89 Audit courses in Edinburgh

Penetration testing training course description An advanced technical hands on course focusing on hacking and counter hacking. The course revolves around a series of exercises based on "hacking" into a network (pen testing the network) and then defending against the hacks. What will you learn Perform penetration tests. Explain the technical workings of various penetration tests. Produce reports on results of penetration tests. Defend against hackers. Penetration testing training course details Who will benefit: Technical support staff, auditors and security professionals. Staff who are responsible for network infrastructure integrity. Prerequisites: IP Security IP VPNs Duration 5 days Penetration testing training course contents Introduction Hacking concepts, phases, types of attacks, 'White hacking', What is penetration testing? Why use pen testing, black box vs. white box testing, equipment and tools, security lifecycles, counter hacking, pen testing reports, methodologies, legal issues. Physical security and social engineering Testing access controls, perimeter reviews, location reviews, alarm response testing. Request testing, guided suggestions, trust testing. Social engineering concepts, techniques, counter measures, Identity theft, Impersonation on social media, Footprints through social engineering Reconnaissance (discovery) Footprinting methodologies, concepts, threats and countermeasures, WHOIS footprinting, Gaining contacts and addresses, DNS queries, NIC queries, ICMP ping sweeping, system and server trails from the target network, information leaks, competitive intelligence. Scanning pen testing. Gaining access Getting past passwords, password grinding, spoofed tokens, replays, remaining anonymous. Scanning (enumeration) Gaining OS info, platform info, open port info, application info. Routes used, proxies, firewalking, Port scanning, stealth port scanning, vulnerability scanning, FIN scanning, Xmas tree scanning, Null scanning, spoofed scanning, Scanning beyond IDS. Enumeration concepts, counter measures and enumeration pen testing. Hacking Hacking webservers, web applications, Wireless networks and mobile platforms. Concepts, threats, methodology, hacking tools and countermeasures. Trojan, Backdoors, Sniffers, Viruses and Worms Detection, concepts, countermeasures, Pen testing Trojans, backdoors, sniffers and viruses. MAC attacks, DHCP attacks, ARP poisoning, DNS poisoning Anti-Trojan software, Malware analysis Sniffing tools. Exploiting (testing) vulnerabilities Buffer overflows,, simple exploits, brute force methods, UNIX based, Windows based, specific application vulnerabilities. DoS/DDoS Concepts, techniques, attack tools, Botnet, countermeasures, protection tools, DoS attack pen testing. SQL Injection Types and testing, Blind SQL Injection, Injection tools, evasion and countermeasures. Securing networks 'Hurdles', firewalls, DMZ, stopping port scans, IDS, Honeypots, Router testing, firewall testing, IDS testing, Buffer Overflow. Cryptography PKI, Encryption algorithms, tools, Email and Disk Encryption. Information security Document grinding, privacy.

Overview For internal employees who want to understand and expand their roles related to financial reporting, as well as those who simply need a refresher on financial accounting, this course is the ideal way to get up to speed. By exploring concepts that go beyond basic accounting, this course will enable participants to approach financial auditing with renewed confidence. The programme will walk participants through an analysis of an organization's financial statements using case study exercises, where participants will calculate key ratios and analyze trends over time. Engaging in discussions on both historic and current fraud cases, participants will learn how to recognize “red flags” in financial statement reporting.

Overview The effective management of finances is a fundamental function for any organisation but particularly so in the public sector. Governments, under the scrutiny of the citizens they represent, are increasingly under pressure to improve public services whilst at the same time identifying ways to cut spending and increase efficiency. This programme recognises these difficulties and ensures that participants leave the programme with a full understanding of effective financial management in the public sector - including budgeting systems, auditing, preparing financial statements and tracking expenditure. 

Overview Corporate frauds have the inherent power to bring large organizations to their knees, cause huge monetary loss, prompt lawsuits followed by significant legal expenses, lead to the imprisonment of employees and deteriorate confidence in the market, governments, and institutions. In response, corporations and governments across the globe have stepped up their effort to inspect, prevent and penalize fraudulent practices; resulting in a greater emphasis on the domains of forensic auditing and accounting in the current economy. This training course will empower you to recognize the root causes of fraud and white-collar crime in the current economy, understand the categories of fraud, equip you with methodologies of fraud detection and prevention, and heighten your ability to detect potential fraudulent situations. In addition to the fundamentals of fraud investigation and detection in a digital environment; profit-loss evaluation, analysis of accounting books, legal concepts, and quantification of financial damages are also examined in this course

Overview This Compliance and Risk Management Course is designed for anyone looking for a pathway into this profession and wanting to develop their industry knowledge and skills. It covers the role of the Compliance Officer and compliance department in detail, with step-by-step training in compliance auditing and risk management. This Compliance and Risk Management Training Course will equip you with the fundamental skills needed to identify and manage regulatory risk in your organization, taking you through key topics such as how to implement an efficient Compliance Management System, ethics and compliance, risk types and classifications, and how to design a solid risk management strategy. By the end of this Compliance and Risk Management Training Course, you'll have an excellent understanding of core compliance issues, as well as how to promote a positive compliance culture for your organization, which will give you a head start when it comes to standing out in the relevant job market. 

Windows certificates training course description A hands-on training course concentrating solely on PKI using Windows certificates. What will you learn Explain how PKI works. Install windows certificates. Configure windows certificates. Troubleshoot windows certificates. Windows certificates training course details Who will benefit: Technical security staff. Prerequisites: Windows server. Duration 3 days Windows certificates training course contents PKI Symmetric encryption, asymmetric encryption, authentication, digital signing, hashing, certificates, Certification Authorities, Root CA, Intermediate CA, policy CA, Issuing CA, Certificate Revocation Lists. Hands on Inspecting a certificate. Policies and PKI Security policy, certification policy. CA hierarchy Impact of CAs on Active Directory, CA architecture, number of tiers, issuing CA organisation, CA configuration files. CA security. Hands on CA installation PKI health tool, monitoring. Certificate revocation When to revoke, OCSP. Hands on Revoking certificates. Certificate validation Discovery, validation, checks, revocation checking, certificate chains, certification publication. Hands on Event viewer. Certificate templates Version 1, version 1, default, modifying templates. Hands on Template management. Roles Criteria roles, CA administrator, Certificate manager, Backup operator, Auditor. Other PKI management roles. Disaster recovery Backups, recovery. Hands on certutil. Issuing certificates The certificate enrolment process, enrolment methods, manual enrolment, automatic enrolment. Trust between organisations Creating Trust, CTLs, common root CA, cross certification, bridge CA. Web servers and certificates SSL encryption, certificate authentication. Hands on Web servers. VPN Hands on Certificate deployment for VPN. WiFi Hands on 802.1X

Microsoft security training course description A hands on training course focusing on security in the Microsoft environment. The course progresses from patch management onto the use of Microsoft security tools. Then server, desktop and network security are studied in the Microsoft environment. What will you learn Use Microsoft security tools. Secure Microsoft servers. Secure Microsoft desktops. Secure Microsoft networks. Microsoft security training course details Who will benefit: Technical server support staff. Technical desktop support staff. Technical network staff. Technical security staff. Prerequisites: Supporting Windows server 2016 Networking Microsoft systems. Duration 3 days Microsoft security training course contents Introduction Security threats, Microsoft defaults, admin accounts, security patches, patch management, patch tools. Hands on: Studying Microsoft defaults, applying security patches. Microsoft security tools Microsoft updates, WSUS, Inventory tool, baseline security analyser, URLscan, EventCombMT, Cipher security tool, Port reporter, PortQry. Tools hackers use. Hands on: Using Microsoft security tools. Server security Checklists, core server security, AD, Member server security, Domain controller security, Specific roles. Hands on Hardening Microsoft servers, security templates. Active Directory Admin authority in AD, group policy, trust and authentication. Desktop security Checklists, core client security, anti virus software, anti spyware software, firewalls, securing clients with AD, securing clients with group policy, software restriction policies. Hands on Securing Microsoft desktops. Network security Checklist, IP security, VPNs, PKI, certificate authorities, RAS, RRAS, IAS. Hands on: VPN configuration, IAS configuration. Monitoring Auditing, authorisation and logons, tracking, system monitoring, detecting attacks. Hands on: Monitoring Microsoft systems. Summary Microsoft security response centre, security advisories.

Security+ training course description A hands on course aimed at getting delegates successfully through the CompTia Security+ examination. What will you learn Explain general security concepts. Describe the security concepts in communications. Describe how to secure an infrastructure. Recognise the role of cryptography. Describe operational/organisational security. Security+ training course details Who will benefit: Those wishing to pass the Security+ exam. Prerequisites: TCP/IP foundation for engineers Duration 5 days Security+ training course contents General security concepts Non-essential services and protocols. Access control: MAC, DAC, RBAC. Security attacks: DOS, DDOS, back doors, spoofing, man in the middle, replay, hijacking, weak keys, social engineering, mathematical, password guessing, brute force, dictionary, software exploitation. Authentication: Kerberos, CHAP, certificates, usernames/ passwords, tokens, biometrics. Malicious code: Viruses, trojan horses, logic bombs, worms. Auditing, logging, scanning. Communication security Remote access: 802.1x, VPNs, L2TP, PPTP, IPsec, RADIUS, TACACS, SSH. Email: S/MIME, PGP, spam, hoaxes. Internet: SSL, TLS, HTTPS, IM, packet sniffing, privacy, Javascript, ActiveX, buffer overflows, cookies, signed applets, CGI, SMTP relay. LDAP. sftp, anon ftp, file sharing, sniffing, 8.3 names. Wireless: WTLS, 802.11, 802.11x, WEP/WAP. Infrastructure security Firewalls, routers, switches, wireless, modems, RAS, PBX, VPN, IDS, networking monitoring, workstations, servers, mobile devices. Media security: Coax, UTP, STP, fibre. Removable media. Topologies: Security zones, DMZ, Intranet, Extranet, VLANs, NAT, Tunnelling. IDS: Active/ passive, network/host based, honey pots, incident response. Security baselines: Hardening OS/NOS, networks and applications. Cryptography basics Integrity, confidentiality, access control, authentication, non-repudiation. Standards and protocols. Hashing, symmetric, asymmetric. PKI: Certificates, policies, practice statements, revocation, trust models. Key management and certificate lifecycles. Storage: h/w, s/w, private key protection. Escrow, expiration, revocation, suspension, recovery, destruction, key usage. Operational/Organisation security Physical security: Access control, social engineering, environment. Disaster recovery: Backups, secure disaster recovery plans. Business continuity: Utilities, high availability, backups. Security policies: AU, due care, privacy, separation of duties, need to know, password management, SLAs, disposal, destruction, HR policies. Incident response policy. Privilege management: Users, groups, roles, single sign on, centralised/decentralised. Auditing. Forensics: Chain of custody, preserving and collecting evidence. Identifying risks: Assets, risks, threats, vulnerabilities. Role of education/training. Security documentation.

About this training course Transmission lines and sub-stations are essential components in the electrical power systems. Proper design and maintenance are crucial for transmission lines to maintain a continuous operation. The objective of this 5-day training course is to deal appropriately with control systems, design characteristics and electric & magnetic fields. Participants will gain a better understanding on the corona and gap discharge phenomena, constructional features, and optimization of the transmission lines. Training Objectives By participating in this course, you will be able to: Understand transmission line design and its application Examine different types of conductors and electrical characteristics Explore basic and general transmission line parameters Prevent overvoltage through insulation design Determine surge impedance and corona effects Calculate and measure electric and magnetic fields Comprehend the impact of audible noise and electromagnetic interference Identify interference within the transmission line systems Target Audience The course will greatly benefit the following groups but not limited to: Electrical Engineers Civil Engineers Transmission & Distribution Engineers Substation Operators Safety Engineers Reliability Engineers Facility & Plant Engineers Technical Engineers Design Engineers Plant Supervisors Electrical Contractors Course Level Basic or Foundation Intermediate Training Methods The training instructor relies on a highly interactive training method to enhance the learning process. This method ensures that all participants gain a complete understanding of all the topics covered. The training environment is highly stimulating, challenging, and effective because the participants will learn by case studies which will allow them to apply the material taught in their own organization. Course Duration: 5 days in total (35 hours). Training Schedule 0830 - Registration 0900 - Start of training 1030 - Morning Break 1045 - Training recommences 1230 - Lunch Break 1330 - Training recommences 1515 - Evening break 1530 - Training recommences 1700 - End of Training The maximum number of participants allowed for this training course is 25. This course is also available through our Virtual Instructor Led Training (VILT) format. Trainer Your expert course leader is a professional engineer with extensive experience in power system studies, substation design field-testing, and EHS programs settings for Mining and Electrical Utilities sectors. He was formally the Engineering Manager at GE Canada in Ontario. He received his M.Sc. in electrical engineering from the University of New Brunswick and his MBA from Laurier School of Business in Waterloo. He has managed and executed more than 150 engineering projects on substation design EMF audits and power system studies and analyses, EMF audits and grounding audits, for major electrical utilities, mines, oil and gas, data centers, industrial and commercial facilities in Canada and the U.S. He is a certified professional engineer in the provinces of Ontario and Alberta. He has various IEEE publications, has served as a technical reviewer for many IEEE journals in power systems and control systems, and is the chair of the Industry Application Chapter (IAS) for IEEE Toronto Section. He remains a very active member for the IEEE substation committee of IEEE Std. 81 ground testing (WGE6) and IEEE Std. 80 ground design (WGD7). A certified electrical safety trainer by GE Corporate and a Canadian Standard Association (CSA) committee member at the mining advisory panel for electrical safety, he also taught many technical courses all over Canada to industrial customers, electrical consultants as well as to electrical utilities customers. Highlighted Projects: Various Power System Studies for 345/230 kV Stations - Nova Scotia Power (EMERA) RF audits for Telecom tower and antennas - Cogeco/Rogers Mobile Power System analysis - Powell Canada Structural/Geotechnical Design and upgrades - Oakville Hydro Underground Cables testing and sizing - Plan Group Relay programming and design optimization - Cenovus Canada Different Arc Flash Analysis and BESS Design - SNC Lavalin Environmental site assessment (ESA) Phase I/II for multiple stations - Ontario Electromagnetic compatibility (EMC) assessment for Toronto LRT expansion - MOSAIC Battery energy storage system (BESS) installation at City of London - Siemens Canada EMF audits for 500 kV Transmission Lines - Hydro One EMF audits for 500 kV Transmission Lines - Hydro Quebec AC interference for 138 kV line modeling and mitigations - HBMS Mine POST TRAINING COACHING SUPPORT (OPTIONAL) To further optimise your learning experience from our courses, we also offer individualized 'One to One' coaching support for 2 hours post training. We can help improve your competence in your chosen area of interest, based on your learning needs and available hours. This is a great opportunity to improve your capability and confidence in a particular area of expertise. It will be delivered over a secure video conference call by one of our senior trainers. They will work with you to create a tailor-made coaching program that will help you achieve your goals faster. Request for further information post training support and fees applicable Accreditions And Affliations

About this training course The smart meter or smart grid represents the next-generation electrical power system. This system uses information, data & communication technology within generation, delivery and consumption of electric energy. This 4-day course will equip you with the innovations that are shaping the power generation and distribution systems and will cover topics ranging from Smart Metering Architecture, Cybersecurity, Smart Grid Systems and Power Line Communications. Training Objectives By participating in this course, you will be able to: Comprehend the Smart Grid and Smart Meters architecture Review latest trends and challenges within the Smart Grid Technology Perform analysis on smart electronic meters Comply with regulatory and metering standards Recognize the importance of cybersecurity in smart grids Maximize efficiency, reliability, and longevity of your smart meters and equipment Gain valuable insights into power quality and harmonics Target Audience This course will greatly benefit the following groups but not limited to: Smart Grid managers and engineers Smart Meters managers and engineers Power plant managers Outage managers Maintenance and operations engineers Power regulatory personnel Transmission managers and engineers Distribution managers and engineers IT managers Renewable energy managers and engineers Course Level Basic or Foundation Intermediate Training Methods The training instructor relies on a highly interactive training method to enhance the learning process. This method ensures that all participants gain a complete understanding of all the topics covered. The training environment is highly stimulating, challenging, and effective because the participants will learn by case studies which will allow them to apply the material taught in their own organization. Course Duration: 4 days in total (28 hours). Training Schedule 0830 - Registration 0900 - Start of training 1030 - Morning Break 1045 - Training recommences 1230 - Lunch Break 1330 - Training recommences 1515 - Evening break 1530 - Training recommences 1700 - End of Training The maximum number of participants allowed for this training course is 25. This course is also available through our Virtual Instructor Led Training (VILT) format. Trainer Your expert course leader is a professional engineer with extensive experience in power system studies, substation design field-testing, and EHS programs settings for Mining and Electrical Utilities sectors. He was formally the Engineering Manager at GE Canada in Ontario. He received his M.Sc. in electrical engineering from the University of New Brunswick and his MBA from Laurier School of Business in Waterloo. He has managed and executed more than 150 engineering projects on substation design EMF audits and power system studies and analyses, EMF audits and grounding audits, for major electrical utilities, mines, oil and gas, data centers, industrial and commercial facilities in Canada and the U.S. He is a certified professional engineer in the provinces of Ontario and Alberta. He has various IEEE publications, has served as a technical reviewer for many IEEE journals in power systems and control systems, and is the chair of the Industry Application Chapter (IAS) for IEEE Toronto Section. He remains a very active member for the IEEE substation committee of IEEE Std. 81 ground testing (WGE6) and IEEE Std. 80 ground design (WGD7). A certified electrical safety trainer by GE Corporate and a Canadian Standard Association (CSA) committee member at the mining advisory panel for electrical safety, he also taught many technical courses all over Canada to industrial customers, electrical consultants as well as to electrical utilities customers. Highlighted Projects: Various Power System Studies for 345/230 kV Stations - Nova Scotia Power (EMERA) RF audits for Telecom tower and antennas - Cogeco/Rogers Mobile Power System analysis - Powell Canada Structural/Geotechnical Design and upgrades - Oakville Hydro Underground Cables testing and sizing - Plan Group Relay programming and design optimization - Cenovus Canada Different Arc Flash Analysis and BESS Design - SNC Lavalin Environmental site assessment (ESA) Phase I/II for multiple stations - Ontario Electromagnetic compatibility (EMC) assessment for Toronto LRT expansion - MOSAIC Battery energy storage system (BESS) installation at City of London - Siemens Canada EMF audits for 500 kV Transmission Lines - Hydro One EMF audits for 500 kV Transmission Lines - Hydro Quebec AC interference for 138 kV line modeling and mitigations - HBMS Mine POST TRAINING COACHING SUPPORT (OPTIONAL) To further optimise your learning experience from our courses, we also offer individualized 'One to One' coaching support for 2 hours post training. We can help improve your competence in your chosen area of interest, based on your learning needs and available hours. This is a great opportunity to improve your capability and confidence in a particular area of expertise. It will be delivered over a secure video conference call by one of our senior trainers. They will work with you to create a tailor-made coaching program that will help you achieve your goals faster. Request for further information post training support and fees applicable Accreditions And Affliations