295 Courses in Cardiff delivered Live Online

Overview Extending business activities beyond organisational boundaries to create value for the organisation is not new. However, the quantity and complexity of the relationships that now exist beyond organisational boundaries are increasing, as is regulatory and stakeholder scrutiny. While partnerships with third parties, including critical suppliers, can be beneficial to the organisation on so many levels, such alliances can expose the organisation to many unknowns, and those unknowns will undoubtedly increase the level of risk. The key, then, is properly managing the infrastructure, systems, staff and outside support to adequately manage that risk. 

Overview The credit Risk Assessment course gives participants a comprehensive overview of the key concepts and methodologies in understanding the drivers of credit risk, modelling tools used for the measurement of credit risk, and current best practices in credit risk management techniques. The course focuses on the actual practice of credit risk assessment within financial institutions as well as on the quantitative and methodological tools and procedures that are at the cutting edge of measuring, mitigating and managing credit risk.

Many organisations find that project teams struggle to create and maintain effective plans. Estimates are often overly optimistic and risks go unmanaged until the inevitable happens. Resource managers also find it hard to forecast the likely loading on their departments and requests for support are not provided in a consistent format. This programme has been developed to address these needs in a very practical, hands-on format. Case study work can be based on simulations or on the organisation's current projects for maximum benefit to participants. The aim of this training is to develop and enhance participants' planning and risk management skills in order to maximise the success of project work undertaken by the organisation. The principal training objectives for this programme are to: Provide a structured, integrated approach to planning and risk management Demonstrate practical tools and techniques for each stage of planning Show how to organise and involve relevant people in the planning process Explain how to use the plan for forecasting and pro-active project control Identify ways to improve planning, both individually and corporately The course will emphasise the importance of participative planning techniques that improve the quality of plans whilst reducing overall time and cost of planning. The course will encourage discussion of internal procedures and practices and may be customised to include them if required. DAY ONE 1 Introduction (Course sponsor) Why this programme has been developed Review of participants' needs and objectives 2 Projects and planning Why plan? The benefits of good planning / penalties of poor planning Planning in the project lifecycle; the need for a 'living' plan The interaction between target setting and the planning process Team exercise: planning the project 3 Planning the plan Defining the application and structure of the plan Impact of planning decisions during the project lifecycle Using available time to create an effective plan 4 Defining deliverables Assessing the context; reviewing the goals and stakeholders Developing the scope and defining deliverables; scope mapping Understanding customer priorities; delivering value for money Case study: defining the project deliverables 5 Creating the work breakdown Building the work breakdown structure Detailing the tasks and sub-tasks; structured brainstorming Defining task ownership; the task responsibility matrix 6 Creating and using a logical network Developing the logical network; task boarding Determining the critical path and calculating float Accelerating the plan; concurrent programming and risk Individual and group exercises DAY TWO 7 Developing resource schedules Deriving the Gantt chart from the network Developing the detailed resource schedules Calculating the expenditure profile ('S' curve) 8 Estimating task durations and costs Understanding estimates: effort, availability and duration Estimating tools and techniques Application of estimating techniques during the project lifecycle 9 Case study Developing the project plan Refining the project plan Team presentations and discussion 10 Managing risks and refining the plan Awareness of contractual issues associated with risk Identifying and evaluating risks; deciding ownership Managing risks: determining levels of provision and contingency Controlling risks: maintaining an up-to date risk register 11 Planning for pro-active control The earned value analysis (EVA) concept and its predictive value Deriving the measures needed for cost and delivery performance Practical issues associated with implementing EVA 12 Using and maintaining the plan Tracking progress and updating the plan Publishing and controlling the plan 13 Course review and transfer planning (Course sponsor present) Identify ways of implementing the techniques learnt Sponsor-led review and discussion of proposals Conclusion

Overview This training course is structured around the ISO 31000:2009 framework, principles and processes. It will also demonstrate how to develop internal control mechanisms and explain how to measure risk in terms of probability and potential impact, at the same time as ensuring that the organisation complies with increasingly strict international standards of corporate governance.

Properly employed and supported, TRiM Practitioners can make a significant contribution to staff welfare by offering structured peer support and TRiM assessments to colleagues. TRiM practitioners are trained to identify the risk factors for the development of post traumatic stress and to know when to signpost colleagues to professional support.

Duration 4 Days 24 CPD hours This course is intended for This course is designed for the aspiring or sitting upper-level manager striving to advance his or her career by learning to apply their existing deep technical knowledge to business problems. In this course, students will learn in-depth content in each of the 5 CCISO Domains Domain 01 - Governance Define, Implement, Manage, and Maintain an Information Security Governance Program Information Security Drivers Establishing an information security management structure Laws/Regulations/Standards as drivers of Organizational Policy/Standards/Procedures Managing an enterprise information security compliance program Risk Management Risk mitigation, risk treatment, and acceptable risk Risk management frameworks NIST Other Frameworks and Guidance (ISO 31000, TARA, OCTAVE, FAIR, COBIT, and ITIL) Risk management plan implementation Ongoing third-party risk management Risk management policies and processes Conclusion Domain 2 - Security Risk Management, Controls, & Audit Management INFORMATION SECURITY CONTROLS COMPLIANCE MANAGEMENT GUIDELINES, GOOD AND BEST PRACTICES AUDIT MANAGEMENT SUMMARY Domain 03 - Security Program Management and Operations PROGRAM MANAGEMENT OPERATIONS MANAGEMENT Summary Domain 04 - Information Security Core Concepts ACCESS CONTROL PHYSICAL SECURITY NETWORK SECURITY ENDPOINT PROTECTION APPLICATION SECURITY ENCRYPTION TECHNOLOGIES VIRTUALIZATION SECURITY CLOUD COMPUTING SECURITY TRANSFORMATIVE TECHNOLOGIES Summary Domain 05 - Strategic Planning, Finance, Procurement and Vendor Management STRATEGIC PLANNING Designing, Developing, and Maintaining an Enterprise Information Security Program Understanding the Enterprise Architecture (EA) FINANCE PROCUREMENT VENDOR MANAGEMENT Summary

Where should management effort be directed? In controlling costs and ensuring proper engineering in live projects? - yes, of course, but true cost control comes by understanding, eliminating and minimising risk prior to a business committing any funds. This course studies the stages required for practical financial and business appraisals of projects and capital expenditure. This course has two primary objectives: To impart the knowledge and skills required to ensure as risk-free as possible expenditure of that scarce resource, cash - the investors', governments' or shareholders' money must not be squandered To improve the quality of the appraisal process in the widest sense - demonstrating how the process of project and capital expenditure appraisal can be used to dramatically improve cost control and deliver as risk-free as possible expenditure As a result of the course, participants will be able to: Understand the economics of appraisal Be in control of their projects from the start Understand the economics of their projects - and devise the most appropriate mode Carry out sensitivity analysis and identify risk Improve their methods of appraisal and approach Focus on the risk areas and take out risk and control costs before they over-run The benefits of attending this course will be demonstrable from day one. Thorough appraisals and risk assessment follow through to success in project management and detailed cost control and project management. 1 Introduction Why appraise? Taking risk out of investment The short- and long-term results of not appraising business expenditure 2 Developing an appraisal process The process - overall and stage-by-stage objectives Understand business and technical risks Manage resources and time Do you invest enough time and effort at this stage? Take out the risks - control costs before you are committed to contracts and action Checklists 3 Appraisal arithmetic Review of the arithmetic of appraisalThe time value of moneyThe effects of different interest or required ratesThe effects of inflation (or deflation) in prices and costs Understanding the economics of appraisal is essential 4 Appraisal measures Meaning and use of appraisal measures Identifying the most appropriate measures for your particular business Payback Discounted cash flow measures - NPV and IRR Other measures - FW, AW, Profitability Index The meaning of the measures and their application in practice 5 Cost benefit analysis The effect on decision-making of more intangible benefits Cost benefit analysis Ensuring costs are genuine Measuring intangible benefits Environmental issues Consideration of intangible benefits in the appraisal decision-making process 6 Developing appropriate models Developing models - examples of spreadsheet models and measures for many different situations Modelling investment opportunities - summarising outcomes Sensitivity analysis - identifying, quantifying and taking out risk 7 Developing an appraisal process The process - managing risk from the outset Using the process in risk management, negotiating and project management Take out risk by thoroughly knowing your project - developing your own process

Duration 5 Days 30 CPD hours This course is intended for This course is intended for experienced IT security-related practitioners, auditors, consultants, investigators, or instructors, including network or security analysts and engineers, network administrators, information security specialists, and risk management professionals, who are pursuing CISSP training and certification to acquire the credibility and mobility to advance within their current computer security careers or to migrate to a related career. Through the study of all eight CISSP Common Body of Knowledge (CBK) domains, students will validate their knowledge by meeting the necessary preparation requirements to qualify to sit for the CISSP certification exam. Additional CISSP certification requirements include a minimum of five years of direct professional work experience in two or more fields related to the eight CBK security domains, or a college degree and four years of experience. Overview #NAME? In this course, students will expand upon their knowledge by addressing the essential elements of the 8 domains that comprise a Common Body of Knowledge (CBK)© for information systems security professionals. Prerequisites CompTIA Network+ Certification 1 - Security and Risk Management Security Governance Principles Compliance Professional Ethics Security Documentation Risk Management Threat Modeling Business Continuity Plan Fundamentals Acquisition Strategy and Practice Personnel Security Policies Security Awareness and Training 2 - Asset Security Asset Classification Privacy Protection Asset Retention Data Security Controls Secure Data Handling 3 - Security Engineering Security in the Engineering Lifecycle System Component Security Security Models Controls and Countermeasures in Enterprise Security Information System Security Capabilities Design and Architecture Vulnerability Mitigation Vulnerability Mitigation in Embedded, Mobile, and Web-Based Systems Cryptography Concepts Cryptography Techniques Site and Facility Design for Physical Security Physical Security Implementation in Sites and Facilities 4 - Information Security Management Goals Organizational Security The Application of Security Concepts 5 - Information Security Classification and Program Development Information Classification Security Program Development 6 - Risk Management and Ethics Risk Management Ethics 7 - Software Development Security Software Configuration Management Software Controls Database System Security 8 - Cryptography Ciphers and Cryptography Symmetric-Key Cryptography Asymmetric-Key Cryptography Hashing and Message Digests Email, Internet, and Wireless Security Cryptographic Weaknesses 9 - Physical Security Physical Access Control Physical Access Monitoring Physical Security Methods Facilities Security

  Delivered in either Live Online (4 days) or in our Classroom (5 days), the ISO/IEC 27005 Lead Risk Manager training enables you to acquire the necessary expertise to support an organization in the risk management process related to all assets of relevance for Information Security using the ISO 27005 standard as a reference framework. During this training course, you will gain a comprehensive knowledge of a process model for designing and developing an Information Security Risk Management program. The training will also contain a thorough understanding of best practices of risk assessment methods such as OCTAVE, EBIOS, MEHARI and harmonized TRA. This training course supports the implementation process of the ISMS framework presented in the ISO/IEC 27001 standard. About This Course   After mastering all the necessary concepts of Information Security Risk Management based on ISO/IEC 27005, you can sit for the exam and gain the "Certified ISO/IEC 27005 Lead Risk Manager' credential. By holding this credential, you will be able to demonstrate that you have the practical knowledge and professional capabilities to support and lead a team in managing Information Security Risks.   Learning objectives Master the concepts, approaches, methods and techniques that enable an effective risk management process based on ISO/IEC 27005 Acknowledge the correlation between Information Security risk management and security controls Learn how to interpret the requirements of ISO/IEC 27001 in Information Security Risk Management Acquire the competence and skills to effectively advise organizations on Information Security Risk Management best practices Acquire the knowledge necessary for the implementation, management and maintenance of an ongoing risk management program Educational approach This training is based on both theory and best practices used in Information Security Risk Management Lecture sessions are illustrated with examples based on cases studies Practical exercises are based on a case study which includes role playing and discussions Practice tests are similar to the Certification Exam Who Should Attend?   Information Security risk managers Information Security team members Individuals responsible for Information Security, compliance, and risk within an organization Individuals implementing ISO/IEC 27001, seeking to comply with ISO/IEC 27001 or individuals who are involved in a risk management program IT consultants IT professionals Information Security officers Privacy officers What's Included?   Official Course Slide decks Candidate pack Exam fees Prerequisites   A foundational understanding of ISO/IEC 27005 and knowledge of Risk Assessment and Information Security. Our Guarantee     We are an approved IECB Training Partner. You can learn wherever and whenever you want with our robust classroom and interactive online training courses. Our courses are taught by qualified practitioners with commercial experience. We strive to give our delegates the hands-on experience. Our courses are all-inclusive with no hidden extras.  The one-off cost covers the training, all course materials, and exam voucher. Our aim: To achieve a 100% first time pass rate on all our instructor-led courses. Our Promise: Pass first time or 'train' again for FREE. *FREE training and exam retake offered Accreditation Assessment   The exam for this course is a 12 question essay type. The pass mark is 70% and should be achieved within the allotted 150 minute exam timeframe. Exam results are provided within 24 hours. Provided by   This course is Accredited by NACSand Administered by the IECB

Duration 3 Days 18 CPD hours This course is intended for This course is ideal for Professionals preparing to become CRISC certified. Risk practitioners Students or recent graduates Overview At course completions, students will understand the essential concepts in the 4 ISACA CRISC domains: Governance IT Risk Assessment Risk Response and Reporting Information Technology and Security This 3 Day CRISC course is geared towards preparing students to pass the ISACA Certified in Risk and Information Systems Control examination. The course covers all four of the CRISC domains, and each section corresponds directly to the CRISC job practice. CRISC validates your experience in building a well-defined, agile risk-management program, based on best practices to identify, analyze, evaluate, assess, prioritize and respond to risks. This enhances benefits realization and delivers optimal value to stakeholders. GOVERNANCE - a. Organizational Governance Organizational Strategy, Goals, and Objectives Organizational Structure, Roles, and Responsibilities Organizational Culture Policies and Standards Business Processes Organizational Assets GOVERNANCE - b. Risk Governance Enterprise Risk Management and Risk Management Framework Three Lines of Defense Risk Profile Risk Appetite and Risk Tolerance Legal, Regulatory, and Contractual Requirements Professional Ethics of Risk Management IT RISK ASSESSMENT - a. IT Risk Identification Risk Events (e.g., contributing conditions, loss result) Threat Modelling and Threat Landscape Vulnerability and Control Deficiency Analysis (e.g., root cause analysis) Risk Scenario Development IT RISK ASSESSMENT - b. IT Risk Analysis and Evaluation Risk Assessment Concepts, Standards, and Frameworks Risk Register Risk Analysis Methodologies Business Impact Analysis Inherent and Residual Risk RISK RESPONSE AND REPORTING - a. Risk Response Risk Treatment / Risk Response Options Risk and Control Ownership Third-Party Risk Management Issue, Finding, and Exception Management Management of Emerging Risk RISK RESPONSE AND REPORTING - b. Control Design and Implementation Control Types, Standards, and Frameworks Control Design, Selection, and Analysis Control Implementation Control Testing and Effectiveness Evaluation RISK RESPONSE AND REPORTING - c. Risk Monitoring and Reporting Risk Treatment Plans Data Collection, Aggregation, Analysis, and Validation Risk and Control Monitoring Techniques Risk and Control Reporting Techniques (heatmap, scorecards, dashboards) Key Performance Indicators Key Risk Indicators (KRIs) Key Control Indicators (KCIs) INFORMATION TECHNOLOGY AND SECURITY - a. Information Technology Principles Enterprise Architecture IT Operations Management (e.g., change management, IT assets, problems, incidents) Project Management Disaster Recovery Management (DRM) Data Lifecycle Management System Development Life Cycle (SDLC) Emerging Technologies INFORMATION TECHNOLOGY AND SECURITY - b. Information Security Principles Information Security Concepts, Frameworks, and Standards Information Security Awareness Training Business Continuity Management Data Privacy and Data Protection Principles