705 Courses in Cardiff delivered Live Online

This session will combine knowledge as well as practical interactive scenarios to work through to assist delegates in evaluating themselves to identify areas they might need to improve on.  The course will cover: The purpose of the role (reminder) How the role has evolved What lessons can be gained so far How do you create a culture of compliance What good systems, policies and procedures look like Easy tips on what, where and how you should be looking Target Audience This online course is suitable for those new to the COFA role, those supporting the COFA and for those that would like a refresher of the role and their responsibilities. Resources An information pack including the course slides, scenarios and suggested answers will be provided to all delegates, which may be useful for ongoing reference. Please note a recording of the course will not be made available. Speaker Sarah Charlton, Consultant, DG Legal Sarah has a BSc (Hons) in Applied Accounting and is a Fellow member of the Association of Chartered and Certified Accountants. Her career spans over 35 years working within the legal sector, fulfilling roles from COFA through to CEO. During her career she has worked with a number of legal regulators, professional bodies and government organisations. Sarah has been a member of the Institute of Legal Finance and Management throughout her career, qualifying as a Fellow member in 2005. Sarah also served as chairperson between 2010-2012 and continues to serve as an Executive Council Member.

ICA Advanced Certificate in Business Compliance The ICA Advanced Certificate in Business Compliance has been specifically designed for those working outside financial services. The need for guidance and training in meeting regulatory requirements extends to many industry sectors including oil and gas, aerospace, pharmaceuticals, telecoms, and manufacturing. This course will enable practitioners working in areas such as these to gain knowledge of the essentials of compliance in a practical business context as well as understand the roles of both the compliance function and compliance professionals. The Advanced Certificate will develop the compliance/risk management knowledge and skills of individuals and thereby help to enhance the overall reputation and performance of their firms. Benefits of studying with ICA: Flexible learning solutions that are suited to you Our learner-centric approach means that you will gain relevant practical and academic skills and knowledge that can be used in your current role Improve your career options by undertaking a globally recognised qualification that hiring managers look for as part of their hiring criteria Many students have stated that they have received a promotion and/or pay rise as a direct result of gaining their qualification The qualifications ensure that you are enabled to develop strategies to help manage and prevent risk within your firm, thus making you an invaluable asset within the current climate Upon successful completion of this course, students will be awarded the ICA Advanced Certificate in Business Compliance and will be able to use the designation - Adv.Cert(Bus.Comp). This qualification is awarded in association with Alliance Manchester Business School, the University of Manchester. What will you learn? The context of compliance and its origins Building an effective control framework The skills needed to be an effective compliance professional Risk management, alert systems and investigations Managing financial crime risk Creating competitive advantage How will you be assessed? Assessed by a one-hour, question-based exam and one research-based assignment

ICA Essentials - Compliance Compliance is a critical business function. Whilst the downside risks of failing to comply with regulation are generally well known, it is less frequently recognised that, if done well, Compliance provides organisations with a significant competitive advantage. 3-hour live, instructor-led virtual workshop Gain a solid understanding of core compliance issues Earn a certificate of completion and receive a £100 discount on the ICA Certificate in Compliance (if you choose to go onto further study). Understanding the regulatory environment Regulation in practice Compliance in practice Principles of risk management Financial crime compliance oversight

Duration 4 Days 24 CPD hours This course is intended for The information protection administrator translates an organization?s risk and compliance requirements into technical implementation. They are responsible for implementing and managing solutions for content classification, data loss prevention (DLP), information protection, data lifecycle management, records management, privacy, risk, and compliance. They also work with other roles that are responsible for governance, data, and security to evaluate and develop policies to address an organization's risk reduction and compliance goals. This role assists workload administrators, business application owners, human resources departments, and legal stakeholders to implement technology solutions that support the necessary policies and controls. Learn how to protect information in your Microsoft 365 deployment. This course focuses on data lifecycle management and information protection and compliance within your organization. The course covers implementation of data loss prevention policies, sensitive information types, sensitivity labels, data retention policies, Microsoft Purview Message Encryption, audit, eDiscovery, and insider risk among other related topics. The course helps learners prepare for the Microsoft Information Protection Administrator exam (SC-400). Prerequisites Foundational knowledge of Microsoft security and compliance technologies. Basic knowledge of information protection concepts. Understanding of cloud computing concepts. Understanding of Microsoft 365 products and services. 1 - Introduction to information protection and data lifecycle management in Microsoft Purview Know your data Protect your data Prevent data loss Govern your data 2 - Classify data for protection and governance Data classification overview Classify data using sensitive information types Classify data using trainable classifiers Review sensitive information and label usage Explore labeled and sensitive content Understand activities related to your data 3 - Create and manage sensitive information types Compare built-in versus custom sensitive information types Create and manage custom sensitive information types Describe custom sensitive information types with exact data match Implement document fingerprinting Create keyword dictionary 4 - Understand Microsoft 365 encryption Learn how Microsoft 365 data is encrypted at rest Understand service encryption in Microsoft Purview Explore customer key management using Customer Key Learn how data is encrypted in-transit 5 - Deploy Microsoft Purview Message Encryption Implement Microsoft Purview Message Encryption Implement Microsoft Purview Advanced Message Encryption Use Microsoft Purview Message Encryption templates in mail flow rules 6 - Protect information in Microsoft Purview Information protection overview Configure sensitivity labels Configure sensitivity label policies Configure auto-labeling policies Manage, monitor, and remediate information protection 7 - Apply and manage sensitivity labels Apply sensitivity labels to Microsoft Teams, Microsoft 365 groups, and SharePoint sites Plan on-premises labeling Configure on-premises labeling for the Unified Labeling Scanner Apply protections and restrictions to email and files Monitor label performance using label analytics 8 - Prevent data loss in Microsoft Purview Data loss prevention overview Identify content to protect Define policy settings for your DLP policy Test and create your DLP policy Prepare Endpoint DLP Manage DLP alerts in the Microsoft Purview compliance portal View data loss prevention reports Implement the Microsoft Purview Extension 9 - Configure DLP policies for Microsoft Defender for Cloud Apps and Power Platform Configure data loss prevention policies for Power Platform Integrate data loss prevention in Microsoft Defender for Cloud Apps Configure policies in Microsoft Defender for Cloud Apps Manage data loss prevention violations in Microsoft Defender for Cloud Apps 10 - Manage data loss prevention policies and reports in Microsoft 365 Configure data loss prevention for policy precedence Implement data loss prevention policies in test mode Explain data loss prevention reporting capabilities Manage permissions for data loss prevention reports Manage and respond to data loss prevention policy violations 11 - Manage the data lifecycle in Microsoft Purview Data Lifecycle Management overview Configure retention policies Configure retention labels Configure manual retention label policies Configure auto-apply retention label policies Import data for Data Lifecycle Management Manage, monitor, and remediate Data Lifecycle Management 12 - Manage data retention in Microsoft 365 workloads Explain retention in Exchange Online Explain retention in SharePoint Online and OneDrive Explain retention in Microsoft Yammer Activate archive mailboxes in Microsoft Exchange Apply mailbox holds in Microsoft Exchange Recover content in Microsoft Exchange 13 - Manage records in Microsoft Purview Records management overview Import a file plan Configure retention labels Configure event driven retention Manage, monitor, and remediate records 14 - Explore compliance in Microsoft 365 Plan for security and compliance in Microsoft 365 Plan your beginning compliance tasks in Microsoft Purview Manage your compliance requirements with Compliance Manager Examine the Compliance Manager dashboard Analyze the Microsoft Compliance score 15 - Search for content in the Microsoft Purview compliance portal Explore Microsoft Purview eDiscovery solutions Create a content search View the search results and statistics Export the search results and search report Configure search permissions filtering Search for and delete email messages 16 - Manage Microsoft Purview eDiscovery (Standard) Explore Microsoft Purview eDiscovery solutions Implement Microsoft Purview eDiscovery (Standard) Create eDiscovery holds Search for content in a case Export content from a case Close, reopen, and delete a case 17 - Manage Microsoft Purview eDiscovery (Premium) Explore Microsoft Purview eDiscovery (Premium) Implement Microsoft Purview eDiscovery (Premium) Create and manage an eDiscovery (Premium) case Manage custodians and non-custodial data sources Analyze case content 18 - Manage Microsoft Purview Audit (Standard) Explore Microsoft Purview Audit solutions Implement Microsoft Purview Audit (Standard) Search the audit log Export, configure, and view audit log records Use audit log searching to investigate common support issues 19 - Prepare Microsoft Purview Communication Compliance Plan for communication compliance Identify and resolve communication compliance workflow Case study--Configure an offensive language policy Investigate and remediate communication compliance alerts 20 - Manage insider risk in Microsoft Purview Insider risk management overview Create and manage insider risk policies Investigate insider risk alerts Take action on insider risk alerts through cases Manage insider risk management forensic evidence Create insider risk management notice templates 21 - Implement Microsoft Purview Information Barriers Explore Microsoft Purview Information Barriers Configure information barriers in Microsoft Purview Examine information barriers in Microsoft Teams Examine information barriers in OneDrive Examine information barriers in SharePoint 22 - Manage regulatory and privacy requirements with Microsoft Priva Create and manage risk management policies Investigate and remediate risk management alerts Create rights requests Manage data estimate and retrieval for rights requests Review data from rights requests Get reports from rights requests 23 - Implement privileged access management Case study--Implementing privileged access management 24 - Manage Customer Lockbox Manage Customer Lockbox requests

This is a gateway course for all further learning in FD&FA systems.

Our Financial Compliance and Legal Aid Payments Course provides a brief overview of historical changes and the current regulations. The course will cover what VAT regulations and the SRA Accounts Rules say on legal aid payments and will provide practical advice and tips on how to account for these payments so you adhere to the rules and regulations of the profession. Target Audience This course is suitable for those in the legal profession who oversees, or is responsible for or involved in accounting for legal aid funds, including, costs lawyers, legal cashiers, COFA, those supporting the COFA, account managers, etc. Resources An information pack including the course slides will be provided to all delegates after the course, which may be useful for ongoing reference. Please note a recording of the course will not be made available. Speaker Sarah Charlton, Consultant, DG Legal Sarah has a BSc (Hons) in Applied Accounting and is a Fellow member of the Association of Chartered and Certified Accountants. Her career spans over 35 years working within the legal sector, fulfilling roles from COFA through to CEO. During her career she has worked with a number of legal regulators, professional bodies and government organisations. Sarah has been a member of the Institute of Legal Finance and Management throughout her career, qualifying as a Fellow member in 2005. Sarah also served as chairperson between 2010-2012 and continues to serve as an Executive Council Member.

Duration 1 Days 6 CPD hours This course is intended for The audience for this course is looking to familiarize themselves with the fundamentals of security, compliance, and identity (SCI) across cloud-based and related Microsoft services. The content for this course aligns to the SC-900 exam objective domain. Candidates should be familiar with Microsoft Azure and Microsoft 365 and understand how Microsoft security, compliance, and identity solutions can span across these solution areas to provide a holistic and end-to-end solution. Before attending this course, students must have: General understanding of networking and cloud computing concepts. General IT knowledge or any general experience working in an IT environment. General understanding of Microsoft Azure and Microsoft 365. This course provides foundational level knowledge on security, compliance, and identity concepts and related cloud-based Microsoft solutions. Prerequisites General understanding of networking and cloud computing concepts. General IT knowledge or any general experience working in an IT environment. General understanding of Microsoft Azure and Microsoft 365. 1 - Describe security and compliance concepts Describe the shared responsibility model Describe defense in depth Describe the Zero Trust model Describe governance, risk, and compliance (GRC) concepts 2 - Describe identity concepts Define authentication and authorization Define identity as the primary security perimeter Describe the role of the identity provider Describe the concept of directory services and Active Directory Describe the concept of federation 3 - Describe the function and identity types of Microsoft Entra ID Describe Microsoft Entra ID Describe types of identities Describe hybrid identity Describe external identities 4 - Describe the authentication capabilities of Microsoft Entra ID Describe authentication methods Describe multifactor authentication Describe self-service password reset Describe password protection and management capabilities 5 - Describe access management capabilities of Microsoft Entra ID Describe Conditional Access Describe Microsoft Entra roles and role-based access control (RBAC) 6 - Describe the identity protection and governance capabilities of Azure AD Describe Microsoft Entra ID Governance Describe access reviews Describe entitlement management Describe the capabilities of Privileged identity Management Describe Microsoft Entra ID Protection Describe Microsoft Entra Permissions Management Describe Microsoft Entra Verified ID 7 - Describe core infrastructure security services in Azure Describe Azure DDoS protection Describe Azure Firewall Describe Web Application Firewall Describe network segmentation in Azure Describe Azure Network Security Groups Describe Azure Bastion Describe Azure Key Vault 8 - Describe the security management capabilities in Azure Describe Microsoft Defender for Cloud Describe how security policies and initiatives improve cloud security posture Describe Cloud security posture management Describe the enhanced security of Microsoft Defender for Cloud Describe DevOps security management 9 - Describe security capabilities of Microsoft Sentinel Describe threat detection and mitigation capabilities in Microsoft Sentinel Describe Microsoft Security Copilot 10 - Describe threat protection with Microsoft Defender XDR Describe Microsoft Defender XDR services Describe Microsoft Defender for Office 365 Describe Microsoft Defender for Endpoint Describe Microsoft Defender for Cloud Apps Describe Microsoft Defender for Identity Describe Microsoft Defender Vulnerability Management Describe Microsoft Defender Threat Intelligence Describe the Microsoft Defender portal 11 - Describe Microsoft?s Service Trust portal and privacy capabilities Describe the offerings of the Service Trust portal Describe Microsoft's privacy principles Describe Microsoft Priva 12 - Describe the compliance management capabilities in Microsoft Purview Describe the Microsoft Purview compliance portal Describe Compliance Manager Describe use and benefits of compliance score 13 - Describe information protection, data lifecycle management, and data governance capabilities in Microsoft Purview Know your data, protect your data, and govern your data Describe the data classification capabilities of the compliance portal Describe sensitivity labels and policies Describe data loss prevention Describe retention policies and retention labels Describe records management Describe the Microsoft Purview unified data governance solution 14 - Describe the insider risk capabilities in Microsoft Purview Describe insider risk management Describe communication compliance 15 - Describe the eDiscovery and Audit capabilities in Microsoft Purview Describe the eDiscovery solutions in Microsoft Purview Describe the audit solutions in Microsoft Purview

Are you doing sanction checks in your law firm? In the intricate landscape of legal practice, understanding and adhering to the UK's sanctions regime is not just a recommendation; it is mandatory and it is imperative. This course aims to set clear expectations and offer practical support to firms, guiding them away from the pitfalls of breaching the UK's sanctions regime. This course will cover: What are sanctions What do you need to know about the sanctions for your firm How is it different to the AML regime? What controls to put in place? If the firm offers services to sanction areas – what controls? My client has been sanctioned – what do I do? Reporting obligations Using screening tools Licensing How does this impact Legal Professional Privilege? Sanction Risk Assessment Red flags factors Enforcement actions Target Audience This course is for all legal firms, irrespective of the services provided. Whether you are navigating the sanctions regime independently or operating under a license from the Office of Financial Sanctions Implementation (OFSI), this course is for you. Resources Comprehensive and up to date course notes will be provided to all delegates which may be useful for ongoing reference or cascade training. Please note a recording of the course will not be made available. Speaker Helen Torresi, Consultant, DG Legal Helen is a qualified solicitor with a diverse professional background spanning leadership roles in both the legal and tech/corporate sectors. Throughout her career, she has held key positions such as COLP, HOLP, MLCO, MLRO and DPO for law firms and various regulated businesses and services. Helen’s specialised areas encompass AML, complaint and firm negligence handling, DPA compliance, file review and auditing, law management, and operational effectiveness in law firms, particularly in conveyancing (CQS).

This masterclass will help develop your confidence and knowledge in identifying and managing complex safeguarding issues.

Despite being a requirement under the Money Laundering Regulations 2017 (MLR 2017), in 2023/24 the SRA found that 19% of files reviewed did not contain a client and matter risk assessment (CMRA), with a further 12% of files containing ineffective CMRAs.  At best, the firms conducting these files were putting themselves at risk of regulatory action for failure to comply with the MLR 2017. More seriously, firms may have been facilitating money laundering through their failure to adequately assess and address the risks posed by clients and matters.  The SRA has issued a number of significant fines to firms with no, or insufficient, CMRAs in place. In the year August 2024 to July 2025, firms were fined over £950,000 where ineffective or missing CMRAs were noted.  Although a firm’s MLRO, MLCO or its managers bear ultimate responsibility for ensuring its compliance with the MLR 2017, it is the responsibility of all those working on behalf of the firm to conduct and document the appropriate processes and checks on a day-to-day basis. Therefore, it is imperative that all staff understand not only how to complete a CMRA, but also the importance of doing so thoroughly and correctly.  This course will assist fee earners and support staff in confidently and competently completing client and matter risk assessments, understanding the types of risks to be identified and the importance of correctly identifying these.  Where the SRA has found failings at firms in respect of CMRAs, it has almost unanimously also found shortcomings in other areas of AML compliance. Where concerns are raised regarding a firm’s compliance with any aspect of the MLR 2017, the SRA will probe further and look into all areas of AML compliance. For information about DG Legal’s full range of AML training courses, please visit https://dglegal.co.uk/training/upcoming-premier-training-courses/.  Target Audience This online course is suitable for staff of all levels, from support staff to senior partners. Resources Comprehensive and up to date course notes will be provided to all delegates which may be useful for ongoing reference or cascade training. Please note a recording of the course will not be made available. Speaker Paul Wightman, Consultant, DG Legal A qualified barrister, Paul graduated in Law from Birmingham University and was called to the Bar in 1994. He subsequently spent almost 20 years working for the Law Society of England and Wales, initially within the Office for the Supervision of Solicitors, then the Legal Complaints Service (LCS), and ultimately the Solicitors Regulation Authority (SRA). Paul is adept at undertaking audits and providing succinct reports on areas for improvement and can assist firms with advice on all aspects of SRA compliance and Anti-Money Laundering procedures.