3103 Associate courses delivered Online

Duration 4 Days 24 CPD hours This course is intended for This is an intermediate-level programming course, designed for experienced .Net developers who wish to get up and running on developing well defended software applications. Real world programming experience with .Net is required. Overview Students who attend Attacking and Securing .Net Web Applications will leave the course armed with the skills required to recognize actual and potential software vulnerabilities and implement defenses for those vulnerabilities. This course begins by developing the skills required to fingerprint a web application and then scan it for vulnerabilities and bugs. Practical labs using current tools and techniques provide students with the experience needed to begin testing their own applications. Students also gain a deeper understanding of how attackers probe applications to understand the runtime environment as well as find potential weaknesses. This course the introduces developers to the most common security vulnerabilities faced by web applications today. Each vulnerability is examined from a .Net perspective through a process of describing the threat and attack mechanisms, recognizing associated vulnerabilities, and, finally, designing, implementing effective defenses. Practical labs reinforce these concepts with real vulnerabilities and attacks. Students are then challenged to design and implement the layered defenses they will need in defending their own applications. There is an emphasis on the underlying vulnerability patterns since the technologies, use cases, and methods of attack as constantly changing. The patterns remain the same through all the change and flux. This 'skills-centric' course is about 50% hands-on lab and 50% lecture, designed to train attendees in secure web application development, coding and design, coupling the most current, effective techniques with the soundest industry practices. Our instructors and mentors are highly experienced practitioners who bring years of current 'on-the-job' experience into every classroom. This lab-intensive course provides hands-on .Net security training that offers a unique look at .Net application security. Beginning with penetration testing and hunting for bugs in .Net web applications, you thoroughly examine best practices for defensively coding web applications, covering all the OWASP Top Ten as well as several additional prominent vulnerabilities. You will repeatedly attack and then defend various assets associated with fully functional web applications and services, driving home the mechanics of how to secure .Net web applications in the most practical of terms. Bug Hunting Foundation Why Hunt Bugs? Safe and Appropriate Bug Hunting/Hacking Scanning Web Applications Scanning Applications Overview Moving Forward from Hunting Bugs Removing Bugs Foundation for Securing Applications Principles of Information Security Bug Stomping 101 Unvalidated Data Injection Broken Authentication Sensitive Data Exposure XML External Entities (XXE) Broken Access Control Bug Stomping 102 Security Misconfiguration Cross Site Scripting (XSS) Deserialization/Vulnerable Components Insufficient Logging and Monitoring Spoofing, CSRF, and Redirects Moving Forward with Application Security Applications: What Next? .NET Issues and Best Practices Making Application Security Real Time Permitting Topics Cryptography Overview .NET Cryptographic Services

Duration 5 Days 30 CPD hours This course is intended for Although there are no mandatory prerequisites, the course is particularly suited for the following audiences: Cybersecurity engineer Cybersecurity investigator Incident manager Incident responder Network engineer SOC analysts currently functioning at entry level with 2+ years of experience Overview After taking this course, you should be able to: Describe the types of service coverage within a SOC and operational responsibilities associated with each. Compare security operations considerations of cloud platforms. Describe the general methodologies of SOC platforms development, management, and automation. Explain asset segmentation, segregation, network segmentation, micro-segmentation, and approaches to each, as part of asset controls and protections. Describe Zero Trust and associated approaches, as part of asset controls and protections. Perform incident investigations using Security Information and Event Management (SIEM) and/or security orchestration and automation (SOAR) in the SOC. Use different types of core security technology platforms for security monitoring, investigation, and response. Describe the DevOps and SecDevOps processes. Explain the common data formats, for example, JavaScript Object Notation (JSON), HTML, XML, CommaSeparated Values (CSV). Describe API authentication mechanisms. Analyze the approach and strategies of threat detection, during monitoring, investigation, and response. Determine known Indicators of Compromise (IOCs) and Indicators of Attack (IOAs). Interpret the sequence of events during an attack based on analysis of traffic patterns. Describe the different security tools and their limitations for network analysis (for example, packet capture tools, traffic analysis tools, network log analysis tools). Analyze anomalous user and entity behavior (UEBA). Perform proactive threat hunting following best practices. The Performing CyberOps Using Cisco Security Technologies (CBRCOR) v1.0 course guides you through cybersecurity fundamentals and prepares you for the role of Information Security Analyst on a Security Operations Center team. You?ll learn to automate for security using cloud platforms and how to apply your knowledge to real-world scenarios Course Outline Understanding Risk Management and SOC Operations Understanding Analytical Processes and Playbooks Investigating Packet Captures, Logs, and Traffic Analysis Investigating Endpoint and Appliance Logs Understanding Cloud Service Model Security Responsibilities Understanding Enterprise Environment Assets Threat Tuning Threat Researching and Threat Intelligence Practices Understanding APIs Understanding SOC Development and Deployment Models Performing Security Analytics and Reports in a SOC Malware Forensics Basics Threat Hunting Basics Additional course details: Nexus Humans Cisco Performing CyberOps Using Cisco Security Technologies (CBRCOR) v1.0 training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Cisco Performing CyberOps Using Cisco Security Technologies (CBRCOR) v1.0 course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 1 Days 6 CPD hours This course is intended for This course does not have any technical knowledge prerequisites for the learners, besides being proficient in using a computer and the Internet. IT and/or AI knowledge is a benefit but not a hard requirement. Given the rapid development of AI and the broad range of its applications in everyday life, it is crucial for anyone to attend this course to update their digital skills in an ever-changing world. It is expected that all learners have registered for a free account of OpenAI ChatGPT at https://chat.openai.com. Overview Discover how AI relates to other 4th industrial revolution technologies Learn about AI, ML, and associated cognitive services Overview of AI development frameworks, tools and services Evaluate the OpenAI ChatGPT4 / ChatGPT3.5 model features in more detail The core aim of this ?AI for beginners? course is to introduce its audience to Artificial Intelligence (AI) and Machine Learning (ML) technologies and allow them to understand the practical applications of AI in their everyday personal and professional life. Moreover, the course aims to provide a handful of demos and hands-on exercises to allow the learners to familiarize themselves with usage scenarios of OpenAI ChatGPT and other Generative AI (GenAI) models. The content of this course has been created primarily by using the OpenAI ChatGPT model. AI theoretical concepts. Introduction to AI, ML, and associated cognitive services (Computer vision, Natural language processing, Speech analysis, Decision making). How AI relates to other 4th industrial revolution technologies (cloud computing, edge computing, internet of things, blockchain, metaverse, robotics, quantum computing). AI model classification by utilizing mind maps and the distinctive role of Gen AI models. Introduction to the OpenAI ChatGPT model and alternative generative AI models. Familiarization with the basics of the ChatGPT interface (https://chat.openai.com). Talking about Responsible AI: Security, privacy, compliance, copyright, legal challenges, and ethical implications. AI practical applications Overview of AI development frameworks, tools and services. AI aggregators review. Hand-picked AI tool demos: a.Workplace productivity and the case of Microsoft 365 Copilot. b.The content creation industry. Create text, code, images, audio and video with Gen AI. c.Redefining the education sector with AI-powered learning. Evaluate the OpenAI ChatGPT4 / ChatGPT3.5 model features in more detail: a.Prompting and plugin demos. b.Code interpreter demos. Closing words. Discussion with an AI model on the future of AI. Additional course details: Nexus Humans AI for beginners training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the AI for beginners course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 2 Days 12 CPD hours This course is intended for This is an intermediate level training course, designed for experienced Java developers and architects who need to identify, design, and implement web services. We will explore and apply the terminology, the specification, the processes and technologies specific to web services. Students should have at least a year of practical development experience with Java and servlets, and should be familiar with XML and JSON. Overview This 'skills-centric' course is about 50% hands-on lab and 50% lecture, designed to train attendees in core RESTful development skills, coupling the most current, effective techniques with the soundest industry practices. Working within in a hands-on learning environment, guided by our expert team, attendees will learn to: Understand and apply the basic concepts of REST Understand and intelligently discuss the similarities and differences between RESTful services and SOAP-based services Appreciate the security concerns associated with RESTful services Design, develop, and deploy real-world RESTful Services Effectively define and design endpoints Work with query parameters Determine the best format to use for exchanging data Understand the principles associated with HTTP methods and how to stay congruent to them Extend the semantics of the RESTful service beyond the HTTP methods Implement RESTful services using JAX-RS to Handle various HTTP methods Use different approaches for parameters Deal with content negotiation Work with different data formats including XML and JSON Handle exceptions Implement RESTful Java clients Develop JAX-RS Java clients using the JAX-RS 2.0 Client API Manage different Web targets Deal with content negotiation on the client Work with different data formats including XML and JSON Properly process server responses Implement JAX-RS Filters and Interceptors Intercept and manipulate service requests and responses Dynamically register interceptor to resources Understand the concept of NameBinding Discover asynchronous JAX-RS processing Implement an asynchronous JAX-RS service endpoint Register response listeners Geared for experienced Java developers, Java REST Essentials is a two day, lab-intensive services training course that introduces developers to the core concepts, principles, and Java implementations for RESTful services. Today's development environments are increasingly dominated by sophisticated tooling that makes the implementation of RESTful services less arduous. The proper design of these services is far more complex and demanding. Java RESTful Service Essentials focuses on providing an understanding of the fundamental principles and technologies that are used in building these services. This understanding is critical to being able to diagnose, troubleshoot, tune, and perform other lifecycle activities. Session: Working with REST Overview of REST Designing RESTful Services JAX-RS Lesson: Introduction to JAX-RS @Path: URI Matching JAX-RS Content Negotiation JAX-RS Request and Response JAX-RS Client API JAX-RS Filters and Interceptors Asynchronous JAX-RS Additional course details: Nexus Humans Java REST Essentials (TT7305) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Java REST Essentials (TT7305) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for Senior Linux system administrators who use high-availability clustering and fault-tolerant shared storage technologies to maximize resiliency of production services. Overview Install and configure a Pacemaker-based high availability cluster. Create and manage highly available services. Troubleshoot common cluster issues. Work with shared storage (iSCSI) and configure multipathing. Implement Logical Volume Manager (LVM) in cluster-aware configurations. Configure GFS2 file systems on storage shared by multiple nodes. Deploy reliable, available critical production services in a high availability cluster In the Red Hat High Availability Clustering (RH436) course, you will learn how to provide highly available network services to a mission-critical enterprise environment through the deployment and management of shared storage and server clusters. Created for senior Linux system administrators, this 4-day course strongly emphasizes lab-based activities. You will set up a cluster of systems running the Pacemaker component of the Red Hat Enterprise Linux High-Availability Add-On, and deploy Linux-based services such as web servers and databases on that cluster. Cluster storage components from the Resilient Storage Add-On are also covered; installations and applications that require multiple cluster nodes can access the same storage simultaneously. This includes Logical Volume Manager (LVM) Shared Volume Groups, Red Hat Global File System 2 (GFS2), and Device-Mapper Multipath. This course is based on Red Hat Enterprise Linux 8.3. Prerequisites Red Hat Certified System Administrator (RHCSA) exam (EX200) and associated courses. Red Hat Cerfitied Engineer (RHCE) exam (EX294) and associated courses. 1 - Creating high availability clusters Create a basic high availability cluster. 2 - Managing cluster nodes and quorum Manage node membership in the cluster and describe how it impacts cluster operation. 3 - Isolating malfunctioning cluster nodes Isolate unresponsive cluster nodes to protect data and recover services and resources after a failure. 4 - Creating and configuring resources Create basic resources and resource groups to provide highly available services. 5 - Troubleshooting high availability clusters Identify, diagnose, and fix cluster issues. 6 - Automating cluster and resource deployment Deploy a new high availability cluster and cluster resources using Ansible automation. 7 - Managing two-node clusters Operate two-node clusters while identifying and avoiding issues specific to a two-node cluster configuration. 8 - Accessing iSCSI storage Configure iSCSI initiators on your servers to access block-based storage devices provided by network storage arrays or Ceph storage clusters. 9 - Accessing storage devices resiliently Configure resilient access to storage devices that have multiple access paths. 10 - Configuring LVM in clusters Select, configure, and manage the correct LVM configuration for use in your cluster. 11 - Providing storage with the GFS2 cluster file system Use the GFS2 cluster file system to simultaneously pProvide tightly coupled shared storage that can be accessed by multiple nodes. 12 - Eliminating single points of failure Identify and eliminate single points of failure in your cluster to decrease risk and increase average service availability. Note: Course outline is subject to change with technology advances and as the nature of the underlying job evolves. For questions or confirmation on a specific objective or topic, please contact a training specialist. Additional course details: Nexus Humans Red Hat High Availability Clustering (RH436) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Red Hat High Availability Clustering (RH436) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 2 Days 12 CPD hours This course is intended for The intended audience for this comprehensive course on Information Assurance and STIGs includes professionals with roles such as: IT professionals - System administrators, network engineers, and security analysts who are responsible for maintaining and securing IT infrastructure and web applications. Developers - Software engineers and web developers who design, implement, and maintain web applications, and need to integrate security best practices throughout the development process. Project teams - Cross-functional teams that collaborate on application development projects, including members from development, testing, and deployment teams. Technical leads - Senior software engineers or architects who oversee technical aspects of projects and ensure the implementation of secure design and coding practices. Project managers - Professionals responsible for planning, executing, and closing projects, ensuring that security requirements are met throughout the project lifecycle. Overview Working in an interactive learning environment, guided by our application security expert, you'll explore: The concepts and terminology behind defensive coding Threat Modeling as a tool in identifying software vulnerabilities based on realistic threats against meaningful assets The entire spectrum of threats and attacks that take place against software applications in today's world The role that static code reviews and dynamic application testing to uncover vulnerabilities in applications The vulnerabilities of programming languages as well as how to harden installations The basics of Cryptography and Encryption and where they fit in the overall security picture The requirements and best practices for program management as specified in the STIGS The processes and measures associated with the Secure Software Development (SSD) The basics of security testing and planning Understand the concepts and terminology behind defensive coding Understand Threat Modeling as a tool in identifying software vulnerabilities based on realistic threats against meaningful assets Learn the entire spectrum of threats and attacks that take place against software applications in today's world Discuss the role that static code reviews and dynamic application testing to uncover vulnerabilities in applications Understand the vulnerabilities of programming language as well as how to harden installations Understand the basics of Cryptography and Encryption and where they fit in the overall security picture Understand the fundamentals of XML Digital Signature and XML Encryption as well as how they are used within the web services arena Understand the requirements and best practices for program management as specified in the STIGS Understand the processes and measures associated with the Secure Software Development (SSD) Understand the basics of security testing and planning The Information Assurance (STIG) Overview is a comprehensive two-day course that delves into the realm of Information Assurance, empowering you to enhance your cybersecurity skills, understand the essentials of STIGs, and discover cutting-edge web application security practices. This immersive experience is tailored for IT professionals, developers, project teams, technical leads, project managers, testing/QA personnel, and other key stakeholders who seek to expand their knowledge and expertise in the evolving cybersecurity landscape. The course focuses on the intricacies of best practices for design, implementation, and deployment, inspired by the diverse and powerful STIGs, ultimately helping participants become more proficient in application security.The first half of the course covers the foundations of DISA's Security Technical Implementation Guides (STIGs) and learn the ethical approach to bug hunting, while exploring the language of cybersecurity and dissecting real-life case studies. Our expert instrtors will guide you through the importance of respecting privacy, working with bug bounty programs, and avoiding common mistakes in the field.The next half delves into the core principles of information security and application protection, as you learn how to identify and mitigate authentication failures, SQL injections, and cryptographic vulnerabilities. You?ll gain experience with STIG walkthroughs and discover the crucial steps for securing web applications.Throughout the course, you'll also explore the fundamentals of application security and development, including checklists, common practices, and secure development lifecycle (SDL) processes. You?ll learn from recent incidents and acquire actionable strategies to strengthen your project teams and IT organizations. You'll also have the opportunity to explore asset analysis and design review methodologies to ensure your organization is prepared to face future cybersecurity challenges. DISA's Security Technical Implementation Guides (STIGs) The motivations behind STIGs Requirements that the various software development roles must meet Implementing STIG requirements and guidelines Why Hunt Bugs? The Language of CyberSecurity The Changing Cybersecurity Landscape AppSec Dissection of SolarWinds The Human Perimeter Interpreting the 2021 Verizon Data Breach Investigation Report First Axiom in Web Application Security Analysis First Axiom in Addressing ALL Security Concerns Lab: Case Study in Failure Safe and Appropriate Bug Hunting/Hacking Working Ethically Respecting Privacy Bug/Defect Notification Bug Bounty Programs Bug Hunting Mistakes to Avoid Principles of Information Security Secuity Is a Lifecycle Issue Minimize Attack Surface Area Layers of Defense: Tenacious D Compartmentalize Consider All Application States Do NOT Trust the Untrusted Identification and Authentication Failures Applicable STIGs Quality and Protection of Authentication Data Proper hashing of passwords Handling Passwords on Server Side Session Management HttpOnly and Security Headers Lab: STIG Walk-Throughs Injection Applicable STIGs Injection Flaws SQL Injection Attacks Evolve Drill Down on Stored Procedures Other Forms of Server-Side Injection Minimizing Injection Flaws Client-side Injection: XSS Persistent, Reflective, and DOM-Based XSS Best Practices for Untrusted Data Lab: STIG Walk-Throughs Applications: What Next? Common Vulnerabilities and Exposures CWE/SANS Top 25 Most Dangerous SW Errors Strength Training: Project Teams/Developers Strength Training: IT Organizations Cryptographic Failures Applicable STIGs Identifying Protection Needs Evolving Privacy Considerations Options for Protecting Data Transport/Message Level Security Weak Cryptographic Processing Keys and Key Management Threats of Quantum Computing Steal Now, Crack Later Threat Lab: STIG Walk-Throughs Application Security and Development Checklists Checklist Overview, Conventions, and Best Practices Leveraging Common AppSec Practices and Control Actionable Application Security Additional Tools for the Toolbox Strength Training: Project Teams/Developers Strength Training: IT Organizations Lab: Recent Incidents SDL Overview Attack Phases: Offensive Actions and Defensive Controls Secure Software Development Processes Shifting Left Actionable Items Moving Forward Lab: Design Study Review Asset Analysis Asset Analysis Process Types of Application-Related Assets Adding Risk Escalators Discovery and Recon Design Review Asset Inventory and Design Assets, Dataflows, and Trust Boundaries Risk Escalators in Designs Risk Mitigation Options

The Power of Self Esteem | Register here to attend a Taster 'You Yourself As Much As Anybody In The Entire Universe deserve Your Love and Affection' Self-esteem is our idea of our own basic worth, and it has its roots in our childhood. Early on, our self worth is associated with how others see us or it is linked with our achievements. No matter what we do in life, we can still feel disappointed because our self-esteem depends on others or on what we perceive as our successes or failures. Find out how you can change this! This taster event introduces you to a 2-day Course with MTL Licensed Facilitators, Champions and Coaches Issy Crocker & Pam Barmby which is taking place in March 2024. In a warm and supportive atmosphere the course teaches you simple and practical tools. Audio material summarizes each session, so you can continue to apply what you learned after the course is over. If you engage in Continuing Professional Development this course counts up to 18 CPD hours. You will receive a certificate after we receive your completed post-course evaluation. This course forms part of The More To Life Programme. Course Dates: Sat 2- Sun 3 March 2024 | 9am - 7pm (BST) Location: Wadsworth Community Centre, Billy Lane, Old Town, Hebden Bridge, West Yorkshire HX7 8RY If you want to find out more, contact: Issy.crocker@moretolife.org or phone 07832 288439 or pam.barmby@moretolife.org or phone 07484 215770 If you want to register for the course before attending the Taster, please complete this form https://form.jotform.com/230802833166352

Software comes in a variety of guises - application software, firmware, middleware, system software. Increasingly, however, it doesn't necessarily present that way, especially as the boundaries between software, data and source code are becoming more and more blurred. And as software becomes more complex and more difficult to disentangle, so it becomes harder to manage and to value. But as it becomes more integral to every aspect of a business, so it is ever more important to keep on top of the technical, legal and commercial issues that arise, issues such as: To address these issues, organisations need a process for evaluating their current situation from all perspectives and for identifying the key actions they need to take to ensure holistic management of their software. This very practical programme will help set your organisation on the right path. Note: this is an indicative agenda, to be used as a starting point for a conversation between client and consultant, depending on the organisation's specific situation and requirements. This programme is designed to give you a deeper understanding of: The technical, legal and commercial risks associated with software development, procurement, use and commercial exploitation The most appropriate processes and responsibilities for managing those risks Note: this is an indicative agenda, to be used as a starting point for a conversation between client and consultant, depending on the organisation's specific situation and requirements. 1 Software business model What is the software business model? What options exist? Has the software business model been thoroughly reviewed to ensure its viability? This means fully understanding the market opportunity, the business environment and customer and end-user expectations. 2 Technology What are the technologies? How has the technology selection been validated considering the competitiveness, structure, and potential for future innovation? 3 UI and UX What is the UI and UX? How to best articulate this? Has the user interface and user experience been studied from both a subjective and objective view to give insight into customer behaviour? 4 Legal framework / commercial aspects Has the necessary legal framework or commercial aspects that may impact upon use or operation of the software been understood and risks identified and mitigated? 5 Software development What is the software development process? Are both the business management and development team's processes resilient in order to improve the company's capability and the maturity of the software? 6 Software quality What is quality? What are the metrics around software quality? What is the maturity level, based around a qualitative and quantitative assessment? 7 Intellectual property associated What IP should be considered when it comes to software? Does the company understand both the intellectual property risks and potential opportunities associated with this software? 8 Security What does software security mean in this context? How is it being addressed? 9 An holistic approach Review of roles and responsibilities to ensure appropriate management and protection

Duration 3 Days 18 CPD hours This course is intended for This course is aimed at project team members responsible to implementing cross application business processes in Sales and Distribution and Materials Management. Participants wishing to familiarize themselves with the basic execution of cross-application business processes and implementation in the standard SAP ERP. In this course, participants become familiar with the functions for processing selected cross application business processes in Sales and Distribution and Materials Management, and identify the associated Customizing settings. Course Outline Third-party order processing Cross-company-code sales Stock transfers within a company code Cross-company-code stock transfers Subcontracting Advanced Returns Management (supplier and customer returns)

A flexible, modular-based, programme to heighten participants' awareness of ways in which their operations can affect the environment, the principles of environmental management and the practical steps they need to take as individuals and as an organisation to improve environmental performance. Depending on the course modules selected, this programme will give participants: Increased awareness of relevant environmental issues A greater understanding of, and commitment to, the organisation's environmental management programme Preparation for any responsibilities they may have under an Environmental Management System Further benefits according to options chosen 1 Environmental awareness Definition of 'the environment' Key environmental issuesGlobal warmingOzone depletionAcid rainAir qualityWater pollutionContaminated landLand take and green belt shrinkageResource usageHabitat destruction and species extinctions. Option: This module can be used to explain the key environmental issues related to the activities of your own organisation. Diagrams, photos, pictures, examples and statistics relevant to your own organisation are used where possible to illustrate the points being made. 2 Environmental legislation Key elements of environmental legislation affecting the activities of your organisation - including international, European and UK legislation. Legislation of particular relevance to your organisation - how it affects the operations of your organisation Option: Legislation can be dealt with according to which aspect of the environment it protects (eg, air, water, waste) or which part of your organisation's activities it affects Consequences of breaching legislation 3 Environmental management systems Overview of what an environmental management system isHow is an Environmental Management System (EMS) designed and put together?Key elements (emphasising Plan - Do - Check - Review cycle)The need to continually improve Pros and consReasons for having an EMSBenefits of an EMSConsequences of not managing the environmentCosts of installing an EMS Explanation of ISO 14001 and EMAS standards and guidance as applicable to the EMSs of your organisationOverview of your organisation's EMSHow it was set up / is being developed / operatesWho is responsible for itKey parts of system (eg, environmental policy, objectives and targets) identified and discussedEMS documentation - what and where it is. Workshop option: Brainstorm 'Pros and cons' with the participants, come up with all their ideas for good and bad things about EMS and demonstrate that the 'good' list is longer than the 'bad' 4 Environmental consequences Define what an environmental impact is and discuss how they are determined, with reference to the EMS Identify why we want to determine the environmental consequences of operations and activities; how they are used in the EMS for planning, and reducing the impact on the environment Establish key environmental consequences of construction and operational activities on the site; discuss significance ranking and the control measures in place in your organisation. Workshop option: In small groups, participants are asked to identify the impact on the environment of your organisation's activities or a part of their activities. They are then asked to rank these impacts in terms of their significance, using guidelines provided to help them be aware of the contributing factors (eg, frequency, severity). For a selected number of the impacts, the participants are asked to identify what control measures there are and which of these they play a part in. All stages can be discussed with trainers as a whole group at various stages during the workshop. 5 Protected species, nature conservation and invasive weeds Nature conservation, landscape and visual issues in the planning process - overview of key nature UK wildlife legislation, EIA, appropriate timing of surveys, Hedgerow regulations and landscape and visual impact issues Ecological issues - ecological legislation, significant species, hedgerows Archaeology in the development process - why archaeology is important, organisation in the UK, legislation and planning guidance Construction phase issues and consents - major environmental issues during construction, including water resources and land drainage consents, discharges to land or water, water abstraction, public rights of way, tree protection, waste management, Special waste, noise, good practice pollution control and Environmental Audits Identification and management of invasive weeds - including legal position regarding management 6 Chemicals and fuels handling and storage How health and safety management is closely linked to environmental management of materials Planning - what mechanisms are in place for planning materials use; legislation, guidance and policies which define how to manage materials Materials storage - what are the considerations for storing materials, covering:Labels: what are the different types and what do they tell us?Storage facilities: what are the requirements for safe storage of materials (eg, signs, secondary containment, access, segregation, lids/covers)Handling: safe handling for protecting the environment, organisational procedures, high risk situations (eg, decanting, deliveries), how to reduce the risks (eg, use of funnels, proper supervision, training)COSHH and MSDS: brief explanation of legislation and its role in environmental control of hazardous materials, how to use the information provided by COSHH assessments Option: These sessions can be illustrated with photographs/pictures and examples of good and bad storage and handling practices Workshop Options: Labelling Quiz - quick-fire quiz on what different labels tell us; Build a Storage Facility - participants are asked to consider all the environmental requirements for building a safe storage facility for their organisation 7 On-site control measures Overview of the legislation associated with nuisance issues on site and mitigating problems when they arise Examples of bad practice, including fuel storage tanks and mobile equipment - costs involved with prosecution of fuel spills, remediation costs, management costs, legal fees, bad PR coverage Identification and management of contaminated land and relevant legislation Workshop option: Participants are provided with a site plan containing information on site features, environmental conditions and indications of potential issues 8 Waste management Why worry about waste? - a look at how waste disposal can impact on the environment, illustrated by examples of waste-related incidents, statistics on waste production on national, industry-wide and organisational levels, landfill site space, etc Legislation - overview of the relevant legislation, what the main requirements of the regulations are, what penalties there are, and the associated documentation (waste transfer notes) Waste classification - a more in-depth look at how waste is classified under legislation according to hazardous properties, referring to Environment Agency guidance Handling and storage requirements - what are the requirements of the applicable waste legislation and how are they covered by organisational procedures? Examples of good and bad environmental practice associated with handling and storing waste. Workshop option: 'Brown bag' exercise - participants pass round a bag containing tags each with a different waste printed on. They are asked to pick out a tag and identify the classification and the handling, storage and disposal requirements for the waste they select Waste minimisation - overview of the waste minimisation 'ladder' and its different options (elimination, reduction, reuse and recycling), benefits of waste minimisation, examples of waste minimisation techniques Workshop option: Participants are asked to identify opportunities that actually exist within the organisation for minimising production of waste that are not currently being taken advantage of 9 Auditing Requirements for environmental auditing of operations Auditing the EMS Types of internal and external audits Requirements EMS standards (ISO 14001 and EMAS) Carrying out internal audits and being prepared for external audits Workshop options:Mock audit 'Brown Bag' - can be used either for trainers to test participants as if they were in an audit situation, or for the participants to test each other and practice their auditing technique. The bag contains tags each with a different topic printed on (eg, waste skips); participants pass the bag round and select a tag; they are then questioned by the trainer or another participant about that topic as if they were in an audit situation. If the participants are auditing each other, they will be provided with a set of guidelines to keep in mind during the workshop.Virtual auditing - a more practical workshop where participants review photographs of situations/activities relevant to the organisation's operations. They are asked to identify all the good and bad environmental practices that are occurring in the situations. 10 Incident response What should you do when an incident does happen? What should be in a spill kit? When should you call in the experts? When should you inform the Environment Agency or Environmental Health Officer? Workshop option: The participants are provided with some incident scenarios and asked to develop a response to the incident 11 Monitoring and reporting Environmental monitoring programmes and procedures Monitoring and reporting as control measures for environmental consequences Monitoring and environmental 'STOP' card systems - personal and behavioural monitoring and reporting