Retention

What you will learn?

• Learning the access control basics
• Understanding the access control challenges
• Understanding authentication factors and multi-factor authentication.
• Developing access control policies and procedures
• Learning about access control models
• Learning about principles of access controls and types of access controls

What you will learn?

• Learning the Access Control Models and Concepts
• Understanding the Types and Categories of Access Controls
• Understanding the Testing of Access Controls
• Learning about Access Control Attacks and Countermeasures
• Learning about Multilevel Security Models
• Learning about Authentication and Authentication Methods
• Learning about common Authentication Protocols.

What you will learn?

• What it is and how does it work?
• Why people and organizations launder money?
• How money laundering works: basic process
• Legal consequences for money laundering, including state and federal (U.S.) penalties
• Applicable laws and regulation
• Insider trading

What you will learn?

• Breach Management
• Effective Breach Response
• Data Breach Checklist
• Breach Notification Notice Content
• Notification Timelines
• Lifecycle of a Data Breach
• Public Relations Strategy

What you will learn?

• What is the importance of a breach notification?
• What is a data breach?
• In what circumstances would notification of a data breach be required and to whom?
• When and how should notification of a data breach be provided?
• Framework for Effective Data Breach Notification Legislation
• Timing of Notification to Affected Individuals
• Post Data Breach Immediate Action Items
• Breach Notification to Authorities

What you will learn?

• Disaster
• Business Continuity and Disaster Recovery
• Use Cases
• Risks Covered by DR
• Driving Factors
• Challenges in Developing DR Plan
• Technical Challenges
• Key Factors in DR Plan

What you will learn?

• Cloud Security
• Cloud Basics - Cloud Concepts, Architecture and Design
• Cloud Service Models
• Cloud Risk Landscape
• Cloud Security Domains
• Cloud Data Security
• Cloud and AWS
• Cloud and Azure
• Cloud Application Security Basics

What you will learn?

• Learn about Privacy Imperative
• Understand Strategic and Tactical Drivers
• Learn about Privacy Strategy and Privacy Impact
• Understand the Private Identifiable Information (PII) and Private Health Information
• (PHI) data
• Learn about Privacy Impact Assessments
• Learn about HIPAA and HITECH
• Learn about GDPR and CCPA
• Understand the Breach Notification Requirements

What you will learn?

• Learn about Privacy Imperative
• Understand Strategic and Tactical Drivers
• Learn about Privacy Strategy and Privacy Impact
• Understand the Private Identifiable Information (PII) and Private Health Information
• (PHI) data
• Learn about Privacy Impact Assessments
• Learn about HIPAA and HITECH
• Learn about GDPR and CCPA
• Understand the Breach Notification Requirements

What you will learn?

What you will learn?

• Identify potential risk while working remotely
• Corporate data and information systems security
• Physical access control
• Email Security and practical examples

What you will learn?

• Understand FedRAMP
• Learn about the importance of FedRAMP 
• Learn the FedRAMP Strategy and Plan
• Understand FedRAMP Preparations
• Understand cloud security opportunities and FedRAMP Benefits
• Study about FedRAMP certification process
• Learn the program steps to become FedRAMP compliant
• Study the Independent Verification and Validation Requirement
• Learn about certification authorities, governance and stakeholders

What you will learn?

• Overview of FedRAMP process
• Study about FedRAMP certification process
• Understand the FedRAMP from an agency’s perspective
• Understand the FedRAMP Standard Operating Procedures
• Learn about the initial review SOP/checklists
• Learn about the detailed review checklists
• Understand the review and approve procedure
• Understand the authorization process

What you will learn?

• Overview of the FCPA
• Study the implications of the FCPA
• Learn about the enforcement and penalties
• Study the U.S. Sentencing guidelines
• Understand the SEC and DOJ FCPA guidance
• Study the DOJ and SEC hallmarks of an effective compliance program
• Learn about the DOJ’s evaluation of compliance programs
• Learn about UK Bribery Act 2010
• Study the UK Bribery Act 2010 provisions
• Study the consequences of non-compliance with the Bribery Act 2020 – Case Study

What you will learn?

• Foreign Corrupt Practices Act (FCPA) Global Perspective
• Overview of the FCPA and UK Bribery Act
• FCPA Key Concepts
• Anything of Value
• Foreign Officials
• Persons Subject to the FCPA
• Implications of the FCPA
• Consequences of Non-Compliance
• Enforcement and Penalties
• Effective Compliance Program & amp; Red Flags
• DOJ’s Evaluation of Compliance Programs

What you will learn?

• Understand Fraud and Examples of Fraud
• Understand the Different Types of Fraud
• The Scale of the Problem
• Learn about Fraud Triangle Components
• Understand the Fraud Tree
• Learn about Factors Contributing to Fraudulent Behavior or Why People Commit Fraud
• Learn about Who Commits Fraud
• Knowledge of Common Fraud Schemes
• Understand Fraud Response
• Management Preventive Steps

What you will learn?

• Understand Fraud Basics
• Learn Fraud Risk Management Basics
• Understand How to Document Roles and Responsibilities
• Understand the Objectives of Fraud Risk Management Program
• Learn How to Develop a Fraud Risk Management Program
• Understand Fraud Risk Management Framework Basics
• Understand the Importance of Fraud Risk Governance
• Learn How to Plan for Fraud Risk Assessments
• Learn About Effective Fraud Risk Assessment Requirements

What you will learn?

• Understand the GDPR driving factors
• Learn about different type of PII data
• Learn about identifiable personal information
• Understand GDPR basics
• Learn about the controllers and processor
• Study GDPR principles
• Understand the six lawful bases for processing

What you will learn?

• Learn about data Subject Rights
• Learn about Accountability and Governance principle
• Understand Privacy by Design
• Learn about the Data Protection Officer Role
• Study the privacy Codes of Conduct principle
• Understand Data Protection Impact Assessments (DPIA)

What you will learn?

• Learn about HIPAA and HITECH
• The Security Rule, The Privacy Rule, The Breach Notification Rule, Omnibus
• Rule. Chapter 181, Texas Medical Records Privacy Act
• Understand How Health Care Privacy Laws affect your organization
• Understand HIPAA IT Security Risk Assessment
• Learn about Administrative, Technical and Physical Safeguards
• Learn about Covered Entities
• Learn about Use and Disclosure of PHI
• Understand How HIPAA and HITECH are Related
• Learn about HITECH and Breach Notification

What you will learn?

• Understand HITRUST basics
• Learn about HITRUST framework
• Understand the HITRUST driving factors
• Study the HITRUST maturity model
• Understand the HITRUST scoring model
• Learn about the implementation and certification process
• Study how to certify
• Understand the criteria for certification

What you will learn?

• Understand what is HITRUST
• Learn about the HITRUST CSF components
• Learn how to calculate HITRUST scores
• Understand the steps in certification plan and plan considerations
• Understand HITRUST Implementation Planning use case and learn to implement
• Learn to calculate risk rating as per HITRUST
• Understand the corrective action plan (CAP) and documentation
• Learn how to calculate the CAP risk rating and prioritization

What you will learn?

• Understandthe need for ISMS
• Learnabout ISO 27001certification and ISMS Mandatory Process
• Introductionto implementing ISMS
• Learnhow to implement ISO 27001 ISMS 11 Step Program
• Stepby Step Guide on implementing ISMS program
• Learnthe practical examples and study the documentation samples
• Learnabout ISO 27001 Annex A Controls Checklist 14 Domains and 35 Control Objectives        
• ISMSPart III includes implementation details for each control objective alongguidance

What you will learn?

• Brief about Incident and Incident Management (IM)
• Incident Management Objectives
• What is a Security Incident Management?
• Incident, Problem, and Service Request
• Incident Management Key Concepts
• Incident Management Process and ITIL
• Incident Management Process Workflow Examples
• Incident Management Process
• Incident Management Process Steps Discussed in Detail
  

What you will learn?

• Learn How to Protect Information
• Understand the Key Security Terms
• Learn about Insider Risk
• Learn about Privately Identifiable Information and Privately Healthcare Information
• Learn about Physical Security, Facility Security and Clean Desk Policies
• Learn about Social Engineering and Phishing
• Learn about Acceptable Personal Use of Corporate Property and Email
• Learn about Malicious Software and Incident Reporting
• Learn about User Id and Password Protection
• Understand Your Responsibility as a User

What you will learn?

• Brief about Incident and Incident Management (IM) 
• Incident Management Objectives
• What is a Security Incident Management?
• Incident, Problem, and Service Request
• Incident Management Key Concepts
• Incident Management Process and ITIL
• Incident Management Process Workflow Examples
• Incident Management Process 
• Incident Management Process Steps Discussed in Detail

What you will learn?

• Learn about Incident and Incident Management (IM)
• Understand Critical Success Factors (CSF) 
• Understand Key Performance Indicators (KPI) Specific to Incident Management
• Understand Other Process Interfacing with Incident Management
• Learn about ITIL Framework Based Incident Management Process Workflow
• Implementing Incident Management - Detailed Guidance

What you will learn?

• Learn about Information Technology General Controls (ITGCs) basics 
• Study the IT and Risk Control Approach
• Learn to evaluate IT General Controls
• Learn about Auditing Security Administration Controls
• Learn about Auditing Maintenance Controls
• Learn about Auditing Computer Operations Controls
• Learn about Auditing Systems Development Controls
• Learn about Auditing Outsourced Services Controls
• Study the Key Considerations for Effective SOX Testing

What you will learn?

• Study the Sarbanes-Oxley Act (SOX)
• Learn about the COSO framework and its relationship with SOX
• Learn about SOX and Corporate Governance requirements
• Study the internal controls
• Understand the relevance of IT controls for SOX compliance
• Understand the fundamentals of ITGC
• Study the types of IT controls
• Study the general IT process controls and controls testing

What you will learn?

• How do you get malware?
• What malware is and why it is dangerous
• Become familiar with different types of malware and how users can identify them
• How can you tell if you have a malware infection?
• Understand how most malware requires human action to infect a computer
• How to protect against malware?
• How people can avoid malware and what to do (and not to do) if this ever happens

What you will learn?

• Learn about CSF fundamentals
• Learn how to develop a risk-based cybersecurity framework
• Understand the CSF framework core and design
• In-depth knowledge on how to use functions, categories, and subcategories
• Use of risk management principles, best practices, and methodologies
• Understand the CSF implementation tiers and implementation
• Learn about framework profile implementation
• Learn about improving resiliency

What you will learn?

• Learn about CSF fundamentals
• Learn how to establish or improve your cybersecurity program
• Understand the NIST CSF concept and how to implement with the help of case study
• Understand the practical application of CSF framework’s core, design, functions, categories, and subcategories
• Detailed knowledge of functions, categories, and subcategories along with
• informative references from COBIT, ISA, NIST SP 800-53, CIS CSC, ISO 27001, etc.

What you will learn?

• Need for PCI DSS training
• PCI data security
• Relationship between PCI DSS and PA DSS
• PCI DSS scope
• PCI DSS requirement explained with examples
• Control costs and gain tangible, real-world insights on best practices
• Understand PCI compliance before going through an assessment
• Apply PCI DSS security principles across business

What you will learn?

• Privileged Access Management Overview
• Learn about privileges and how are they created, granted, etc.
• Learn about privileged accounts
• Understand the types of privileged accounts
• Study the privileged service accounts
• Learn about privilege related risks and challenges
• Learn about privileged threat vectors – external and internal
• Understand the benefits of privileged access management
• Learn how hackers compromise the privileged accounts.
• Study the privilege access management best practices

What you will learn?

• Learn about privileges and how are they created, granted, etc.
• Learn about the capabilities of PAM software.
• Study the PAM security controls.
• Learn about the PAM solution partner considerations.
• Study about the PAM baseline and ongoing Improvements.
• Study the considerations for selection of PAM.
• Learn hot to protect privileged accounts.

What you will learn?

• Understand basic concepts of problem management
• Learn about the roles and responsibilities associated with the problem
• management process
• Understand the input that triggers the problem management process
• Planning for problem management process implementation and training
• Understand the problem management process implementation guide (step by step approach)
• Understand process inputs and outputs
• Learn about problem management reporting
• Understand the problem management checklist
• Understand the activities and documentation

What you will learn?

• Understand incident vs. problems
• Understand quick fix and permanent problem resolution
• Key definitions and basic concepts for problem management
• Decide whether you need to implement problem control
• Key process activities of the problem management process
• Understand workarounds and solutions
• Developing problem management policy
• Learn about problem management process interfaces
• Critical success factors and key performance indicators

What you will learn?

• Risk Identification – Learn to identify risk
• Risk Assessment - How to assess risk?
• Risk Analysis – How to analyze risk?
• Controls – Learn to develop controls
• Risk Treatment – How to treat risk?
• Risk Management Elements – What are the risk management elements?
• Risk Monitoring – How to monitor risk?
• Risk Management Approach – Learn the process?
• Issue Management Remediation

What you will learn?

• Learn about Ten Different Types of Phishing Attacks
• Understand the Characteristics of Phishing Emails
• Understand Common Methods of Phishing Attacks
• Learn about Escalation and Containment
• Learn about Eradication and Rebuilding
• Learn about Recovery and Aftermath

What you will learn?

• Learn about Social Engineering Attacks
• Social engineering attack techniques
• Steps in social engineering attack
• Types of Social Engineering Attacks
• Phishing attacks
• Telltale signs of phishing attacks
• Detection, Identification, and Tips to Keep You From Being Fooled
• Spear Phishing• Detection telltale signs
• Use cases and phihsing attack detection exercises

What you will learn?

• Learn about the System and Organization Controls (SOC) - SOC 1, SOC 2 and SOC3
• Understand the businesses that should think about SOC 2
• Learn about the driving factors for SOC compliance
• Learn how SOC 2 is different from SOC 1 and other compliance frameworks
• Understand the difference between a Type I and Type II audit
• Learn to decide the type of SOC report the organizations needs to have
• Learn about the factors driving the audit scope
• Understand the foundation of SOC 1®, SOC 2®, and SOC 3® Reports
• Learn about the SOC 2® and SOC 3® Trust Services Principles

What you will learn?

• SOC evolution
• Learn about SOC 2 audit and who can perform the audit
• Learn how to apply relevant SSAE 18 AICPA Standards
• SOC 1, SOC 2, SOC 3, SOC 2 +, SOC for Cyber Security and SOC for Supply Chain Reports
• Understand scope and use 
• Learn about the purpose and relevant standards 
• Learn about the subject matter and components of the report 
• Understand the use case for SOC for Cyber Security and SOC for Supply Chain
• Learn about SOC 2 + Additional Subject Matter Reports
• Learn the about TSC Mapping to Standards and Frameworks

What you will learn?

• What is FFIEC?
• Learn about FFIEC Cybersecurity Priorities
• Understand FFFIEC CAT Inherent Risk Profile Assessment Categories
• Understand FFIEC Risk Levels• Learn about Inherent Risk Categories and Ratings
• Understand in detail the FFIEC CAT Maturity Assessment Categories
• Domain 1: Cyber Risk Management and Oversight
• Domain 2: Threat Intelligence and Collaboration
• Domain 3: Cybersecurity Controls
• Domain 4: External Dependency Management
• Domain 5: Cyber Incident Management and Resilience Domains, Assessment
• Factors, Components, and Declaration

What you will learn?

• Role of internal audit in FFIEC risk and maturity
• Understand FFIEC maturity levels
• Learn on how to interpret and analyze assessment results
• Complete case study to provide in-depth understanding and application of principles
• How to calculate risk for technology and connection type
• How to create rating summary
• Learn how to create an inherent risk profile
• Understand cybersecurity maturity level calculation
• Learn to document maturity results based on the maturity input
• Learn to prepare target maturity and maturity result charts
• Learn to prepare a chart of components
• Learn to develop roles and responsibilities of the internal audit function
• Learn to evaluate the cybersecurity maturity assessment

What you will learn?

• What is vendor/third-party risk management (TPRM)?
• What are third parties?
• What are the common concerns of TPRM?
• Why perform a third-party risk assessment?
• What are the factors driving third-party risk assessment?
• Why do I need a Third-party Risk Management Framework?
• Why do I need a TPRM framework?

What you will learn?

• Why do Organizations need a TPRM framework?
• What are the third-party risk categories and common third-party risks?
• What are the Best Practices for a TPRM Framework?
• What are the TPRM Framework Considerations?
• How to build a TPRM framework?
• How to implement a TPRM framework?