270 Courses in Cardiff delivered Live Online

Project Risk Management: In-House Training Have you been surprised by unplanned events during your projects? Are you and your project team frequently fighting fires? Well, you are not alone. Uncertainty exists in any project environment. While it's impossible to predict project outcomes with 100% certainty, you can influence the outcome, avoid potential risks, and be ready to respond to challenges that arise. In this course, you'll gain the proper knowledge needed to identify, assess, plan for, and monitor risk in your projects. You'll learn how to set up and implement risk management processes, helping you to minimize uncertainty and achieve more consistent, predictable outcomes as a result. What You Will Learn You'll learn how to: Demonstrate to others how the risk management processes in A Guide to the Project Management Body of Knowledge (PMBOK® Guide) apply to your project's environment, especially for high-risk projects Adapt these processes for a particular high-risk project team's operating principles Explain the importance of using risk management best practices at single and enterprise project levels Lead an initiative to implement risk management best practices in your project environment Foundation Concepts Risk-related definitions The risk management process High-risk projects and project failures Classical failures in implementing risk management Plan Risk Management Project risk management and governance Risk management planning for high-risk projects High-risk variations on a risk management plan Identify Risk Adapting the risk identification process for high-risk projects Recognizing risks spontaneously Confirming and structuring risk events for treatment Wrapping up risk identification for high-risk projects Perform Qualitative Risk Analysis Adapting qualitative risk analysis for high-risk projects Accelerating risk analysis Clearing risk action Wrapping up qualitative risk analysis for the next level Perform Quantitative Risk Analysis Adapting quantitative risk analysis for high-risk projects Ensuring effective risk analyses with data quality assessments Building a foundation for quantitative risk analysis Using discrete quantitative tools Using continuous quantitative tools Wrapping up quantitative risk analysis for high-risk projects Plan Risk Responses Adapting risk response planning for high-risk projects Optimizing active risk response strategies Leveraging contingencies for high project performance Wrapping up risk response planning for high-risk projects Implement Risk Responses Implementing Risk Responses Process Executing Risk Response Plans Tools and Techniques Best Practices Continuous Risk Management Monitor Risks Adapting risk monitoring for high-risk projects Optimizing risk plan maintenance Weaving risk reassessment into the project's progress Maintaining a continuous 'vigil' in high-risk project environments

Risk Management for IT Projects: In-House Training IT projects may have direct bottom-line impact on the organization, cost millions of dollars, cause organizational change and change the way the organization is perceived by clients. Many IT projects are notoriously hard to predict and are filled with risk. IT Risk Management takes a comprehensive look at IT project risk management using PMI's PMBOK® Guide Risk Management Model in the context of IT Project Life Cycle phases. The goal of this course is to arm the practitioner with a rigorous, common-sense approach to addressing uncertainty in projects. This approach includes the ability to influence project outcomes, avoid many potential project risks, and be ready to calmly and efficiently respond to unavoidable challenges. What you will Learn You'll learn how to: Describe the risk management process, using the PMBOK® Guide's standard models and terminology Discuss the potential barriers to managing risk effectively in IT project organizations Develop an effective risk management plan for IT projects Identify project risks using IT-specific, practical tools Analyze individual risk events and overall project risk using IT-specific, practical approaches Plan effective responses to IT-specific risk based on the results of risk analysis and integrate risk responses into project schedules and cost estimates Manage and control risk throughout the IT project life cycle Implement selected elements of IT project risk management on your next project Foundation Concepts Basic concepts and purpose Risk and project constraints Risk and corporate cultures Risk management and IT PLC standards Plan Risk Management for IT Projects Plan Risk management process Plan Risk management activities Design a standard template Assess the project-specific needs Tailor the template Produce a project-specific risk management plan Gain consensus and submit as part of overall project plan A risk management plan of IT projects Identify Risks for IT Projects Identify risk process overview Risk categories and examples Risk identification tools Risk events by project life-cycle phases Perform Risk Analysis for IT Projects Perform qualitative risk analysis overview Core qualitative tools for IT projects Auxiliary qualitative tools for cost and schedule estimates When to use quantitative analysis for IT projects Plan Risk Response for IT Projects Plan risk response overview Active risk response strategies for IT projects (Threat and Opportunity) Acceptance and contingency reserves Contingency planning for IT projects Plan risk responses for IT projects Implement Risk Response for IT Projects Implement Risk Responses Executing Risk Response Plans Techniques and Tools Used Continuous Risk Management Monitor Risks for IT Projects Monitor risks overview Monitor risks tips for IT projects Technical performance measurement systems Risk management implementation for IT projects

Overview This course provides an explanation of the underlying concepts of the Risk-Based Maintenance approach, guidance on its relationship and integration within asset management and the overall risk management process. This course will show delegates how to develop an action plan for implementation into an effective and cost-efficient maintenance strategy.

Overview Objective Understand the requirement of Information Security Concepts and Definitions of Information Security Management Systems Deeply Analysing the policies, Standards and procedures How to deliver a balanced ISMS and following its security procedures Analysing the Information risk management Evaluating the organisational responsibilities Understanding the Information security controls Scrutinising Legal framework Techniques of Cryptographic models

Overview Internal control, as defined by accounting and auditing, is a process for assuring an organization's objectives in operational effectiveness and efficiency, reliable financial reporting, and compliance with laws, regulations and policies. It is very important for the organisation to have a smooth flow of accounting as it plays a very important role in the development of the organisation. Financial Managers or any person who deals with Accounts need to see that the company accounts are very updated and are free from any risks that can become a problem during the time of Auditing.  This course will feed you with all the skills required to have a good Internal Management process it is important to analyse Risk Management to see if the process is working efficiently and measures the effectiveness of controls put in place to alleviate risks. 

Duration 4 Days 24 CPD hours This course is intended for This course is designed for the aspiring or sitting upper-level manager striving to advance his or her career by learning to apply their existing deep technical knowledge to business problems. In this course, students will learn in-depth content in each of the 5 CCISO Domains Domain 01 - Governance Define, Implement, Manage, and Maintain an Information Security Governance Program Information Security Drivers Establishing an information security management structure Laws/Regulations/Standards as drivers of Organizational Policy/Standards/Procedures Managing an enterprise information security compliance program Risk Management Risk mitigation, risk treatment, and acceptable risk Risk management frameworks NIST Other Frameworks and Guidance (ISO 31000, TARA, OCTAVE, FAIR, COBIT, and ITIL) Risk management plan implementation Ongoing third-party risk management Risk management policies and processes Conclusion Domain 2 - Security Risk Management, Controls, & Audit Management INFORMATION SECURITY CONTROLS COMPLIANCE MANAGEMENT GUIDELINES, GOOD AND BEST PRACTICES AUDIT MANAGEMENT SUMMARY Domain 03 - Security Program Management and Operations PROGRAM MANAGEMENT OPERATIONS MANAGEMENT Summary Domain 04 - Information Security Core Concepts ACCESS CONTROL PHYSICAL SECURITY NETWORK SECURITY ENDPOINT PROTECTION APPLICATION SECURITY ENCRYPTION TECHNOLOGIES VIRTUALIZATION SECURITY CLOUD COMPUTING SECURITY TRANSFORMATIVE TECHNOLOGIES Summary Domain 05 - Strategic Planning, Finance, Procurement and Vendor Management STRATEGIC PLANNING Designing, Developing, and Maintaining an Enterprise Information Security Program Understanding the Enterprise Architecture (EA) FINANCE PROCUREMENT VENDOR MANAGEMENT Summary

Certificate in Business and Commercial Law (CBCL) Why Attend This course is designed for professionals with little or no prior legal background but who are required to make organizational decisions involving legal matters. It will provide participants with the fundamental principles of commercial law, including commercial contracts and negotiation, sale of goods, intellectual property rights and employee relations. It also covers all the legal aspects of setting up a business, running a business and closing a business Participants will gain an in-depth understanding of international commercial law with emphasis on the common law system. Participants will have the opportunity to learn and analyze key legal issues regarding contracts and the business as a whole which they are likely to encounter within their organization.  Course Methodology In this interactive training course participants will frequently work in pairs as well as in larger groups to complete exercises as well as regional and international case studies. Course Objectives By the end of the course, participants will be able to: Apply legal rules and principles to specific commercial situations through consideration of relevant case law Negotiate commercial contracts complying with commercial and legal requirements Increase profitability within their organization by selecting appropriate methods of distribution of goods Recognize and analyze how intellectual property rights affect their organization Evaluate and modify organizational employment practices complying with labor law requirements Target Audience This course is suitable for those with little or no formal training in commercial law yet would be required to understand the fundamentals of commercial law as it may directly impact their work. It will particularly benefit directors and executives who have direct responsibility for legal decisions within the organization. In-house council new to the region, and those working within a legal department, will also find this course highly beneficial. Target Competencies Drafting Contracts Contract Negotiation Understanding Commercial Terms Understanding Employment Law Implementing Organizational Employment Practices Understanding Intellectual Property Understanding corporate restructuring Understanding the effect of breach of commercial contract terms Note The Dubai Government Legal Affairs Department has introduced a Continuing Legal Professional Development (CLPD) programme to legal consultants authorised to practise through a licensed firm in the Emirate of Dubai. We are proud to announce that the Dubai Government Legal Affairs Department has accredited EMG Associates as a CLPD provider. In addition, all our legal programmes have been approved. This PLUS Specialty Training Legal course qualifies for 4 elective CLPD points. Overview of commercial & business law Areas of commercial and business law Types of commercial contracts Commercial contracts in the civil law and common law systems Sources of English law Civil law v Common law Civil law in the GCC Formalities for a binding contract Elements required for an enforceable contract Rules for contract interpretation implied terms v express terms identifying risks and how to minimise risks Structure of a commercial contract Preliminary documents in international transactions Memorandum of Understanding/ Heads of Terms. Are they legally binding? Commercial implications Boilerplate/ miscellaneous provisions- the important but forgotten clauses- beware! Force majeure v Frustration Notices Set off No waiver Entire Agreement/ non- reliance clause Times is of the essence Assignment v Novation Governing law Common mistakes in choice of law Jurisdiction clause Exclusive v Non-exclusive Factors in deciding the jurisdiction clause International dispute resolution Litigation Importance of Alternative Dispute Resolution (ADR) Arbitration Mediations Conciliation Negotiation Remedies for breach of contract Damages Specific performance Injunctions Advantages and disadvantages of different business forms Types of business vehicles Sole trader Partnerships Limited Liability Partnerships Companies Cross Border Transactions Distributorship Agency Joint Venture Acquisitions Share purchase v Business purchase Apportioning risks and liabilities through warranties and indemnities Negotiating warranties and indemnities Corporate insolvency Tests identifying insolvency Consequence for directors who fail to react to insolvency Types of insolvency Administration Receivership Creditor Voluntary Liquidation Compulsory Liquidation Commercial Tort Tort of negligence Defamation Libel Slander Recent case law on defamation Managing risk Prevention is better than cure: Effective risk management Intellectual Property Rights management Types of Intellectual Property copyright trademark patent design rights confidential information Assignment v Granting a license The law of passing off Intellectual Property in the GCC Employment law issues in the common law systems and the GCC Types of employment contracts Grounds for dismissal Wrongful dismissal Redundancy Unfair dismissal Commercial real estate in the GCC Leasehold Freehold

Duration 5 Days 30 CPD hours This course is intended for This course is designed primarily for cybersecurity practitioners preparing for or who currently perform job functions related to protecting information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation. It is ideal for those roles within federal contracting companies and private sector firms whose mission or strategic objectives require the execution of Defensive Cyber Operations (DCO) or DoD Information Network (DoDIN) operation and incident handling. This course focuses on the knowledge, ability, and skills necessary to provide for the defense of those information systems in a cybersecurity context, including protection, detection, analysis, investigation, and response processes. Overview In this course, you will identify, assess, respond to, and protect against security threats and operate a system and network security analysis platform. You will: Assess cybersecurity risks to the organization. Analyze the threat landscape. Analyze various reconnaissance threats to computing and network environments. Analyze various attacks on computing and network environments. Analyze various post-attack techniques. Assess the organization's security posture through auditing, vulnerability management, and penetration testing. Collect cybersecurity intelligence from various network-based and host-based sources. Analyze log data to reveal evidence of threats and incidents. Perform active asset and network analysis to detect incidents. Respond to cybersecurity incidents using containment, mitigation, and recovery tactics. Investigate cybersecurity incidents using forensic analysis techniques. This course covers network defense and incident response methods, tactics, and procedures that are in alignment with industry frameworks such as NIST 800-61r2 (Computer Security Incident Handling Guide), US-CERT's National Cyber Incident Response Plan (NCIRP), and Presidential Policy Directive (PPD)-41 on Cyber Incident Coordination. It is ideal for candidates who have been tasked with the responsibility of monitoring and detecting security incidents in information systems and networks, and for executing standardized responses to such incidents. The course introduces tools, tactics, and procedures to manage cybersecurity risks, defend cybersecurity assets, identify various types of common threats, evaluate the organization's security, collect and analyze cybersecurity intelligence, and remediate and report incidents as they occur. This course provides a comprehensive methodology for individuals responsible for defending the cybersecurity of their organization. This course is designed to assist students in preparing for the CertNexus CyberSec First Responder (Exam CFR-410) certification examination. What you learn and practice in this course can be a significant part of your preparation. In addition, this course and subsequent certification (CFR-410) meet all requirements for personnel requiring DoD directive 8570.01-M position certification baselines: CSSP Analyst CSSP Infrastructure Support CSSP Incident Responder CSSP Auditor The course and certification also meet all criteria for the following Cybersecurity Maturity Model Certification (CMMC) domains: Incident Response (IR) Audit and Accountability (AU) Risk Management (RM) Lesson 1: Assessing Cybersecurity Risk Topic A: Identify the Importance of Risk Management Topic B: Assess Risk Topic C: Mitigate Risk Topic D: Integrate Documentation into Risk Management Lesson 2: Analyzing the Threat Landscape Topic A: Classify Threats Topic B: Analyze Trends Affecting Security Posture Lesson 3: Analyzing Reconnaissance Threats to Computing and Network Environments Topic A: Implement Threat Modeling Topic B: Assess the Impact of Reconnaissance Topic C: Assess the Impact of Social Engineering Lesson 4: Analyzing Attacks on Computing and Network Environments Topic A: Assess the Impact of System Hacking Attacks Topic B: Assess the Impact of Web-Based Attacks Topic C: Assess the Impact of Malware Topic D: Assess the Impact of Hijacking and Impersonation Attacks Topic E: Assess the Impact of DoS Incidents Topic F: Assess the Impact of Threats to Mobile Security Topic G: Assess the Impact of Threats to Cloud Security Lesson 5: Analyzing Post-Attack Techniques Topic A: Assess Command and Control Techniques Topic B: Assess Persistence Techniques Topic C: Assess Lateral Movement and Pivoting Techniques Topic D: Assess Data Exfiltration Techniques Topic E: Assess Anti-Forensics Techniques Lesson 6: Assessing the Organization's Security Posture Topic A: Implement Cybersecurity Auditing Topic B: Implement a Vulnerability Management Plan Topic C: Assess Vulnerabilities Topic D: Conduct Penetration Testing Lesson 7: Collecting Cybersecurity Intelligence Topic A: Deploy a Security Intelligence Collection and Analysis Platform Topic B: Collect Data from Network-Based Intelligence Sources Topic C: Collect Data from Host-Based Intelligence Sources Lesson 8: Analyzing Log Data Topic A: Use Common Tools to Analyze Logs Topic B: Use SIEM Tools for Analysis Lesson 9: Performing Active Asset and Network Analysis Topic A: Analyze Incidents with Windows-Based Tools Topic B: Analyze Incidents with Linux-Based Tools Topic C: Analyze Indicators of Compromise Lesson 10: Responding to Cybersecurity Incidents Topic A: Deploy an Incident Handling and Response Architecture Topic B: Mitigate Incidents Topic C: Hand Over Incident Information to a Forensic Investigation Lesson 11: Investigating Cybersecurity Incidents Topic A: Apply a Forensic Investigation Plan Topic B: Securely Collect and Analyze Electronic Evidence Topic C: Follow Up on the Results of an Investigation Additional course details: Nexus Humans CertNexus Certified CyberSec First Responder (CFR-410) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the CertNexus Certified CyberSec First Responder (CFR-410) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for This course is intended for experienced IT security-related practitioners, auditors, consultants, investigators, or instructors, including network or security analysts and engineers, network administrators, information security specialists, and risk management professionals, who are pursuing CISSP training and certification to acquire the credibility and mobility to advance within their current computer security careers or to migrate to a related career. Through the study of all eight CISSP Common Body of Knowledge (CBK) domains, students will validate their knowledge by meeting the necessary preparation requirements to qualify to sit for the CISSP certification exam. Additional CISSP certification requirements include a minimum of five years of direct professional work experience in two or more fields related to the eight CBK security domains, or a college degree and four years of experience. Overview #NAME? In this course, students will expand upon their knowledge by addressing the essential elements of the 8 domains that comprise a Common Body of Knowledge (CBK)© for information systems security professionals. Prerequisites CompTIA Network+ Certification 1 - Security and Risk Management Security Governance Principles Compliance Professional Ethics Security Documentation Risk Management Threat Modeling Business Continuity Plan Fundamentals Acquisition Strategy and Practice Personnel Security Policies Security Awareness and Training 2 - Asset Security Asset Classification Privacy Protection Asset Retention Data Security Controls Secure Data Handling 3 - Security Engineering Security in the Engineering Lifecycle System Component Security Security Models Controls and Countermeasures in Enterprise Security Information System Security Capabilities Design and Architecture Vulnerability Mitigation Vulnerability Mitigation in Embedded, Mobile, and Web-Based Systems Cryptography Concepts Cryptography Techniques Site and Facility Design for Physical Security Physical Security Implementation in Sites and Facilities 4 - Information Security Management Goals Organizational Security The Application of Security Concepts 5 - Information Security Classification and Program Development Information Classification Security Program Development 6 - Risk Management and Ethics Risk Management Ethics 7 - Software Development Security Software Configuration Management Software Controls Database System Security 8 - Cryptography Ciphers and Cryptography Symmetric-Key Cryptography Asymmetric-Key Cryptography Hashing and Message Digests Email, Internet, and Wireless Security Cryptographic Weaknesses 9 - Physical Security Physical Access Control Physical Access Monitoring Physical Security Methods Facilities Security

ICA International Diploma in Governance, Risk and Compliance New technologies are changing the role of a compliance professional. Fintech and Regtech are now embedded in compliance lexicon, but what do the terms mean, and what are the practical impacts, both positive and negative, that we need to understand and manage? The ICA International Diploma in Governance, Risk and Compliance helps you to answer these questions and apply the answers directly within your organisation. Gain a broad understanding of the regulatory environment as well as the specialist skills and knowledge to be able to identify and manage key regulatory risks today and in the future. Get to grips with the nuances of the regulatory environment and the impact to your organisation. Understand why promoting a positive compliance culture is not just good for compliance but good for business. Explore how to maximise the benefits of emerging technologies. Develop your inter-personal skills so you can be the best Compliance Manager. Learn from the experiences of compliance professionals from other firms and sectors and share ideas. This governance, risk and compliance course is awarded in association with Alliance Manchester Business School, the University of Manchester. Benefits of studying with ICA: Flexible learning solutions that are suited to you Our learner-centric approach means that you will gain relevant practical and academic skills and knowledge that can be used in your current role Improve your career options by undertaking a globally recognised qualification that hiring managers look for as part of their hiring criteria Many students have stated that they have received a promotion and/or pay rise as a direct result of gaining their qualification The qualifications ensure that you are enabled to develop strategies to help manage and prevent risk within your firm, thus making you an invaluable asset within the current climate Completion of this training course will provide participants with the following professional qualification: ICA Diploma in Governance, Risk and Compliance. In addition, participants will be entitled to use the following designation 'Dip (Comp).' These qualifications are awarded in association with Alliance Manchester Business School, the University of Manchester. What will you learn? Understanding governance, risk and regulatory compliance Why we need to understand the regulated environment Why are governance and culture essential for effective regulatory compliance risk management? The role of the compliance department and the compliance professional Risk management as the key to effective compliance Case Studies