Transparent, accountable, and responsible practices create a robust framework that attracts investors, builds trust with customers, and enhances brand reputation. By adhering to ethical standards and regulatory compliance, companies avoid costly legal pitfalls and safeguard their long-term interests. Efficient decision-making processes and a clear allocation of responsibilities foster agility and adaptability, enabling businesses to seize opportunities and navigate challenges effectively.  

If corporate/organizational governance is so critical, shouldn't it embody the principles and best practices of the sole international standard for organizational governance, ISO 37000? 

Aligning your organization's governance methodology to the ISO 37000 organizational governance standard will not only ensure it has a proper governance framework in place, it will have a governance framework respected by its regulators, investors, customers, and other stakeholders throughout the world. 

Upon completion of this training and professional credentialing program, you and your leadership team will:  

• Understand the principles and best practices good corporate/organizational governance, risk, and compliance management;
• Get a thorough overview of the recommendations of the international standard for good governance - ISO 37000;
• Get practical guidance on designing and implementing a suitable governance framework, complete with structure, strategy, roles, responsibilities, risk oversight, and compliance oversight;
• Leverage ISO best practices to ensure compliance with stakeholder requirements
• Be prepared for the Certified ISO 37000 Governance Professional exam #CGP101.
  

As the foundation session of our risk management training courses (including information security and business continuity), this 3-day risk management strategy training and policy workshop session provides thorough coverage of the ISO 31000 and 31010 standards, as well as setting out advice on the implementation of an ERM initiative. The purpose of the training is to:

• Describe the principles and processes of risk management;
• Provide a thorough overview of the requirements of ISO 31000, ISO 31010, and 27005;
• Give practical guidance on designing and implementing a suitable enterprise risk management framework;
• Establish a firm program starting point by using ISO standards 31000, 31010, and 27005 to build out the initial ERM core policy
• Establish a well-developed risk assessment and risk treatment methodology based upon ISO 31010 and ISO 27005 best practices; and
• Provides pre-requisite training for professional certification as an ISO 31000 Certified Internal Controls Risk Analyst™ (CICRA™).

Board members and C-suite executives learn how ISO 31000 ERM can be leveraged to establish better corporate governance, as well as to provide required risk assessments and risk controls for ISO 9001 Quality Management, ISO 14001 Environmental Management, ISO 27001 Information Security, ISO 22301 Business Continuity/Disaster Recovery, ISO 37001 Anti-Bribery and Anti-Corruption, ISO 45001 OHS, and other ISO organizational management systems.

• Learn ISO leadership requirements for board oversight and C-suite executives
• Learn how to properly scope the risk management program
• Establish formal roles and responsibilities to manage operational risk throughout the enterprise
• Establish risk context criteria for risk acceptance, risk evaluation, and business impact 

Get trained and certified in establishing, managing, operating, and auditing an ISO 37301 Compliance Management System 

Every day, organizations face the ever-increasing need to manage and fulfil regulatory and industry requirements to allow them to conduct business. "Compliance" is no longer simply a legal concern isolated to a legal compliance unit. After all, how the organization operates determines its ability to comply with external stakeholder requirements. This means that compliance requirements permeate all business activities - from procurement, to human resource management, to information management, to manufacturing processes, to environmental management - and on and on. Since complying with one requirement can impact compliance with another requirement, compliance with all of the various requirements in total gets quite complicated. Compliance must be very carefully designed, managed, and monitored - throughout the organization. 

Upon completion of this training and certificate program, you will: 

• Understand the principles and processes of risk governance and management;
• Get a thorough overview of the requirements of ISO 37301:2021;
• Get practical guidance on designing and implementing a suitable compliance management framework;
• Establish a firm program starting point by using ISO standard 37301 to build out the initial Compliance Management core policy. Soft-copy editable templates are provided in the instructor-led class:
  • Complete ISO 37301 Compliance Management System Policy 
  • Procedure for Training and Development Needs Analysis document 
  • ERM Program project kick-off document 
  • Leverage ISO best practices to properly manage and monitor compliance requirements 
  • Leverage ISO best practices to implement controls to ensure compliance with stakeholder requirements
  • Establish compliance monitoring, communication, and reporting 

This 2-day ISO 27001 training and certification workshop provides thorough coverage of the ISO 27000 standards, as well as setting out advice on the implementation of an information security initiative. The purpose of the course is to:

• Describe the principles and processes of information security governance and management;
• Provide thorough coverage of the requirements of ISO 27001;
• Give practical guidance on designing a suitable framework;
• Give practical advice on implementing information security management;
• Prepare you for your ISO 27001 certification exams required for Certified Internal Controls Architect (CICA) professional credentialing;
• Establish a firm program starting point by using ISO 27001, ISO 27002, and 27003 to build out the initial Information Security Management core policy; and
• Partially satisfy the pre-requisite training necessary for professional certification as an ISO 27001 Certified Internal Controls Architect (CICA™).

Based upon the ISO 27001 related auditing standards ISO 27007:2011 and 19011:2011, this one-day course will provide an intensive overview of how to manage an internal audit of an organization's risk management program in along with its corresponding information security management system. It will also provide valuable guidance on conducting the internal audits, on establishing and validating the competence of ISMS auditors, and prepare you for your ISO 27001 lead auditor certification exams required for the well-recognized ISO 27001 Lead Auditor professional certification.

This course  is applicable to those needing to understand or conduct internal or external audits of a risk management system supporting an ISMS, or how to manage an ISO 27001 ISMS audit program. This is the only ISO 27001 Lead Auditor training and professional examination program to incorporate ISO's 27007 standard as core content within its program. Building upon the foundation understanding of the ISO 27005 risk management framework and ISO 27001 framework validated by the Certified Internal Controls Architect credential , the ISO 27001 Lead Auditor certification certifies your ability to audit the formal structure, governance, and policy of an ISO 27001 conforming Information Security Management System (ISMS). Furthermore, the ISO 27001 Lead Auditor certification ensures that you are qualified to assure strategic objectives according to core ISO 27001, 27002, 27003, and 27005 best practices. This IRMCB course partially satisfies the prerequisite training necessary for certification as an ISO 27001 Lead Auditor.

The NIST Cybersecurity Framework provides a policy framework of computer security guidance for how private sector organizations in the United States and around the world can assess and improve their ability to prevent, detect, and respond to cyber attacks. The framework has been translated to many languages, and is used by the governments of Japan and Israel, among others.

An Accessible and Powerful Framework

The NIST CSF is now the go-to playbook for countless organizations for building a robust data protection strategy. It’s structured along five core functions — Identify, Protect, Detect, Respond and Recover — each of which captures and curates the essential goals and actions that should be prioritized across the cybersecurity lifecycle.

Cloud security is not just an option; it's an absolute necessity in today's digital landscape. Protecting your valuable data and assets from relentless cyber threats is paramount. The cloud holds your business's lifeblood, and without robust security measures, you risk financial devastation, loss of sensitive information, and severe reputational damage.

Embracing cloud security ensures uninterrupted operations, customer trust, and compliance with regulations. Don't gamble with your success – invest in cloud security to shield your business from the ever-evolving cyber dangers and gain a competitive edge in this interconnected world. Your future success depends on it.

The purpose of the course is to:

• Provide comprehensive coverage of cloud security concepts and critical elements;
• Give practical advice on implementing cloud security;
• Prepare participants to achieve Cloud Security Alliance's* Certificate of Cloud Security Knowledge (CCSK) professional credential (in-class exam is optional at an additional cost).

*Certified Information Security is not affiliated with Cloud Security Alliance.

This 2-day ISO 22301 business continuity training and policy workshop provides participants with a solid understanding of business continuity management. It is based on industry best practice and guidelines for business continuity and reviews the ISO 22301 Standard for business continuity management. Practical exercises and instructor-led discussions will help students understand the benefits of business continuity management in an organization.

This business continuity training will:

• Describe the principles and processes of business continuity management and governance;
• Provide thorough coverage of the requirements of ISO 22301;
• Give practical guidance on designing a suitable framework and business continuity management strategy;
• Give practical advice on setting up and operating business continuity management;
• Partially satisfy the prerequisite training for eligibility to be certified as an ISO 22301 Certified Business Continuity Strategist™ (CBCS™); and
• Establish a firm program starting point by using ISO 22301 to build out the initial Business Continuity Management core policy.

Building upon the foundation understanding of the ISO 22301 Business Continuity Management System (BCMS) platform learned in "Policy Workshop: ISO 22301 Business Continuity Management", this IRMCB course provides participants with the knowledge, methods, and skills to put the previous course's strategy into practice. It is based on industry best practice and guidelines for business continuity based upon the ISO 22301 and 22313 standards. Again, practical exercises and instructor-led discussions will help students understand the techniques to deploy, test, and maintain business continuity management in an organization. This course will partially satisfy the prerequisite training necessary for eligibility for certification as a Certified ISO 22301 Business Continuity Manager™ (CBCM™).

This five-day workshop will enable participants to:

• Plan, deploy, manage, and manage Anti-bribery Management System in accordance with ISO 37001
• Understand the approaches, methods, measures and techniques required for the effective management of Anti-bribery Management System
• Identifying risk and opportunities associated with an organization
• Support an organization in establishing, implementing, managing and maintaining the Anti-bribery Management System as specified in ISO 37001
• Advise organizations on the anti-bribery good practices
• Prepare an organization for an ISO 37001 audit
• Become eligible for professional certification as a Certified ISO 37001 Anti-Bribery & Corruption Manager™ 

This three-day workshop will enable participants to:

• Assess an organization's current capabilities to properly prevent, detect, investigate, and recover losses resulting from internal fraud or abuse;
• Detect a wide variety internal fraud and corruption, including (but not limited to) purchasing and acquisition fraud, payroll fraud, check fraud, reporting fraud, and abuse of company assets;
• Effectively investigate suspicions of internal fraud or abuse to support recovery of losses, possible termination or disciplinary proceedings, or even potential prosecution; and
• Partially satisfy the prerequisite training necessary to be eligible for certification as a Certified Fraud Control Manager™.

This two-day workshop will give participants the knowledge and skills you need to effectively interview and interrogate witnesses, conspirators, and perpetrators potentially involved with incidents of fraud or abuse. Set into a practical workshop format, important concepts are reinforced through your in-class analysis of real videotaped interviews from actual investigations of two cases of internal employee fraud. This session partially satisfies the prerequisite training necessary to be eligible for certification as a Certified Fraud Control Manager ™.

Advance your career by achieving the gold standard of information security professional designations, Certified Information Systems Security Professional certification by (ISC)2.

Earning the CISSP proves you have what it takes to effectively design, implement and manage a best-in-class cybersecurity program. With a CISSP, you validate your expertise and become an (ISC)² member, unlocking a broad array of exclusive resources, educational tools, and peer-to-peer networking opportunities.

Prove your skills, advance your career, and gain the support of a community of cybersecurity leaders here to support you throughout your career.

Prepare with trusted CISSP exam expert Allen Keele. Anytime, anywhere.

The CISA certification is world-renowned as the standard of achievement for those who audit, control, monitor and assess an organization’s information technology and business systems. The recent quarterly IT Skills and Certifications Pay Index (ITSCPI) from Foote Partners ranked CISA among the most sought-after and highest-paying IT certifications. This certification is a must have for entry to mid-career IT professionals looking for leverage in career growth.

ISACA’s Certified Information Security Manager® (CISM®) certification indicates expertise in information security governance, program development and management, incident management and risk management. If you are a mid-career IT professional aspiring to senior management roles in IT security and control, CISM can get you the visibility you need

ISACA’s Certified in Risk and Information Systems Control™ (CRISC®) certification indicates expertise in identifying and managing enterprise IT risk and implementing and maintaining information systems controls. Gain instant recognition and credibility with CRISC and boost your career! If you are a mid-career IT professional with a focus on IT and cyber risk and control, CRISC can get you the leverage you need to grow in your career.