18 Courses in Liverpool delivered Live Online

  The IAPP offers the most encompassing, up-to-date and sought-after global training and certification program for privacy and data protection. The Certified Information Privacy Professional (CIPP) helps organizations around the world bolster compliance and risk mitigation practices, and arms practitioners with the insight needed to add more value to their businesses. Skilled privacy pros are in high demand and IAPP certification is what employers want. When you earn an IAPP credential, you earn the right to be recognized as part of an elite group of knowledgeable, capable and dedicated privacy professionals. With the GDPR effective as of May 2018, among its mandates was the requirement to appoint knowledgeable DPOs (data protection officers) tasked with monitoring compliance, managing internal data protection activities, training data processing staff, conducting internal audits and more. There's a lot to know, there's a lot at stake and there's a lot of opportunity for privacy professionals with the right training and education. Achieving a CIPP/E credential shows you have the comprehensive GDPR knowledge, perspective and understanding to ensure compliance and data protection success in Europe-and to take advantage of the career opportunity this sweeping legislation represents. About This Course   Delivered in a Modular format, the course includes; Module 1: Data Protection Laws Introduces key European data protection laws and regulatory bodies, describing the evolution toward a Harmonised European Legislative Framework. Module 2: Personal Data Defines and differentiates between types of data-including personal, anonymous, pseudo-anonymous and special categories. Module 3: Controllers and Processors Describes the roles and relationships of controllers and processors. Module 4: Processing Personal Data Defines data processing and GDPR processing principles, Explains the application of the GDPR and outlines the legitimate bases for processing personal data. Module 5: Information provision Explains controller obligations for providing information about data processing activities to data subjects and Supervisory Authorities. Module 6: Data Subjects 'Rights Describes data subjects' rights, applications of rights and obligations controller and processor. Module 7: Security or Processing Discusses considerations and duties of controllers and processors for Ensuring security of personal data and providing notification of data breaches. Module 8: Accountability Investigates accountability requirements, data protection management systems, data protection impact assessments, privacy policies and the role of the data protection officer. Module 9: International Data Transfers Outlines options and obligations for transferring data outside the European Economic Area, Decisions adequacy and appropriateness safeguards and derogations. Module 10: Supervision and Enforcement Describes the role, powers and procedures or Supervisory Authorities; the composition and tasks of the European Data Protection Board; the role of the European Data Protection Supervisor; and remedies, liabilities and penalties for non-compliance. Module 11: Compliance Discusses the applications of European data protection law, legal bases and compliance requirements for processing personal data in practice, employers-including processing employee data, surveillance, direct marketing, Internet technology and communications and outsourcing. Prerequisites   There are no prerequisites for this course but candidates would benefit from reading the freely available materials found on the IAPP website. What's Included?   1 years membership of the IAPP  Breakfast, Lunch and refreshments (Classroom courses only) Official Study Guide (European Data Protection, Law & Practice)* Participant Guide* Official Exam Q&A* Official Practice Exam Official Practice Exam* The Exam Fees * In electronic format for Live Online and hard copy for Classroom delegates     Who Should Attend?   The CIPP/E is ideal for IT and information security leaders responsible for applying best practices to cloud security architecture, design, operations and service orchestration, including those in the following positions: Cybersecurity Analysts Data Analysts Security Administrators Aspiring Data Protection Officers Accreditation Our Guarantee   We are an approved IAPP Training Partner. You can learn wherever and whenever you want with our robust classroom and interactive online training courses. Our courses are taught by qualified practitioners with a minimum of 25 years commercial experience. We strive to give our delegates the hands-on experience. Our courses are all-inclusive with no hidden extras.  The one-off cost covers the training, all course materials, and exam voucher. Our aim: To achieve a 100% first time pass rate on all our instructor-led courses. Our Promise: Pass first time or 'train' again for FREE. *FREE training offered for retakes - come back within a year and only pay for the exam.

Our training programme will provide those involved at any stage of the process for procuring goods and/or services within their organisations with the knowledge and skillset to identify and mitigate the threat posed by the breadth and multi-layered complexity of procurement fraud, corruption and associated financial crime and money laundering.

Duration 3 Days 18 CPD hours This course is intended for Blockchain Architects Blockchain DevelopersApplication Developers Blockchain System AdministratorsNetwork Security Architects Cyber Security ExpertsIT Professionals w/cyber security experience Overview Those who attend the Security for Blockchain Professionals course and pass the exam certification will have a demonstrated knowledge of:Identifying and differentiating between security threats and attacks on a Blockchain network.Blockchain security methods, best practices, risk mitigation, and more.All known (to date) cyber-attack vectors on the Blockchain.Performing Blockchain network security risk analysis.A complete understanding of Blockchain?s inherent security features and risks.An excellent knowledge of best security practices for Blockchain System/Network Administrators.Demonstrating appropriate Blockchain data safeguarding techniques. This course covers all known aspects of Blockchain security that exist in the Blockchain environment today and provides a detailed overview of all Blockchain security issues, including threats, risk mitigation, node security integrity, confidentiality, best security practices, advanced Blockchain security and more. Fundamental Blockchain Security Cryptography for the Blockchain Hash Functions Public Key Cryptography Elliptic Curve Cryptography A Brief Introduction to Blockchain The Blocks The Chains The Network Promises of the Blockchain Blockchain Security Assumptions Digital Signature Security Hash Function Security Limitations of Basic Blockchain Security Public Key Cryptography Review Real-Life Public Key Protection Cryptography and Quantum Computers Lab 1 (Tentative) Finding Hash Function Collisions Reversible hash function Hash function with poor non-locality Hash function with small search space Breaking Public Key Cryptography Brute Forcing a Short Private Key Brute Forcing a Poorly-Chosen Private Key Consensus in the Blockchain Blockchain Consensus and Byzantine Generals Blockchain Networking Review Byzantine Generals Problem Relation to Blockchain Byzantine Fault Tolerance Introduction to Blockchain Consensus Security Blockchain Consensus Breakthrough Proof of Work What is Proof of Work? How does Proof of Work Solve BGP? Proof of Work Security Assumptions Attacking Proof of Work Proof of Stake What is Proof of Stake? How does Proof of Stake Solve BGP? Proof of Stake Security Assumptions Attacking Proof of Stake General Attacks on Blockchain Consensus Other Blockchain Consensus Algorithms Lab 2 (Tentative) Attacking Proof of Work Performing a 51% Attack Performing a Selfish Mining Attack Attacking Proof of Stake Performing a XX% Attack Performing a Long-Range Attack Malleable Transaction Attacks Advanced Blockchain Security Mechanisms Architectural Security Measures Permissioned Blockchains Checkpointing Advanced Cryptographic Solutions Multiparty Signatures Zero-Knowledge Proofs Stealth Addresses Ring Signatures Confidential Transactions Lab 3 (Tentative) Permissioned Blockchains 51% on a Checkpointed Blockchain Data mining on a blockchain with/without stealth addresses Zero-Knowledge Proof Simulation Trying to fake knowledge of a ZKP Module 4: Blockchain for Business Introduction to Ethereum Security What is Ethereum Consensus in Ethereum Smart Contracts in Ethereum Ethereum Security Pros and Cons of Ethereum Blockchains Introduction to Hyperledger Security What is Hyperledger Consensus in Hyperledger Smart Contracts in Hyperledger Hyperledger Security Pros and Cons of Hyperledger Blockchains Introduction to Corda Security What is Corda Consensus in Corda Smart Contracts in Corda Corda Security Pros and Cons of Corda Blockchains Lab 4 Blockchain Risk Assessment What are the Risks of the Blockchain? Information Security Information Sensitivity Data being placed on blockchain Risks of disclosure Regulatory Requirements Data encryption Data control PII protection Blockchain Architectural Design Public and Private Blockchains Open and Permissioned Blockchains Choosing a Blockchain Architecture Lab 5 Exploring public/private open/permissioned blockchains? Basic Blockchain Security Blockchain Architecture User Security Protecting Private Keys Malware Update Node Security Configuring MSPs Network Security Lab 6 (TBD) Smart Contract Security Introduction to Smart Contracts Smart Contract Security Considerations Turing-Complete Lifetime External Software Smart Contract Code Auditing Difficulties Techniques Tools Lab 7 (Tentative) Try a couple of smart contract code auditing tool against different contracts with built-in vulnerabilities Module 8: Security Implementing Business Blockchains Ethereum Best Practices Hyperledger Best Practices Corda Best Practices Lab 8 Network-Level Vulnerabilities and Attacks Introduction to Blockchain Network Attacks 51% Attacks Denial of Service Attacks Eclipse Attacks Routing Attacks Sybil Attacks Lab 9 Perform different network-level attacks System-Level Vulnerabilities and Attacks Introduction to Blockchain System Vulnerabilities The Bitcoin Hack The Verge Hack The EOS Vulnerability Lab 10 Smart Contract Vulnerabilities and Attacks Introduction to Common Smart Contract Vulnerabilities Reentrancy Access Control Arithmetic Unchecked Return Values Denial of Service Bad Randomness Race Conditions Timestamp Dependence Short Addresses Lab 11 Exploiting vulnerable smart contracts Security of Alternative DLT Architectures What Are Alternative DLT Architectures? Introduction to Directed Acyclic Graphs (DAGs) DAGs vs. Blockchains Advantages of DAGs DAG Vulnerabilities and Security Lab 12 Exploring a DAG network

Our training programme will provide those involved at any stage of the process for procuring goods and/or services within their organisations with the knowledge and skillset to identify and mitigate the threat posed by the breadth and multi-layered complexity of procurement fraud and corruption.

Driver CPC - 1 Day Periodic 7 Hour Course The Compliant Driver / Trailer Checks and 3rd Party Trailers Join our online course from Total Compliance, designed to build your expertise in being a compliant driver and conducting essential trailer check. Driver Compliance: Understanding the responsibilities and legal requirements for maintaining compliance on the road. Trailer Checks: Conducting thorough pre-use and post-use trailer inspections to ensure safety and efficiency. 3rd Party Trailers: Best practices for managing and operating third-party trailers, including checks, handling procedures, and risk mitigation. Don't miss out on this opportunity to improve your driving practices! Please review our Terms and Conditions for more information.

This five-day programme empowers participants with the skills and knowledge to understand and effectively apply best practice commercial and contracting principles and techniques, ensuring better contractor performance and greater value add. This is an assessed programme, leading to the International Association for Contracts & Commercial Management (IACCM)'s coveted Contract and Commercial Management Practitioner (CCMP) qualification. By the end of this comprehensive programme the participants will be able to: Develop robust contracting plans, including scopes of work and award strategies Undertake early market engagements to maximise competition Conduct effective contracting and commercial management activities, including ITT, RFP, negotiated outcomes Understand the legalities of contract and commercial management Negotiate effectively with key stakeholders and clients, making use of the key skills of persuading and influencing to optimise outcomes Undertake effective Supplier Relationship Management Appreciate the implications of national and organisational culture on contracting and commercial activities Appreciate professional contract management standards Set up and maintain contract and commercial management governance systems Take a proactive, collaborative, and agile approach to managing commercial contracts Develop and monitor appropriate and robust KPIs and SLAs to manage the contractor and facilitate improved contractor performance Appreciate the cross-functional nature of contract management Collaborate with clients to deliver sustainable performance and to manage and exceed client expectations Understand the roles and responsibilities of contract and commercial managers Use effective contractor selection and award methods and models (including the 10Cs model) and use these models to prepare robust propositions to clients Make effective use of lessons learned to promote improvements from less than optimal outcomes, using appropriate templates Effectively manage the process of change, claims, variations, and dispute resolution Develop and present robust propositions Make appropriate use of best practice contract and commercial management tools, techniques, and templates DAY ONE 1 Introduction Aims Objectives KPIs Learning strategies Plan for the programme 2 The contracting context Key objectives of contract management Importance and impact on the business 3 Critical success factors Essential features of professional commercial and contract management and administration The 6-step model 4 Putting the 'management' into commercial and contract management Traditional v 'new age' models The need for a commercial approach The added value generated 5 Definitions 'Commercial management' 'Contract management' 'Contracting' ... and why have formal contracts? 6 Stakeholders Stakeholder mapping and analysis The 'shared vision' concept Engaging with key functions, eg, HSE, finance, operations 7 Roles and responsibilities Contract administrators Stakeholders 8 Strategy and planning Developing effective contracting plans and strategies DAY TWO 1 Contract control Tools and techniques, including CPA and Gantt charts A project management approach Developing effective contract programmes 2 The contracting context Key objectives of contract management Importance and impact on the business 3 Tendering Overview of the contracting cycle Requirement to tender Methods Rationale Exceptions Steps Gateways Controls One and two package bids 4 Tender assessment and contract award I - framework Tender board procedures Role of the tender board (including minor and major tender boards) Membership Administration Developing robust contract award strategies and presentations DAY THREE 1 Tender assessment and contract award II - processes Pre-qualification processes CRS Vendor registration rules and processes Creating bidder lists Disqualification criteria Short-listing Using the 10Cs model Contract award and contract execution processes 2 Minor works orders Process Need for competition Role and purpose Controls Risks 3 Contract strategy Types of contract Call-offs Framework agreements Price agreements Supply agreements 4 Contract terms I: Pricing structures Lump sum Unit price Cost plus Time and materials Alternative methods Target cost Gain share contracts Advance payments Price escalation clauses 5 Contract terms II: Other financial clauses Insurance Currencies Parent body guarantees Tender bonds Performance bonds Retentions Sub-contracting Termination Invoicing 6 Contract terms III: Risk and reward Incentive contracts Management and mitigation of contractual risk DAY FOUR 1 Contract terms IV: Jurisdiction and related matters Applicable laws and regulations Registration Commercial registry Commercial agencies 2 Managing the client-contractor relationship Types of relationship Driving forces Link between type of contract and style of relationships Motivation - use of incentives and remedies 3 Disputes Types of dispute Conflict resolution strategies Negotiation Mediation Arbitration DAY FIVE 1 Performance measurement KPIs Benchmarking Cost controls Validity of savings Balanced scorecards Using the KPI template 2 Personal qualities of the contract manager Negotiation Communication Persuasion and influencing Working in a matrix environment 3 Contract terms V: Drafting skills Drafting special terms 4 Variations Contract and works variation orders Causes of variations Risk management Controls Prevention Negotiation with contractors 5 Claims Claims management processes Controls Risk mitigation Schedules of rates 6 Close-out Contract close-out and acceptance / completion HSE Final payments Performance evaluation Capturing the learning 7 Close Review Final assessment Next steps

Duration 2 Days 12 CPD hours This course is intended for The intended audience for this comprehensive course on Information Assurance and STIGs includes professionals with roles such as: IT professionals - System administrators, network engineers, and security analysts who are responsible for maintaining and securing IT infrastructure and web applications. Developers - Software engineers and web developers who design, implement, and maintain web applications, and need to integrate security best practices throughout the development process. Project teams - Cross-functional teams that collaborate on application development projects, including members from development, testing, and deployment teams. Technical leads - Senior software engineers or architects who oversee technical aspects of projects and ensure the implementation of secure design and coding practices. Project managers - Professionals responsible for planning, executing, and closing projects, ensuring that security requirements are met throughout the project lifecycle. Overview Working in an interactive learning environment, guided by our application security expert, you'll explore: The concepts and terminology behind defensive coding Threat Modeling as a tool in identifying software vulnerabilities based on realistic threats against meaningful assets The entire spectrum of threats and attacks that take place against software applications in today's world The role that static code reviews and dynamic application testing to uncover vulnerabilities in applications The vulnerabilities of programming languages as well as how to harden installations The basics of Cryptography and Encryption and where they fit in the overall security picture The requirements and best practices for program management as specified in the STIGS The processes and measures associated with the Secure Software Development (SSD) The basics of security testing and planning Understand the concepts and terminology behind defensive coding Understand Threat Modeling as a tool in identifying software vulnerabilities based on realistic threats against meaningful assets Learn the entire spectrum of threats and attacks that take place against software applications in today's world Discuss the role that static code reviews and dynamic application testing to uncover vulnerabilities in applications Understand the vulnerabilities of programming language as well as how to harden installations Understand the basics of Cryptography and Encryption and where they fit in the overall security picture Understand the fundamentals of XML Digital Signature and XML Encryption as well as how they are used within the web services arena Understand the requirements and best practices for program management as specified in the STIGS Understand the processes and measures associated with the Secure Software Development (SSD) Understand the basics of security testing and planning The Information Assurance (STIG) Overview is a comprehensive two-day course that delves into the realm of Information Assurance, empowering you to enhance your cybersecurity skills, understand the essentials of STIGs, and discover cutting-edge web application security practices. This immersive experience is tailored for IT professionals, developers, project teams, technical leads, project managers, testing/QA personnel, and other key stakeholders who seek to expand their knowledge and expertise in the evolving cybersecurity landscape. The course focuses on the intricacies of best practices for design, implementation, and deployment, inspired by the diverse and powerful STIGs, ultimately helping participants become more proficient in application security.The first half of the course covers the foundations of DISA's Security Technical Implementation Guides (STIGs) and learn the ethical approach to bug hunting, while exploring the language of cybersecurity and dissecting real-life case studies. Our expert instrtors will guide you through the importance of respecting privacy, working with bug bounty programs, and avoiding common mistakes in the field.The next half delves into the core principles of information security and application protection, as you learn how to identify and mitigate authentication failures, SQL injections, and cryptographic vulnerabilities. You?ll gain experience with STIG walkthroughs and discover the crucial steps for securing web applications.Throughout the course, you'll also explore the fundamentals of application security and development, including checklists, common practices, and secure development lifecycle (SDL) processes. You?ll learn from recent incidents and acquire actionable strategies to strengthen your project teams and IT organizations. You'll also have the opportunity to explore asset analysis and design review methodologies to ensure your organization is prepared to face future cybersecurity challenges. DISA's Security Technical Implementation Guides (STIGs) The motivations behind STIGs Requirements that the various software development roles must meet Implementing STIG requirements and guidelines Why Hunt Bugs? The Language of CyberSecurity The Changing Cybersecurity Landscape AppSec Dissection of SolarWinds The Human Perimeter Interpreting the 2021 Verizon Data Breach Investigation Report First Axiom in Web Application Security Analysis First Axiom in Addressing ALL Security Concerns Lab: Case Study in Failure Safe and Appropriate Bug Hunting/Hacking Working Ethically Respecting Privacy Bug/Defect Notification Bug Bounty Programs Bug Hunting Mistakes to Avoid Principles of Information Security Secuity Is a Lifecycle Issue Minimize Attack Surface Area Layers of Defense: Tenacious D Compartmentalize Consider All Application States Do NOT Trust the Untrusted Identification and Authentication Failures Applicable STIGs Quality and Protection of Authentication Data Proper hashing of passwords Handling Passwords on Server Side Session Management HttpOnly and Security Headers Lab: STIG Walk-Throughs Injection Applicable STIGs Injection Flaws SQL Injection Attacks Evolve Drill Down on Stored Procedures Other Forms of Server-Side Injection Minimizing Injection Flaws Client-side Injection: XSS Persistent, Reflective, and DOM-Based XSS Best Practices for Untrusted Data Lab: STIG Walk-Throughs Applications: What Next? Common Vulnerabilities and Exposures CWE/SANS Top 25 Most Dangerous SW Errors Strength Training: Project Teams/Developers Strength Training: IT Organizations Cryptographic Failures Applicable STIGs Identifying Protection Needs Evolving Privacy Considerations Options for Protecting Data Transport/Message Level Security Weak Cryptographic Processing Keys and Key Management Threats of Quantum Computing Steal Now, Crack Later Threat Lab: STIG Walk-Throughs Application Security and Development Checklists Checklist Overview, Conventions, and Best Practices Leveraging Common AppSec Practices and Control Actionable Application Security Additional Tools for the Toolbox Strength Training: Project Teams/Developers Strength Training: IT Organizations Lab: Recent Incidents SDL Overview Attack Phases: Offensive Actions and Defensive Controls Secure Software Development Processes Shifting Left Actionable Items Moving Forward Lab: Design Study Review Asset Analysis Asset Analysis Process Types of Application-Related Assets Adding Risk Escalators Discovery and Recon Design Review Asset Inventory and Design Assets, Dataflows, and Trust Boundaries Risk Escalators in Designs Risk Mitigation Options

Master project leadership, risk management & strategy with this CPD-accredited Level 7 course. Gain globally recognised project management skills.