103 Auditor courses in Cardiff delivered Live Online

About this Virtual Instructor Led Training (VILT) This 3 half-day Virtual Instructor Led Training (VILT) course will help participants grasp the idea of real-world risk management and how this relates to the cyber world. The VILT course will cover topics surrounding identifying cyber risks and vulnerabilities, guidance on applying administrative actions, and comprehensive solutions to ensure your organization is adequately secure and protected. The VILT course will guide participants on how to conduct a security risk assessment for their organization, and equip them with the skills to develop a risk compliance assessment plan as well as methods to develop risk management strategies which can improve their organization's security posture. The VILT course has at least a 30% hands-on approach through the use of Table Top Exercises. The VILT course will cover the following modules: Introduction to Risk Assessments (RA) Threat Actors and Their Motivations Threat and Risk Assessment Critical Controls Identification Maturity Assessment Treated Cyber Risk Profile Target Cyber Risk Profile and Strategy Target Audience The VILT course is intended for professionals responsible for organizational information and security system and those involved in operating and maintenance of critical information and IT network & sotware systems. Professionals who are designated as the Single Point of Accountability (SPoA) as well as system auditors will find this course useful. Course Level Basic or Foundation Training Methods The VILT course will be delivered online in 3 half-day sessions comprising 4 hours per day, with 2 x 10 minutes break per day, including time for lectures, discussion, quizzes and short classroom exercises. Course Duration: 3 half-day sessions, 4 hours per session (12 hours in total). This VILT course is delivered in partnership with ENGIE Laborelec. Trainer Your expert course leader is a is specialized in cybersecurity risk management. Before joining ENGIE, she worked for The National Cybersecurity Agency of France (ANSSI) based in Paris (France) and for Deloitte Belgium located in Zaventem (Belgium). She has been involved in cybersecurity projects focusing on the principle of protecting critical infrastructures. Her different experiences in Cyber Security, Anti-Money Laundering and Global Trade Compliance (including Export Control and Customs) gave her the opportunity to use methodologies tackling strategic, operational and financial control issues at all levels of an organization: people, business processes, IT applications and infrastructure, legal and regulatory compliance. She was an EBIOS Risk Manager (RM) trainer while she worked for the French government; EBIOS RM is the French method for assessing and treating digital risks. She also had the opportunity to represent France towards European institutions and other relevant stakeholders for topics related to cybersecurity risk management. POST TRAINING COACHING SUPPORT (OPTIONAL) To further optimise your learning experience from our courses, we also offer individualized 'One to One' coaching support for 2 hours post training. We can help improve your competence in your chosen area of interest, based on your learning needs and available hours. This is a great opportunity to improve your capability and confidence in a particular area of expertise. It will be delivered over a secure video conference call by one of our senior trainers. They will work with you to create a tailor-made coaching program that will help you achieve your goals faster. Request for further information about post training coaching support and fees applicable for this. Accreditions And Affliations

Course Overview This comprehensive Anti-Money Laundering (AML) Training Level 5 course offers a deep exploration of the UK’s anti-money laundering regulations and reporting requirements. Learners will gain a solid understanding of money laundering typologies, the legal framework surrounding the Proceeds of Crime Act 2002, and the roles and responsibilities of compliance professionals. Through structured learning, this course prepares individuals to effectively identify, assess, and report suspicious activity within financial and non-financial institutions. Ideal for professionals in banking, finance, legal, and corporate sectors, the course builds awareness of AML obligations and supports regulatory alignment. Upon completion, learners will possess the theoretical knowledge required to contribute to financial crime prevention, risk management, and organisational integrity. Course Description The Anti-Money Laundering (AML) Training Level 5 course is designed to equip learners with an in-depth understanding of regulatory requirements, reporting procedures, and due diligence obligations. The course examines key legislation such as the Proceeds of Crime Act 2002, and outlines the development of AML frameworks across sectors. Learners will study the responsibilities of the Money Laundering Reporting Officer (MLRO), the importance of record-keeping, and how to implement a risk-based approach in compliance programmes. Emphasis is placed on identifying suspicious transactions, maintaining regulatory standards, and fostering awareness throughout an organisation. Whether preparing for a role in compliance or enhancing existing knowledge, this course supports learners in aligning with UK regulatory expectations and strengthening their ability to safeguard businesses from financial crime. Course Modules: Module 01: Introduction to Money Laundering Module 02: Proceeds of Crime Act 2002 Module 03: Development of Anti-Money Laundering Regulation Module 04: Responsibility of the Money Laundering Reporting Office Module 05: Risk-based Approach Module 06: Customer Due Diligence Module 07: Record Keeping Module 08: Suspicious Conduct and Transactions Module 09: Awareness and Training (See full curriculum) Who is this course for? Individuals seeking to understand financial crime regulations and prevention measures. Professionals aiming to transition into compliance, audit, or financial regulation roles. Beginners with an interest in anti-money laundering, financial oversight, or legal studies. Employees responsible for ensuring compliance within financial or legal institutions. Career Path Anti-Money Laundering Officer Compliance Analyst Risk and Governance Associate Financial Crime Consultant Internal Auditor Regulatory Affairs Specialist Legal and Compliance Assistant

Gain expertise in IFRS accounting for the oil and gas sector with our industry-focused training course. Enroll today with EnergyEdge.

Course Information Join our comprehensive three-day programme designed as an invaluable external training opportunity for auditors, audit programme managers, and individuals subject to audits. This course is tailored to foster a deep understanding and cultivate essential skills for auditing the validation of computer systems intended for GxP environments (GLP, GCP, GMP, GDP, GPvP). Commencing with an overview of regulatory prerequisites and the system life cycle, the course swiftly transitions to focus on the pragmatic aspects of auditing computer system validation. Experience a blend of presentations, interactive discussions, and immersive practical workshops throughout the duration of the course. Delegates will benefit from practical examples of how to understand the framework of applicable regulations and guidance. Apply risk management techniques to audit planning Plan and conduct computerised system audits Assess system validation documentation to verify compliance Evaluate data integrity and security issues Prepare for regulatory inspection. The course is structured to encourage delegates to: Discuss and develop ideas Solve specific problems Understand the vulnerabilities of computerised systems Learn how to create a compliance checklist Link system development with good business practice. Is this course for you? Auditors Audit programme managers Individuals subject to audits. Tutors Tutors will be comprised of (click the photos for biographies): Nichola Stevens Director and Principal Consultant, Nuncius Compliance Solutions Ltd Barry McManus Consultancy Partner, Empowerment Quality Engineering Ltd Programme Please note timings may be subject to alteration. Day 1 09:00 Welcome and Introductions 09:45 Why We Validate and Regulatory Trends 10:30 Break 10:45 Audit Overview, High Level Process and Scheduling 11:30 System Lifecycle 12:30 Lunch 13:15 Exercise 1 - Audit Scheduling 14:45 Exercise 1 - Feedback 15:15 Break 15:30 Validation Deliverables 16:30 Risk Assessments 17:30 Close of Day 1 Day 2 09:00 Supplier Assessment 10:30 Break 10:45 Exercise 2 - Planning a Supplier Audit 12:00 Exercise 2 - Feedback 12:30 Lunch 13:15 Exercise 3 - Auditing a Computerised System Validation Package 15:30 Break 15:45 Exercise 3 - Feedback 16:30 Change Control 17:15 Close of Day Day 3 09:00 Infrastructure Qualification 09:45 Maintaining a Validated State - Operational Processes 11:00 Break 11:15 Exercise 4 - Auditing Systems in Operational Use 12:45 Lunch 13:30 Exercise 4 - Feedback 14:15 Exercise 5 - Auditing Trail Review 15:30 Break 15:45 Exercise 5 - Feedback 16:15 Course Objectives Summary and Any Additional Questions 16:45 Close of Course Extra Information Face-to-face course Course Material Course material will be available in PDF format for delegates attending this course. The advantages of this include: Ability for delegates to keep material on a mobile device Ability to review material at any time pre and post course Environmental benefits – less paper being used per course. The material will be emailed in advance of the course and RQA will not be providing any printed copies of the course notes during the training itself. Delegates wishing to have a hard copy of the notes should print these in advance to bring with them. Alternatively delegates are welcome to bring along their own portable devices to view the material during the training sessions. Remote course Course Material This course will be run completely online. You will receive an email with a link to our online system, which will house your licensed course materials and access to the remote event. Please note this course will run in UK timezone. The advantages of this include: Ability for delegates to keep material on a mobile device Ability to review material at any time pre and post course Environmental benefits – less paper being used per course Access to an online course group to enhance networking. You will need a stable internet connection, a microphone and a webcam. CPD Points 19 Points Development Level Develop

IP security training course description Connection to the Internet is becoming an essential business tool. This course looks at firewalls, digital certificates, encryption and other essential topics for e-commerce sites. A generic course that looks at firewalls and VPNs. Hands on sessions include using hacking tools and configuring firewalls. What will you learn Describe: Basic security attacks RADIUS SSL IPSec VPNs Implement digital certificates Deploy firewalls to protect Web servers and users. Secure Web servers and clients. IP security training course details Who will benefit: Network administrators. Network operators. Security auditors Prerequisites: TCP/IP foundation for engineers Duration 2 days IP security training course contents TCP/IP review Brief overview of the relevant headers. Hands on Download software for course, use analyser to capture passwords on the wire. Security review Policies, Types of security breach, denial of service, data manipulation, data theft, data destruction, security checklists, incident response. Security exploits The Internet worm, IP spoofing, SYN attack, hijacking, Ping o' Death… keeping up to date with new threats. Hands on Use a port scanning tool, use a 'hacking' tool. Firewalls Products, Packet filtering, DMZ, content filtering, stateful packet inspection, Proxies, firewall architectures, Intrusion Detection Systems, Viruses. Hands on Set up a firewall and prevent attacks. NAT NAT and PAT, Why use NAT, NAT-ALG, RSIP. Encryption Encryption keys, Encryption strengths, Secret key vs Public key, algorithms, systems, SSL, SSH, Public Key Infrastructures. Hands on Run a password-cracking program. Authentication Types of authentication, Securid, Biometrics, PGP, Digital certificates, X.509 v3, Certificate authorities, CRLs, PPP authentication, RADIUS. Hands on Using certificates. Web client and server security Cookies, browser certificates, censorship, PICS. Operating system security, Web server user authentication, Restricting access, Logging, Securing CGI scripts. Hands on Browser security. VPNs and IPSec What is a VPN, tunnelling, L2F, PPTP, L2TP, IPSec, AH, ESP, transport mode, tunnel mode.

Duration 2 Days 12 CPD hours This course is intended for The COBIT 2019 Foundation course would suit candidates working in the following IT professions or areas: IT Auditors IT Managers IT Quality professionals IT Leadership IT Developers Process practitioners Managers in IT service providing firms The above list is a suggestion only; individuals may wish to attend based on their own career aspirations, personal goals or objectives. Delegates may take as few or as many Intermediate qualifications as they require, and to suit their needs. Overview This COBIT 2019 Foundation course is designed as an introduction to COBIT 2019 and enables you to understand how an integrated business framework for the governance and management of enterprise IT can be utilized to achieve IT business integration, cost reductions and increased productivity. The syllabus areas that this course is designed to cover are: New framework introduction Key concepts and terminology Governance and Framework Principles Governance system and components Governance and management objectives Performance management Designing a tailored governance system COBIT 2019 builds on and integrates more than 25 years of development in this field, not only incorporating new insights from science, but also operationalizing these insights as practice. The heart of the COBIT framework updates COBIT principles while laying out the structure of the overall framework including: New concepts are introduced and terminology is explained?the COBIT Core Model and its 40 governance and management objectives provide the platform for establishing your governance program. The performance management system is updated and allows the flexibility to use maturity measurements as well as capability measurements. Introductions to design factors and focus areas offer additional practical guidance on flexible adoption of COBIT 2019, whether for specific projects or full implementation. From its foundation in the IT audit community, COBIT has developed into a broader and more comprehensive information and technology (I&T) governance and management framework and continues to establish itself as a generally accepted framework for I&T governance. 1 - COBIT 5 OVERVIEW AND INTRODUCTION Course Administration Course Objectives Exam Overview Certification Scheme History of COBIT COBIT 2019 Improvements Major differences with 2019 Misconceptions about COBIT COBIT and Other Standards 2 - KEY CONCEPTS AND TERMINOLOGY Introduction to Enterprise Governance of Information and Technology Benefits of Information and Technology Governance COBIT Information and Technology Governance Framework Distinction of Governance and Management Three Principles of a Governance Framework Six Principles for a Governance System 3 - GOVERNANCE SYSTEMS AND COMPONENTS Introduction to the Components of a Governance System Processes and Capability Levels Organizational Structures and Defined Roles Information Flows and Items People, Skills and Competencies Principles, Policies and Frameworks Culture, Ethics and Behavior Services, Infrastructure and Applications 4 - GOVERNANCE MANAGEMENT OBJECTIVES Governance and Management Objectives Publication Governance and Management Objectives Governance and Management Objectives Core Model Evaluate, Direct and Monitor Align, Plan and Organize Build, Acquire and Implement Deliver, Service and Support Monitor, Evaluate and Assess 5 - GOALS CASCADE Governance and Management Objective Relationships Governance and Management Objective Descriptions High-Level Information Example Introduction to the Goals Cascade Enterprise Goals Alignment Goals Mapping Tables ? Appendix A 6 - PERFORMANCE MANAGEMENT Introduction to Performance Management COBIT Performance Management Principles COBIT Performance Management (CPM) Overview Process Capability Levels Rating Process Activities Focus Area Maturity Levels Performance Management of Organizational Structures Performance Management of Information Items Performance Management of Culture and Behavior 7 - DESIGNING A TAILORED GOVERNANCE SYSTEM The Need for Tailoring Design Factors Enterprise Strategy Enterprise Goals Risk Profile I&T Related Issues Threat Landscape Compliance Requirements Role of IT Sourcing Model for IT IT Implementation Methods Technology Adoption Strategy Enterprise Size Focus Areas Designing a Tailored Governance System Management Objective Priority and Target Capability Levels Component Variations Specific Focus Areas Stages and Steps in the Design Process 8 - IMPLEMENTING ENTERPRISE GOVERNANCE OF IT The Business Case The COBIT Implementation Guide Purpose COBIT Implementation Approach Phase 1 ? What are the Drivers Phase 2 ? Where are we Now Phase 3 ? Where do we Want to be Phase 4 ? What Needs to be Done Phase 5 ? How do we get There Phase 6 ? Did we get There Phase 7 How do we Weep the Momentum Going? EGIT Implementation Program Challenges

  During this training course, you will gain a comprehensive knowledge of a process model for designing and developing an organizational incident management plan. The compatibility of this training course with ISO/IEC 27035 also supports the ISO/IEC 27001 by providing guidance for Information Security Incident Management. After mastering all the necessary concepts of Information Security Incident Management, you can sit for the exam and gain "Certified ISO 27035 Lead Incident Manager" Certification. By holding this certification, you will be able to demonstrate that you have the practical knowledge and professional capabilities to support and lead a team in managing Information Security Incidents. About This Course   Learning objectives   Master the concepts, approaches, methods, tools and techniques that enable an effective Information Security Incident Management according to ISO/IEC 27035 Acknowledge the correlation between ISO/IEC 27035 and other standards and regulatory frameworks Acquire the expertise to support an organization to effectively implement, manage and maintain an Information Security Incident Response plan Acquire the competence to effectively advise organizations on the best practices of Information Security Incident Management Understand the importance of establishing well-structured procedures and policies for Incident Management processes Develop the expertise to manage an effective Incident Response Team   Course Agenda   Day 1: Introduction to Information Security Incident Management concepts as recommended by ISO/IEC 27035 Day 2: Designing and preparing an Information Security Incident Management plan Day 3: Enacting the Incident Management process and handling Information Security incidents Day 4: Monitoring and continual improvement of the Information Security Incident Management plan and the Exam.   Additional Information   Certification fees are included in the exam price. An attendance record worth 31 CPD (Continuing Professional Development) credits will be issued to the participants who have attended the training course. In case candidates fail the exam, they can retake it within 12 months of the initial attempt for free. Accreditation Assessment     Delegates sit a combined exam, consisting of in-course quizzes and exercises, as well as a final 12 question, essay type exam on Day 4 of the course. The overall passing score is 70%, to be achieved within the 150 minute time allowance. Exam results are provided within 24 hours, with both a Certificate and a digital badge provided as proof of success.   Our Guarantee   We are an Accredited Training Provider of the IECB. You can learn wherever and whenever you want with our robust classroom and interactive online training courses. Our courses are taught by qualified practitioners with a minimum of 25 years commercial experience. We strive to give our delegates the hands-on experience. Our courses are all-inclusive with no hidden extras.  The one-off cost covers the training, all course materials, and exam voucher. Our aim: To achieve a 100% first time pass rate on all our instructor-led courses. Our Promise: Pass first time or 'train' again for FREE. *FREE training offered for retakes - come back within a year and only pay for the exam. Prerequisites   A fundamental understanding of ISO/IEC 27035 and comprehensive knowledge of Information Security.  What's Included?   Delegates will be provided with; Course Slide deck Questions and Answers Bank Participant Guide Who Should Attend?   Information Security Incident managers IT Managers IT Auditors Managers seeking to establish an Incident Response Team (IRT) Managers seeking to learn more about operating effective IRTs Information Security risk managers IT system administration professionals IT network administration professionals Members of Incident Response Teams Individuals responsible for Information Security within an organization Provided by   This course is Accredited by NACS and Administered by the IECB

About this VILT Tripod can be used in any area of business where the organisation has a management system in place to prevent unwanted events e.g., health, safety, environment, quality, security, productivity, project management, and many more Tripod Beta is one of several tools based on Tripod's fundamental principles. Tripod Beta is based on proven theories, man years of academic research, and testing in the workplace. The Swiss Cheese Model originated from this work. Features of the methodology are: 1) the Tripod Beta diagram; it provides an easy-to-read summary of the entire investigation on a single page, 2) it accommodates deficiencies in leadership and worker participation, 3) it accommodates deficiencies in human behaviour, and 4) it highlights missing controls (not just controls that failed). Quality throughout all aspects of Tripod is assured by the Stichting Tripod Foundation (STF) and the Energy Institute. The participants will gain a theoretical understanding of the Tripod Beta methodology and terminology. They will be able to read Tripod diagrams and reports, and be able to assist incident investigation/analysis as a team member. This is the first step to becoming an accredited silver or gold practitioner. Tripod Beta Practitioner Accreditation is meant to build these skills, through a blend of support, coaching and assessments. Feedback is provided on Tripod incident investigation reports, giving the Practitioner the opportunity to hone their skills and become confident in their ability to use Tripod effectively. Training Objectives Upon completion of this course, participants will be able to: Pass the Tripod Beta Practitioner (Bronze Level) exam Act as a team member or Tripod facilitator on an incident investigation Plan and schedule activities for an incident investigation Focus line of enquiry during an investigation Engage with the most relevant people at each stage of the investigation Describe the incident causation paths in terms that align with their management system Consider issues relating to leadership, worker participation and human behaviour Assess the quality of an incident report Apply the process to any type of unwanted event that should have been prevented by a management system e.g., health, safety, environment, financial, security, productivity, quality, project management etc. Combine the findings from many incidents with data from other initiatives e.g., audits and inspections, to spot trends to prioritise actions and product a single improvement plan Target Audience The course is recommended for anyone who is expected to play a role in designing, reviewing, auditing, and following your organizations OH&S management system. Successful participants will be awarded the Stitching Tripod Foundation Tripod Beta Bronze certificate. The following oil & gas company personnel will benefit from the knowledge shared in this course: CEO Team Leaders Legal, insurance and finance departments Managers (Line and Function) Maintenance Engineers Quality Assurance Engineers Process Engineers Incident Investigators (Team member & Tripod facilitator) Project Managers System Custodians Technical Authorities Key Contractor's Management Contract Managers/Holders Safety Representatives Risk Management Engineers HSE Advisors Supervisors Auditors Regulators Course Level Basic or Foundation Trainer Your expert course leader has over 30 years of experience in construction, operations and maintenance with the upstream exploration and production sector. He joined Shell International E&P in 1971 and for 28 years worked in several locations around the world. Following the Piper Alpha incident he led Shell's two year, £10M major overhaul of their permit to work system. He first made use of the Tripod Beta principles during this period and since then he has delivered over 100 Tripod Beta courses in more than 25 locations around the world. He is a Chartered Engineer, a member of the Institution of Engineering and Technology and holds a postgraduate diploma from the University of Birmingham (UK). POST TRAINING COACHING SUPPORT (OPTIONAL) To further optimise your learning experience from our courses, we also offer individualized 'One to One' coaching support for 2 hours post training. We can help improve your competence in your chosen area of interest, based on your learning needs and available hours. This is a great opportunity to improve your capability and confidence in a particular area of expertise. It will be delivered over a secure video conference call by one of our senior trainers. They will work with you to create a tailor-made coaching program that will help you achieve your goals faster. Request for further information post training support and fees applicable Accreditions And Affliations

Our training programme will provide those involved at any stage of the process for procuring goods and/or services within their organisations with the knowledge and skillset to identify and mitigate the threat posed by the breadth and multi-layered complexity of procurement fraud, corruption and associated financial crime and money laundering.

Our training programme will provide those involved at any stage of the process for procuring goods and/or services within their organisations with the knowledge and skillset to identify and mitigate the threat posed by the breadth and multi-layered complexity of procurement fraud and corruption.