340 Audit courses delivered Live Online

Duration 4 Days 24 CPD hours This course is intended for The information protection administrator translates an organization?s risk and compliance requirements into technical implementation. They are responsible for implementing and managing solutions for content classification, data loss prevention (DLP), information protection, data lifecycle management, records management, privacy, risk, and compliance. They also work with other roles that are responsible for governance, data, and security to evaluate and develop policies to address an organization's risk reduction and compliance goals. This role assists workload administrators, business application owners, human resources departments, and legal stakeholders to implement technology solutions that support the necessary policies and controls. Learn how to protect information in your Microsoft 365 deployment. This course focuses on data lifecycle management and information protection and compliance within your organization. The course covers implementation of data loss prevention policies, sensitive information types, sensitivity labels, data retention policies, Microsoft Purview Message Encryption, audit, eDiscovery, and insider risk among other related topics. The course helps learners prepare for the Microsoft Information Protection Administrator exam (SC-400). Prerequisites Foundational knowledge of Microsoft security and compliance technologies. Basic knowledge of information protection concepts. Understanding of cloud computing concepts. Understanding of Microsoft 365 products and services. 1 - Introduction to information protection and data lifecycle management in Microsoft Purview Know your data Protect your data Prevent data loss Govern your data 2 - Classify data for protection and governance Data classification overview Classify data using sensitive information types Classify data using trainable classifiers Review sensitive information and label usage Explore labeled and sensitive content Understand activities related to your data 3 - Create and manage sensitive information types Compare built-in versus custom sensitive information types Create and manage custom sensitive information types Describe custom sensitive information types with exact data match Implement document fingerprinting Create keyword dictionary 4 - Understand Microsoft 365 encryption Learn how Microsoft 365 data is encrypted at rest Understand service encryption in Microsoft Purview Explore customer key management using Customer Key Learn how data is encrypted in-transit 5 - Deploy Microsoft Purview Message Encryption Implement Microsoft Purview Message Encryption Implement Microsoft Purview Advanced Message Encryption Use Microsoft Purview Message Encryption templates in mail flow rules 6 - Protect information in Microsoft Purview Information protection overview Configure sensitivity labels Configure sensitivity label policies Configure auto-labeling policies Manage, monitor, and remediate information protection 7 - Apply and manage sensitivity labels Apply sensitivity labels to Microsoft Teams, Microsoft 365 groups, and SharePoint sites Plan on-premises labeling Configure on-premises labeling for the Unified Labeling Scanner Apply protections and restrictions to email and files Monitor label performance using label analytics 8 - Prevent data loss in Microsoft Purview Data loss prevention overview Identify content to protect Define policy settings for your DLP policy Test and create your DLP policy Prepare Endpoint DLP Manage DLP alerts in the Microsoft Purview compliance portal View data loss prevention reports Implement the Microsoft Purview Extension 9 - Configure DLP policies for Microsoft Defender for Cloud Apps and Power Platform Configure data loss prevention policies for Power Platform Integrate data loss prevention in Microsoft Defender for Cloud Apps Configure policies in Microsoft Defender for Cloud Apps Manage data loss prevention violations in Microsoft Defender for Cloud Apps 10 - Manage data loss prevention policies and reports in Microsoft 365 Configure data loss prevention for policy precedence Implement data loss prevention policies in test mode Explain data loss prevention reporting capabilities Manage permissions for data loss prevention reports Manage and respond to data loss prevention policy violations 11 - Manage the data lifecycle in Microsoft Purview Data Lifecycle Management overview Configure retention policies Configure retention labels Configure manual retention label policies Configure auto-apply retention label policies Import data for Data Lifecycle Management Manage, monitor, and remediate Data Lifecycle Management 12 - Manage data retention in Microsoft 365 workloads Explain retention in Exchange Online Explain retention in SharePoint Online and OneDrive Explain retention in Microsoft Yammer Activate archive mailboxes in Microsoft Exchange Apply mailbox holds in Microsoft Exchange Recover content in Microsoft Exchange 13 - Manage records in Microsoft Purview Records management overview Import a file plan Configure retention labels Configure event driven retention Manage, monitor, and remediate records 14 - Explore compliance in Microsoft 365 Plan for security and compliance in Microsoft 365 Plan your beginning compliance tasks in Microsoft Purview Manage your compliance requirements with Compliance Manager Examine the Compliance Manager dashboard Analyze the Microsoft Compliance score 15 - Search for content in the Microsoft Purview compliance portal Explore Microsoft Purview eDiscovery solutions Create a content search View the search results and statistics Export the search results and search report Configure search permissions filtering Search for and delete email messages 16 - Manage Microsoft Purview eDiscovery (Standard) Explore Microsoft Purview eDiscovery solutions Implement Microsoft Purview eDiscovery (Standard) Create eDiscovery holds Search for content in a case Export content from a case Close, reopen, and delete a case 17 - Manage Microsoft Purview eDiscovery (Premium) Explore Microsoft Purview eDiscovery (Premium) Implement Microsoft Purview eDiscovery (Premium) Create and manage an eDiscovery (Premium) case Manage custodians and non-custodial data sources Analyze case content 18 - Manage Microsoft Purview Audit (Standard) Explore Microsoft Purview Audit solutions Implement Microsoft Purview Audit (Standard) Search the audit log Export, configure, and view audit log records Use audit log searching to investigate common support issues 19 - Prepare Microsoft Purview Communication Compliance Plan for communication compliance Identify and resolve communication compliance workflow Case study--Configure an offensive language policy Investigate and remediate communication compliance alerts 20 - Manage insider risk in Microsoft Purview Insider risk management overview Create and manage insider risk policies Investigate insider risk alerts Take action on insider risk alerts through cases Manage insider risk management forensic evidence Create insider risk management notice templates 21 - Implement Microsoft Purview Information Barriers Explore Microsoft Purview Information Barriers Configure information barriers in Microsoft Purview Examine information barriers in Microsoft Teams Examine information barriers in OneDrive Examine information barriers in SharePoint 22 - Manage regulatory and privacy requirements with Microsoft Priva Create and manage risk management policies Investigate and remediate risk management alerts Create rights requests Manage data estimate and retrieval for rights requests Review data from rights requests Get reports from rights requests 23 - Implement privileged access management Case study--Implementing privileged access management 24 - Manage Customer Lockbox Manage Customer Lockbox requests

Securing Kubernetes training course description This course introduces concepts, procedures, and best practices to harden Kubernetes based systems and container-based applications against security threats. It deals with the main areas of cloud-native security: Kubernetes cluster setup, Kubernetes cluster hardening, hardening the underlying operating system and networks, minimizing microservices vulnerabilities, obtaining supply chain security as well as monitoring, logging, and runtime security. What will you learn Harden Kubernetes systems and clusters. Harden containers. Configure and use Kubernetes audit logs. Securing Kubernetes training course details Who will benefit: Technical staff working with Kubernetes Prerequisites: Kubernetes_for_engineers_course.htm Definitive Docker for engineers Duration 2 days Securing Kubernetes training course contents This course does not only deal with the daily security administration of Kubernetes-based systems but also prepares delegates for the official Certified Kubernetes Security Specialist (CKS) exams of the Cloud Native Computing Foundation (CNCF). Structure: 50% theory 50% hands on lab exercise Module 1: User and authorization management Users and service accounts in Kubernetes Authenticating users Managing authorizations with RBAC Module 2: Supply chain security Vulnerabilit checking for images Image validation in Kubernetes Reducing image footprint Secure image registries Module 3: Validating cluster setup and penetration testing Use CIS benchmark to review the security configuration of Kubernetes components. Modify the cluster components' configuration to match the CIS Benchmark. Penetration testing Kubernetes for known vulnerabilities. Module 4: System hardening Use kernel hardening tools Setup appropriate OS level security domains Container runtime sandboxes Limit network access Module 5: Monitoring and logging Configure Kubernetes audit logs Configure Audit Policies Monitor applications behaviour with Falco

Official BRCGS Storage & Distribution Issue 4: Sites course. Delivered online (Zoom) by a live BRCGS Approved Training Partner. Exam and Certificate fee included in the price.

Course Information Our comprehensive course is used as a gateway to those stepping into the world of auditing clinical studies. Tailored for those already acquainted with Good Clinical Practice (GCP) and those transitioning from other audit disciplines, this programme stands as a pivotal guide. Pre-existing knowledge of GCP will significantly enhance your learning experience in auditing against these guidelines. How is this course run? Engage in immersive workshops providing hands-on practice with auditing techniques in a GCP context. Our seasoned tutors, boasting extensive audit experience, intertwine theory with practical insights drawn from their own professional journeys. What will I learn? A comprehensive understanding of the historical backdrop and objectives driving Good Clinical Practice, incorporating the latest industry developments Solid grounding in quality assurance activities aligned with regulatory standards Insight into potential pitfalls within clinical trials and the pivotal role of auditors in addressing these issues Clarity on the roles and responsibilities inherent to clinical trials auditing Exposure to a diverse range of audit techniques complemented by illustrative examples and supportive documents A nuanced understanding of regulatory inspectors' activities Expanded professional networks to propel your auditing career forward. Benefits include: A clear understanding of the role of the auditor under Good Clinical Practice improved audits Improved Good Clinical Practice compliance for your clinical trials. This course is structured to encourage delegates to: Discuss and develop ideas Solve specific problems Examine particular aspects of Good Clinical Practice. Tutors Tutors will be comprised of (click the photos for biographies): Rosemarie Corrigan EVP Global Quality, Worldwide Clinical Trials Cathy Dove Director and Owner, Dove Quality Solutions Julie Kelly Associate Director, Clinical Quality Assurance, Corcept Therapeutics Susana Tavares Director of Research Quality Assurance, - Programme Please note timings may be subject to alteration. Day 1 12:30 Registration 13:00 Welcome and Objectives for the first day of the course 13:30 Laying the Foundations Introduction to the clinical development process, the concepts of quality assurance, quality control and audit. 14:30 Break 15:00 Patient Protection Requirements for informed consent and ethics committee. Access to source documentation. Including a patient protection exercise. 16:05 Workshop 1 - Case Study on Informed Consent 16:45 End of Day Questions and Answers 17:00 Close of Day Day 2 08:50 Questions and Answers from Day 1 09:00 Effective Site Audits The procedures involved in selecting and setting up audits at investigator sites. 09:40 Workshop 1 - Planning the Effective Audit 10:30 Break 10:45 Source Data Verification The need for and purpose of verifying data. 11:25 Workshop 2 - Source Data Verification 12:30 Lunch 13:30 IMP Management The requirements surrounding the distribution of investigational medicinal products. Accountability from release to destruction. 14:15 Critical Document Audits The conduct of other study specific audits including protocols, databases and reports. 15:00 Break 15:15 Non-compliance Determining the acceptability of data. 16:00 Fraud - Fact or Fiction? How to identify fraud and its consequences 16:45 End of Day Questions and Answers 17:00 Close of Day Day 3 08:50 Questions and Answers from Days 1 and 2 09:00 Auditing Third Parties A review of audits of contract research organisations. 10:00 System Audits The concept of auditing processes across many clinical trials, including a practical exercise in process mapping. 10:45 Break 11:00 Workshop 3 - Process Mapping 11:45 Effective Audits Where theory meets reality. 12:30 Lunch 13:20 Audit Reports - Closing the Loop An examination of the processes which follow the evidence gathering phase of the audit. 14:20 Workshop 4 - Audit Reports Audit reports, corrective and preventive action. 15:00 Break 15:10 Regulatory Inspection Auditors and regulatory inspections -how the QA team can help the organisation to perform during a regulatory inspection. 15:55 Final Questions and Answers 16:10 Close of Course Extra Information Face-to-face course Course Material Course material will be available in PDF format for delegates attending this course. The advantages of this include: Ability for delegates to keep material on a mobile device Ability to review material at any time pre and post course Environmental benefits – less paper being used per course. The material will be emailed in advance of the course and RQA will not be providing any printed copies of the course notes during the training itself. Delegates wishing to have a hard copy of the notes should print these in advance to bring with them. Alternatively delegates are welcome to bring along their own portable devices to view the material during the training sessions. Remote course Course Material This course will be run completely online. You will receive an email with a link to our online system, which will house your licensed course materials and access to the remote event. Please note this course will run in UK timezone. The advantages of this include: Ability for delegates to keep material on a mobile device Ability to review material at any time pre and post course Environmental benefits – less paper being used per course Access to an online course group to enhance networking. You will need a stable internet connection, a microphone and a webcam. CPD Points 17 Points Development Level Develop

Duration 5 Days 30 CPD hours This course is intended for The Certified Ethical Hacking v12 course will significantly benefit security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure. Overview Information security controls, laws, and standards. Various types of footprinting, footprinting tools, and countermeasures. Network scanning techniques and scanning countermeasures Enumeration techniques and enumeration countermeasures Vulnerability analysis to identify security loopholes in the target organization?s network, communication infrastructure, and end systems. System hacking methodology, steganography, steganalysis attacks, and covering tracks to discover system and network vulnerabilities. Different types of malware (Trojan, Virus, worms, etc.), system auditing for malware attacks, malware analysis, and countermeasures. Packet sniffing techniques to discover network vulnerabilities and countermeasures to defend against sniffing. Social engineering techniques and how to identify theft attacks to audit human-level vulnerabilities and social engineering countermeasures. DoS/DDoS attack techniques and tools to audit a target and DoS/DDoS countermeasures. Session hijacking techniques to discover network-level session management, authentication/authorization, and cryptographic weaknesses and countermeasures. Webserver attacks and a comprehensive attack methodology to audit vulnerabilities in webserver infrastructure, and countermeasures. Web application attacks, comprehensive web application hacking methodology to audit vulnerabilities in web applications, and countermeasures. SQL injection attack techniques, injection detection tools to detect SQL injection attempts, and countermeasures. Wireless encryption, wireless hacking methodology, wireless hacking tools, and Wi-Fi security tools. Mobile platform attack vector, android vulnerability exploitations, and mobile security guidelines and tools. Firewall, IDS and honeypot evasion techniques, evasion tools and techniques to audit a network perimeter for weaknesses, and countermeasures. Cloud computing concepts (Container technology, serverless computing), the working of various threats and attacks, and security techniques and tools. Penetration testing, security audit, vulnerability assessment, and penetration testing roadmap. Threats to IoT and OT platforms and defending IoT and OT devices. Cryptography ciphers, Public Key Infrastructure (PKI), cryptography attacks, and cryptanalysis tools. CEH provides an in-depth understanding of ethical hacking phases, various attack vectors, and preventative countermeasures. It will teach you how hackers think and act maliciously so you will be better positioned to setup your security infrastructure and defend against future attacks. An understanding of system weaknesses and vulnerabilities helps organizations strengthen their system security controls to minimize the risk of an incident. CEH was built to incorporate a hands-on environment and systematic process across each ethical hacking domain and methodology, giving you the opportunity to work towards proving the required knowledge and skills needed to achieve the CEH credential. You will be exposed to an entirely different posture toward the responsibilities and measures required to be secure. Now in its 12th version, CEH continues to evolve with the latest operating systems, tools, tactics, exploits, and technologies. 1 - Introduction to Ethical Hacking Information Security Overview Cyber Kill Chain Concepts Hacking Concepts Ethical Hacking Concepts Information Security Controls Information Security Laws and Standards 2 - 2 - Foot-printing and Reconnaissance Footprinting Concepts Footprinting through Search Engines Footprinting through Web Services Footprinting through Social Networking Sites Website Footprinting Email Footprinting Who is Footprinting DNS Footprinting Network Footprinting Footprinting through Social Engineering Footprinting Tools Footprinting Countermeasures 3 - Scanning Networks Network Scanning Concepts Scanning Tools Host Discovery Port and Service Discovery OS Discovery (Banner Grabbing/OS Fingerprinting) Scanning Beyond IDS and Firewall Draw Network Diagrams 4 - Enumeration Enumeration Concepts NetBIOS Enumeration SNMP Enumeration LDAP Enumeration NTP and NFS Enumeration SMTP and DNS Enumeration Other Enumeration Techniques Enumeration Countermeasures 5 - Vulnerability Analysis Vulnerability Assessment Concepts Vulnerability Classification and Assessment Types Vulnerability Assessment Solutions and Tools Vulnerability Assessment Reports 6 - System Hacking System Hacking Concepts Gaining Access Escalating Privileges Maintaining Access Clearing Logs 7 - Malware Threats Malware Concepts APT Concepts Trojan Concepts Virus and Worm Concepts Fileless Malware Concepts Malware Analysis Countermeasures Anti-Malware Software 8 - Sniffing Sniffing Concepts Sniffing Technique: MAC Attacks Sniffing Technique: DHCP Attacks Sniffing Technique: ARP Poisoning Sniffing Technique: Spoofing Attacks Sniffing Technique: DNS Poisoning Sniffing Tools Countermeasures Sniffing Detection Techniques 9 - Social Engineering Social Engineering Concepts Social Engineering Techniques Insider Threats Impersonation on Social Networking Sites Identity Theft Countermeasures 10 - Denial-of-Service DoS/DDoS Concepts DoS/DDoS Attack Techniques BotnetsDDoS Case Study DoS/DDoS Attack Tools Countermeasures DoS/DDoS Protection Tools 11 - Session Hijacking Session Hijacking Concepts Application Level Session Hijacking Network Level Session Hijacking Session Hijacking Tools Countermeasures 12 - Evading IDS, Firewalls, and Honeypots IDS, IPS, Firewall, and Honeypot Concepts IDS, IPS, Firewall, and Honeypot Solutions Evading IDS Evading Firewalls IDS/Firewall Evading Tools Detecting Honeypots IDS/Firewall Evasion Countermeasures 13 - Hacking Web Servers Web Server Concepts Web Server Attacks Web Server Attack Methodology Web Server Attack Tools Countermeasures Patch Management Web Server Security Tools 14 - Hacking Web Applications Web Application Concepts Web Application Threats Web Application Hacking Methodology Web API, Webhooks, and Web Shell Web Application Security 15 - SQL Injection SQL Injection Concepts Types of SQL Injection SQL Injection Methodology SQL Injection Tools Evasion Techniques Countermeasures 16 - Hacking Wireless Networks Wireless Concepts Wireless Encryption Wireless Threats Wireless Hacking Methodology Wireless Hacking Tools Bluetooth Hacking Countermeasures Wireless Security Tools 17 - Hacking Mobile Platforms Mobile Platform Attack Vectors Hacking Android OS Hacking iOS Mobile Device Management Mobile Security Guidelines and Tools 18 - IoT and OT Hacking IoT Hacking IoT Concepts IoT Attacks IoT Hacking Methodology IoT Hacking Tools Countermeasures OT Hacking OT Concepts OT Attacks OT Hacking Methodology OT Hacking Tools Countermeasures 19 - Cloud Computing Cloud Computing Concepts Container Technology Serverless Computing Cloud Computing Threats Cloud Hacking Cloud Security 20 - Cryptography Cryptography Concepts Encryption Algorithms Cryptography Tools Public Key Infrastructure (PKI) Email Encryption Disk Encryption Cryptanalysis Countermeasures Additional course details: Nexus Humans EC-Council Certified Ethical Hacker (CEH) v.12 training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the EC-Council Certified Ethical Hacker (CEH) v.12 course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Overview The course focuses on topics such as the fundamental concepts of auditing and quality management, principles of internal and external audit, auditing processes and tools, principles and practice of root cause analysis, communication and people skills, and other related topics. Students who successfully complete this course will gain the essential knowledge and skills necessary to become successful auditors and work with confidence to improve the processes in their organizations.

Duration 4 Days 24 CPD hours This course is intended for This course is designed for the aspiring or sitting upper-level manager striving to advance his or her career by learning to apply their existing deep technical knowledge to business problems. In this course, students will learn in-depth content in each of the 5 CCISO Domains Domain 01 - Governance Define, Implement, Manage, and Maintain an Information Security Governance Program Information Security Drivers Establishing an information security management structure Laws/Regulations/Standards as drivers of Organizational Policy/Standards/Procedures Managing an enterprise information security compliance program Risk Management Risk mitigation, risk treatment, and acceptable risk Risk management frameworks NIST Other Frameworks and Guidance (ISO 31000, TARA, OCTAVE, FAIR, COBIT, and ITIL) Risk management plan implementation Ongoing third-party risk management Risk management policies and processes Conclusion Domain 2 - Security Risk Management, Controls, & Audit Management INFORMATION SECURITY CONTROLS COMPLIANCE MANAGEMENT GUIDELINES, GOOD AND BEST PRACTICES AUDIT MANAGEMENT SUMMARY Domain 03 - Security Program Management and Operations PROGRAM MANAGEMENT OPERATIONS MANAGEMENT Summary Domain 04 - Information Security Core Concepts ACCESS CONTROL PHYSICAL SECURITY NETWORK SECURITY ENDPOINT PROTECTION APPLICATION SECURITY ENCRYPTION TECHNOLOGIES VIRTUALIZATION SECURITY CLOUD COMPUTING SECURITY TRANSFORMATIVE TECHNOLOGIES Summary Domain 05 - Strategic Planning, Finance, Procurement and Vendor Management STRATEGIC PLANNING Designing, Developing, and Maintaining an Enterprise Information Security Program Understanding the Enterprise Architecture (EA) FINANCE PROCUREMENT VENDOR MANAGEMENT Summary

About this training course This 3-day training will provide a comprehensive understanding on the nature of costs and cost drivers in the E&P industry providing in-depth understanding on the budgeting process, proactive management, effective control and optimization of costs together with focused and relevant performance reporting. Training Objectives After the completion of this training course, participants will learn: Understand the nature of costs and cost drivers in the E&P industry through the Field Life Cycle Purpose of the Budget. Planning and Budgeting models. The Strategic and Medium-term plan Using budgets to make effective decisions. Prepare and understand costs in planning, budgeting & forecasting processes e.g. fixed / variable, capex / opex and routine / non-routine. Cost Accounting. Importance of timely cost capture and accurate recording e.g. VOWD / accruals, consistency of coding and clarity on accountability Strategic solutions in delivering cost optimization - 'do more for less' Management of costs in PSC and JV environments. Avoiding cost leakage and ensuring audit preparedness Cost Control Framework - budgets, AFEs, progress reports and variance analysis. Understanding key components and ensuring seamless interaction Cost Performance Reporting - use of KPI's, variance analysis and trend analysis. Tracking and monitoring cost optimization initiatives and targets Target Audience This training course is suitable and will greatly benefit the following specific groups: Finance staff with accounting and financial management responsibilities Those responsible for devising budgets, managing and controlling budgets Professionals engaged in planning, budgeting and management reporting Finance & Audit staff engaged on cost and financial controls Business unit managers and personnel whose responsibilities include cost management, controlling budgets and performance reporting Course Level Basic or Foundation Training Methods The training instructor relies on a highly interactive training method to enhance the learning process. This method ensures that all participants gain a complete understanding of all the topics covered. The training environment is highly stimulating, challenging, and effective because the participants will learn by case studies which will allow them to apply the material taught in their own organization. Course Duration: 3 days in total (21 hours). Training Schedule 0830 - Registration 0900 - Start of training 1030 - Morning Break 1045 - Training recommences 1230 - Lunch Break 1330 - Training recommences 1515 - Evening break 1530 - Training recommences 1700 - End of Training The maximum number of participants allowed for this training course is 25. This course is also available through our Virtual Instructor Led Training (VILT) format. Trainer Your expert course leader has more than 30 years of experience in the international oil and gas industry, covering all areas of Finance and Audit, including involvement in Commercial roles. During her 19 years with ENI she worked in Italy, Netherlands, Egypt and UK and was CFO for 2 major ENI subsidiaries. She has delivered training courses in Accounting, Audit, Economics and Commercial topics in many Countries. She has a Degree in Economics & Accounting and is a Certified Chartered Accountant. She is also a Chartered Auditor and an International Petroleum Negotiator. Outside of work, she is inspired by the beauty of nature and art, helping disadvantaged people, sports (football, golf) and her cat. Courses Delivered Internationally: E&P Accounting, Auditing in the Oil & Gas Industry Cost Control & Budgeting Introduction to the Oil & Gas Industry Petroleum Project Economics Contracts Strategy International O&G Exploitation Contracts POST TRAINING COACHING SUPPORT (OPTIONAL) To further optimise your learning experience from our courses, we also offer individualized 'One to One' coaching support for 2 hours post training. We can help improve your competence in your chosen area of interest, based on your learning needs and available hours. This is a great opportunity to improve your capability and confidence in a particular area of expertise. It will be delivered over a secure video conference call by one of our senior trainers. They will work with you to create a tailor-made coaching program that will help you achieve your goals faster. Request for further information post training support and fees applicable Accreditions And Affliations

Course Information Join our comprehensive three-day programme designed as an invaluable external training opportunity for auditors, audit programme managers, and individuals subject to audits. This course is tailored to foster a deep understanding and cultivate essential skills for auditing the validation of computer systems intended for GxP environments (GLP, GCP, GMP, GDP, GPvP). Commencing with an overview of regulatory prerequisites and the system life cycle, the course swiftly transitions to focus on the pragmatic aspects of auditing computer system validation. Experience a blend of presentations, interactive discussions, and immersive practical workshops throughout the duration of the course. Delegates will benefit from practical examples of how to understand the framework of applicable regulations and guidance. Apply risk management techniques to audit planning Plan and conduct computerised system audits Assess system validation documentation to verify compliance Evaluate data integrity and security issues Prepare for regulatory inspection. The course is structured to encourage delegates to: Discuss and develop ideas Solve specific problems Understand the vulnerabilities of computerised systems Learn how to create a compliance checklist Link system development with good business practice. Is this course for you? Auditors Audit programme managers Individuals subject to audits. Tutors Tutors will be comprised of (click the photos for biographies): Nichola Stevens Director and Principal Consultant, Nuncius Compliance Solutions Ltd Barry McManus Consultancy Partner, Empowerment Quality Engineering Ltd Programme Please note timings may be subject to alteration. Day 1 09:00 Welcome and Introductions 09:45 Why We Validate and Regulatory Trends 10:30 Break 10:45 Audit Overview, High Level Process and Scheduling 11:30 System Lifecycle 12:30 Lunch 13:15 Exercise 1 - Audit Scheduling 14:45 Exercise 1 - Feedback 15:15 Break 15:30 Validation Deliverables 16:30 Risk Assessments 17:30 Close of Day 1 Day 2 09:00 Supplier Assessment 10:30 Break 10:45 Exercise 2 - Planning a Supplier Audit 12:00 Exercise 2 - Feedback 12:30 Lunch 13:15 Exercise 3 - Auditing a Computerised System Validation Package 15:30 Break 15:45 Exercise 3 - Feedback 16:30 Change Control 17:15 Close of Day Day 3 09:00 Infrastructure Qualification 09:45 Maintaining a Validated State - Operational Processes 11:00 Break 11:15 Exercise 4 - Auditing Systems in Operational Use 12:45 Lunch 13:30 Exercise 4 - Feedback 14:15 Exercise 5 - Auditing Trail Review 15:30 Break 15:45 Exercise 5 - Feedback 16:15 Course Objectives Summary and Any Additional Questions 16:45 Close of Course Extra Information Face-to-face course Course Material Course material will be available in PDF format for delegates attending this course. The advantages of this include: Ability for delegates to keep material on a mobile device Ability to review material at any time pre and post course Environmental benefits – less paper being used per course. The material will be emailed in advance of the course and RQA will not be providing any printed copies of the course notes during the training itself. Delegates wishing to have a hard copy of the notes should print these in advance to bring with them. Alternatively delegates are welcome to bring along their own portable devices to view the material during the training sessions. Remote course Course Material This course will be run completely online. You will receive an email with a link to our online system, which will house your licensed course materials and access to the remote event. Please note this course will run in UK timezone. The advantages of this include: Ability for delegates to keep material on a mobile device Ability to review material at any time pre and post course Environmental benefits – less paper being used per course Access to an online course group to enhance networking. You will need a stable internet connection, a microphone and a webcam. CPD Points 19 Points Development Level Develop

CWSP training course description A hands-on training course concentrating solely on WiFi security with an emphasis on the delegates learning the necessary knowledge and skills to pass the CWSP exam. The course progresses from simple authentication, encryption and key management onto in depth coverage of 802.X and EAP along with many other security solutions such as access control, intrusion prevention and secure roaming. What will you learn Demonstrate the threats to WiFi networks. Secure WiFi networks. Configure: WPA2 RADIUS 802.1x EAP Pass the CWSP exam. CWSP training course details Who will benefit: Technical network staff. Technical security staff. Prerequisites: Certified Wireless Network Associate. Duration 5 days CWSP training course contents WLAN Security overview Standards, security basics, AAA, 802.11 security history. Hands on WLAN connectivity. Legacy 802.11 security Authentication: Open system, shared key. WEP. VPNs. MAC filters. SSID segmentation, SSID cloaking. Hands on Analysing 802.11 frame exchanges, viewing hidden SSIDs. Encryption Basics, AES, TKIP, CCMP, WPA, WPA2. Hands on Decrypting 802.11 data frames. 802.11 layer 2 authentication 802.1X: Supplicant, Authenticator, Authentication server. Credentials. Legacy authentication. EAP, Weak EAP protocols, Strong EAP protocols: EAP -PEAP, EAP-TTLS, EAP-TLS, EAP-FAST. Hands on Analysing 802.1X/EAP frames. 802.11 layer 2 dynamic key generation Robust Security Network. Hands on Authentication and key management. SOHO 802.11 security WPA/WPA2 personal, Preshared Keys, WiFi Protected Setup (WPS). Hands on PSK mapping. WLAN security infrastructure DS, Autonomous APs, WLAN controllers, split MAC, mesh, bridging, location based access control. Resilience. Wireless network management system. RADIUS/LDAP servers, PKI, RBAC. Hands on 802.1X/EAP configuration. RADIUS configuration. 802.11 Fast secure roaming History, RSNA, OKC, Fast BSS transition, 802.11k. Hands on Roaming. Wireless security risks Rogue devices, rogue prevention. Eavesdropping, DOS attacks. Public access and hotspots. Hands on Backtrack. WiFi security auditing Layer 1 audit, layer 2 audit, pen testing. WLAN security auditing tools. WiFi security monitoring Wireless Intrusion Detection and Prevention Systems. Device classification, WIDS/WIPS analysis. Monitoring. 802.11w. Hands on Laptop spectrum analysers. VPNs, remote access, guest access Role of VPNs in 802.11, remote access, hotspots, captive portal. Wireless security policies General policy, functional policy, recommendations.