiality, Additional Criteria for Processing Integrity, Additional Criteria for Privacy
  • Study the real-life example on how to write controls

The Federal Financial Institutions Examination Council (FFIEC) Part I - Awareness

  • Course ID: CO00406
  • Duration: 60 mins
  • CPE: 1 HR
  • Course Type: e-Learning
Book the course Course Objective

What you will learn:

  • What is FFIEC?
  • Learn about FFIEC Cybersecurity Priorities
  • Understand FFFIEC CAT Inherent Risk Profile Assessment Categories
  • Understand FFIEC Risk Levels• Learn about Inherent Risk Categories and Ratings
  • Understand in detail the FFIEC CAT Maturity Assessment Categories
  • Domain 1: Cyber Risk Management and Oversight
  • Domain 2: Threat Intelligence and Collaboration
  • Domain 3: Cybersecurity Controls
  • Domain 4: External Dependency Management
  • Domain 5: Cyber Incident Management and Resilience Domains, Assessment
  • Factors, Components, and Declaration

The Federal Financial Institutions Examination Council (FFIEC) Part II

  • Course ID: CO00407
  • Duration: 60 mins
  • CPE: 1 HR
  • Course Type: e-Learning
Book the course Course Objective

What you will learn:

  • Role of internal audit in FFIEC risk and maturity
  • Understand FFIEC maturity levels
  • Learn on how to interpret and analyze assessment results
  • Complete case study to provide in-depth understanding and application of principles
  • How to calculate risk for technology and connection type
  • How to create rating summary
  • Learn how to create an inherent risk profile
  • Understand cybersecurity maturity level calculation
  • Learn to document maturity results based on the maturity input
  • Learn to prepare target maturity and maturity result charts
  • Learn to prepare a chart of components
  • Learn to develop roles and responsibilities of the internal audit function
  • Learn to evaluate the cybersecurity maturity assessment
Copyrights © 2020 All Rights Reserved by SecuRetain.