143 Courses delivered Live Online

The main subject areas of the course are: Revision of legislation and guidance Revision of asbestos in buildings Controlling work on the fabric of the building Developing a strategy for Compliance The asbestos management plan - reviewing/maintaining/improving

Duration 5 Days 30 CPD hours This course is intended for This course is designed primarily for cybersecurity practitioners preparing for or who currently perform job functions related to protecting information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation. It is ideal for those roles within federal contracting companies and private sector firms whose mission or strategic objectives require the execution of Defensive Cyber Operations (DCO) or DoD Information Network (DoDIN) operation and incident handling. This course focuses on the knowledge, ability, and skills necessary to provide for the defense of those information systems in a cybersecurity context, including protection, detection, analysis, investigation, and response processes. Overview In this course, you will identify, assess, respond to, and protect against security threats and operate a system and network security analysis platform. You will: Assess cybersecurity risks to the organization. Analyze the threat landscape. Analyze various reconnaissance threats to computing and network environments. Analyze various attacks on computing and network environments. Analyze various post-attack techniques. Assess the organization's security posture through auditing, vulnerability management, and penetration testing. Collect cybersecurity intelligence from various network-based and host-based sources. Analyze log data to reveal evidence of threats and incidents. Perform active asset and network analysis to detect incidents. Respond to cybersecurity incidents using containment, mitigation, and recovery tactics. Investigate cybersecurity incidents using forensic analysis techniques. This course covers network defense and incident response methods, tactics, and procedures that are in alignment with industry frameworks such as NIST 800-61r2 (Computer Security Incident Handling Guide), US-CERT's National Cyber Incident Response Plan (NCIRP), and Presidential Policy Directive (PPD)-41 on Cyber Incident Coordination. It is ideal for candidates who have been tasked with the responsibility of monitoring and detecting security incidents in information systems and networks, and for executing standardized responses to such incidents. The course introduces tools, tactics, and procedures to manage cybersecurity risks, defend cybersecurity assets, identify various types of common threats, evaluate the organization's security, collect and analyze cybersecurity intelligence, and remediate and report incidents as they occur. This course provides a comprehensive methodology for individuals responsible for defending the cybersecurity of their organization. This course is designed to assist students in preparing for the CertNexus CyberSec First Responder (Exam CFR-410) certification examination. What you learn and practice in this course can be a significant part of your preparation. In addition, this course and subsequent certification (CFR-410) meet all requirements for personnel requiring DoD directive 8570.01-M position certification baselines: CSSP Analyst CSSP Infrastructure Support CSSP Incident Responder CSSP Auditor The course and certification also meet all criteria for the following Cybersecurity Maturity Model Certification (CMMC) domains: Incident Response (IR) Audit and Accountability (AU) Risk Management (RM) Lesson 1: Assessing Cybersecurity Risk Topic A: Identify the Importance of Risk Management Topic B: Assess Risk Topic C: Mitigate Risk Topic D: Integrate Documentation into Risk Management Lesson 2: Analyzing the Threat Landscape Topic A: Classify Threats Topic B: Analyze Trends Affecting Security Posture Lesson 3: Analyzing Reconnaissance Threats to Computing and Network Environments Topic A: Implement Threat Modeling Topic B: Assess the Impact of Reconnaissance Topic C: Assess the Impact of Social Engineering Lesson 4: Analyzing Attacks on Computing and Network Environments Topic A: Assess the Impact of System Hacking Attacks Topic B: Assess the Impact of Web-Based Attacks Topic C: Assess the Impact of Malware Topic D: Assess the Impact of Hijacking and Impersonation Attacks Topic E: Assess the Impact of DoS Incidents Topic F: Assess the Impact of Threats to Mobile Security Topic G: Assess the Impact of Threats to Cloud Security Lesson 5: Analyzing Post-Attack Techniques Topic A: Assess Command and Control Techniques Topic B: Assess Persistence Techniques Topic C: Assess Lateral Movement and Pivoting Techniques Topic D: Assess Data Exfiltration Techniques Topic E: Assess Anti-Forensics Techniques Lesson 6: Assessing the Organization's Security Posture Topic A: Implement Cybersecurity Auditing Topic B: Implement a Vulnerability Management Plan Topic C: Assess Vulnerabilities Topic D: Conduct Penetration Testing Lesson 7: Collecting Cybersecurity Intelligence Topic A: Deploy a Security Intelligence Collection and Analysis Platform Topic B: Collect Data from Network-Based Intelligence Sources Topic C: Collect Data from Host-Based Intelligence Sources Lesson 8: Analyzing Log Data Topic A: Use Common Tools to Analyze Logs Topic B: Use SIEM Tools for Analysis Lesson 9: Performing Active Asset and Network Analysis Topic A: Analyze Incidents with Windows-Based Tools Topic B: Analyze Incidents with Linux-Based Tools Topic C: Analyze Indicators of Compromise Lesson 10: Responding to Cybersecurity Incidents Topic A: Deploy an Incident Handling and Response Architecture Topic B: Mitigate Incidents Topic C: Hand Over Incident Information to a Forensic Investigation Lesson 11: Investigating Cybersecurity Incidents Topic A: Apply a Forensic Investigation Plan Topic B: Securely Collect and Analyze Electronic Evidence Topic C: Follow Up on the Results of an Investigation Additional course details: Nexus Humans CertNexus Certified CyberSec First Responder (CFR-410) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the CertNexus Certified CyberSec First Responder (CFR-410) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Become a Certified OHSMS Lead Auditor (IRCA CQI Approved) Welcome to our online event where you can become a expertise to become a certified OHSMS (ISO 45001:2018) Lead Auditor.  Elevate your career with the skills to lead successful quality management system audits. This intensive 5-day course is for serious professionals seeking to: Plan and lead effective audit teams Conduct complex supplier and external audits Deliver accurate, valuable audit reports Drive continual improvement in organizations Join us for a comprehensive training session that will equip you with the necessary skills to audit quality management systems effectively. Learn from industry experts and gain valuable insights into ISO 9001 standards. Don't miss this opportunity to enhance your auditing capabilities and advance your career in quality management. Register now! Enroll Today and Take Your Career to the Next Level!

Duration 3 Days 18 CPD hours This course is intended for System administrators and operators who are operating in the AWS Cloud Informational technology workers who want to increase the system operations knowledge. Overview Identify the AWS services that support the different phases of Operational Excellence, an AWS Well-Architected Framework pillar Manage access to AWS resources using AWS accounts and organizations and AWS Identity and Access Management (IAM) Maintain an inventory of in-use AWS resources by using AWS services, such as AWS Systems Manager, AWS CloudTrail, and AWS Config Develop a resource deployment strategy using metadata tags, Amazon Machine Images (AMIs), and AWS Control Tower to deploy and maintain an AWS cloud environment Automate resource deployment by using AWS services, such as AWS CloudFormation and AWS Service Catalog Use AWS services to manage AWS resources through CloudOps lifecycle processes, such as deployments and patches Configure a highly available cloud environment that uses AWS services, such as Amazon Route 53 and Elastic Load Balancing, to route traffic for optimal latency and performance Configure AWS Auto Scaling and Amazon EC2 Auto Scaling to scale out your cloud environment based on demand Use Amazon CloudWatch and associated features, such as alarms, dashboards, and widgets, to monitor your cloud environment Manage permissions and track activity in your cloud environment by using AWS services, such as AWS CloudTrail and AWS Config Deploy your resources to an Amazon Virtual Private Cloud (Amazon VPC), establish necessary connectivity to your Amazon VPC, and protect your resources from disruptions of service State the purpose, benefits, and appropriate use cases for mountable storage in your AWS Cloud environment Explain the operational characteristics of object storage in the AWS Cloud, including Amazon Simple Storage Service (Amazon S3) and Amazon S3 Glacier Build a comprehensive cost model to help gather, optimize, and predict your cloud costs by using services such as AWS Cost Explorer and the AWS Cost & Usage Report This course teaches systems operators and anyone performing cloud operations functions how to manage and operate automatable and repeatable deployments of networks and systems on AWS. You will learn about cloud operations functions, such as installing, configuring, automating, monitoring, securing, maintaining, and troubleshooting these services, networks, and systems. The course also covers specific AWS features, tools, and best practices related to these functions. Prerequisites Successfully completed the AWS Technical Essentials course Background in either software development or systems administration Proficiency in maintaining operating systems at the command line, such as shell scripting in Linux environments or cmd/PowerShell in Windows Basic knowledge of networking protocols (TCP/IP, HTTP) 1 - Introduction to Cloud Operations on AWS What is Cloud Operations AWS Well-Architected Framework AWS Well-Architected Tool 2 - Access Management AWS Identity and Access Management (IAM) Resources, accounts, and AWS Organizations 3 - System Discovery Methods to interact with AWS services Tools for automating resource discovery Inventory with AWS Systems Manager and AWS Config Hands-On Lab: Auditing AWS Resources with AWS Systems Manager and AWS Config 4 - Deploy and Update Resources Cloud Operations in deployments Tagging strategies Deployment using Amazon Machine Images (AMIs) Deployment using AWS Control Tower 5 - Automate Resource Deployment Deployment using AWS CloudFormation Deployment using AWS Service Catalog Hands-On Lab: Infrastructure as Code 6 - Manage Resources AWS Systems Manager Hands-On Lab: Operations as Code 7 - Configure Highly Available Systems Distributing traffic with Elastic Load Balancing Amazon Route 53 8 - Automate Scaling Scaling with AWS Auto Scaling Scaling with Spot Instances Managing licenses with AWS License Manager 9 - Monitor and Maintain System Health Monitoring and maintaining healthy workloads Monitoring AWS infrastructure Monitoring applications Hands-On Lab: Monitor Applications and Infrastructure 10 - Data Security and System Auditing Maintaining a strong identity and access foundation Implementing detection mechanisms Automating incident remediation 11 - Operate Secure and Resilient Networks Building a secure Amazon Virtual Private Cloud (Amazon VPC) Networking beyond the VPC 12 - Mountable Storage Configuring Amazon Elastic Block Store (Amazon EBS) Sizing Amazon EBS volumes for performance Using Amazon EBS snapshots Using Amazon Data Lifecycle Manager to manage your AWS resources Creating backup and data recovery plans Configuring shared file system storage Hands-On Lab: Automating with AWS Backup for Archiving and Recovery 13 - Object Storage Deploying Amazon Simple Storage Service (Amazon S3) Managing storage lifecycles on Amazon S3 14 - Cost Reporting, Alerts, and Optimization Gaining AWS cost awareness Using control mechanisms for cost management Optimizing your AWS spend and usage Hands-On Lab: Capstone lab for CloudOps Additional course details: Nexus Humans Cloud Operations on AWS training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Cloud Operations on AWS course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

In January 2024 alone, reports were published about the SRA taking enforcement action against 3 firms and 4 individuals for failure to comply with the Money Laundering Regulations 2017. The fines issued for these non-compliances total over £570,000 plus costs. The absence of staff training, or requirement to complete additional training, was noted in a number of these cases. Many of the breaches resulting in enforcement action involved failures by the fee earners to conduct appropriate due diligence, adequately check the source of funds and/or wealth or recognise and report red flags. As highlighted by enforcement action being taken against individuals as well as firms, fee earners cannot hide behind their firm when AML failures occur and may be held personally accountable by the SRA for non-compliances with the MLR 2017. This course will cover the following to assist fee earners in the application of AML in their casework. How to comply with your obligations and stay compliant Written CRA & MRA Client Booms Risks – what to consider? PCPs – CDD &EDD POCA / TA SOF and SOW On going monitoring Reporting to MLRO/MLCO Tipping off Target Audience The online course is suitable for fee earners or legal practitioners that want to improve their AML knowledge. Resources Comprehensive and up to date course notes will be provided to all delegates which may be useful for ongoing reference or cascade training. Please note a recording of the course will not be made available. Speaker Helen Torresi, Consultant, DG Legal Helen is a qualified solicitor with a diverse professional background spanning leadership roles in both the legal and tech/corporate sectors. Throughout her career, she has held key positions such as COLP, HOLP, MLCO, MLRO and DPO for law firms and various regulated businesses and services. Helen’s specialised areas encompass AML, complaint and firm negligence handling, DPA compliance, file review and auditing, law management, and operational effectiveness in law firms, particularly in conveyancing (CQS).

  European Data Protection   Principles of Data Protection in Europe covers the essential pan-European and national data protection laws, as well as industry-standard best practices for corporate compliance with these laws. Those taking this course will gain an understanding of the European model for privacy enforcement, key privacy terminology and practical concepts concerning the protection of personal data and trans-border data flows.   The training is based on the body of knowledge for the IAPP's ANSI-accredited Certified Information Privacy Professional/Europe (CIPP/E) certification program. Privacy Programme Management   Principles of Privacy Management is the how-to training on implementing a privacy program framework, managing the privacy program operational lifecycle and structuring a knowledgeable, high-performing privacy team. Those taking this course will learn the skills to manage privacy in an organisation through process and technology-regardless of jurisdiction or industry.   The Principles of Privacy Program Management training is based on the body of knowledge for the IAPP's ANSI-accredited Certified Information Privacy Manager (CIPM) certification programme. Make a difference in your organization and in your career. The CIPM designation says that you're a leader in privacy program administration and that you've got the goods to establish, maintain and manage a privacy program across all stages of its lifecycle.  About This Course   Delivered in a modular format, this four day course covers   Days 1 & 2   Module 1: Data Protection Laws Introduces key European data protection laws and regulatory bodies, describing the evolution toward a Harmonised European Legislative Framework.  Module 2: Personal Data Defines and differentiates between types of data-including personal, anonymous, pseudo-anonymous and special categories.  Module 3: Controllers and Processors Describes the roles and relationships of controllers and processors.  Module 4: Processing Personal Data Defines data processing and GDPR processing principles, Explains the application of the GDPR and outlines the legitimate bases for processing personal data. Module 5: Information provision Explains controller obligations for providing information about data processing activities to data subjects and Supervisory Authorities.  Module 6: Data Subjects 'Rights Describes data subjects' rights, applications of rights and obligations controller and processor.  Module 7: Security or Processing Discusses considerations and duties of controllers and processors for Ensuring security of personal data and providing notification of data breaches.  Module 8: Accountability Investigates accountability requirements, data protection management systems, data protection impact assessments, privacy policies and the role of the data protection officer.  Module 9: International Data Transfers Outlines options and obligations for transferring data outside the European Economic Area, Decisions adequacy and appropriateness safeguards and derogations.  Module 10: Supervision and Enforcement Describes the role, powers and procedures or Supervisory Authorities; the composition and tasks of the European Data Protection Board; the role of the European Data Protection Supervisor; and remedies, liabilities and penalties for non-compliance.  Module 11: Compliance Discusses the applications of European data protection law, legal bases and compliance requirements for processing personal data in practice, employers-including processing employee data, surveillance, direct marketing, Internet technology and communications and outsourcing.    Days 3 & 4   Module 1: Introduction to privacy program management Identifies privacy program management responsibilities, and describes the role of accountability in privacy program management.  Module 2: Privacy governance Examines considerations for developing and implementing a privacy program, including the position of the privacy function within the organization, role of the DPO, program scope and charter, privacy strategy, support and ongoing involvement of key functions and privacy frameworks.  Module 3: Applicable laws and regulations Discusses the regulatory environment, common elements across jurisdictions and strategies for aligning compliance with organizational strategy.  Module 4: Data assessments Relates practical processes for creating and using data inventories/maps, gap analyses, privacy assessments, privacy impact assessments/data protection impact assessments and vendor assessments.  Module 5: Policies Describes common types of privacy-related policies, outlines components and offers strategies for implementation.  Module 6: Data subject rights Discusses operational considerations for communicating and ensuring data subject rights, including privacy notice, choice and consent, access and rectification, data portability, and erasure and the right to be forgotten.  Module 7: Training and awareness Outlines strategies for developing and implementing privacy training and awareness programs.  Module 8: Protecting personal information Examines a holistic approach to protecting personal information through privacy by design.  Module 9: Data breach incident plans Provides guidance on planning for and responding to a data security incident or breach.  Module 10: Measuring, monitoring and auditing program performance Relates common practices for monitoring, measuring, analyzing and auditing privacy program performance Prerequisites   There are no prerequisites for this course but attendees would benefit from a review of the materials on the IAPP SITE What's Included?   1 years membership of the IAPP Breakfast, Lunch, mid-morning and afternoon snacks, teas, coffees Official Study Guides* Official Participant Guides* Official Exam Q&A's* Both exam fees * In electronic format for Live Online and hard copy for Classroom delegates     Who Should Attend?   This course is suitable for aspiring Data Protection Officers, as well as Information Security Managers, Lawyers, Data Managers, Analysts and Risk Teams. Provided by Our Guarantee   We are an approved IAPP Training Partner. You can learn wherever and whenever you want with our robust classroom and interactive online training courses. Our courses are taught by qualified practitioners with a minimum of 25 years commercial experience. We strive to give our delegates the hands-on experience. Our courses are all-inclusive with no hidden extras.  The one-off cost covers the training, all course materials, and exam voucher. Our aim: To achieve a 100% first time pass rate on all our instructor-led courses. Our Promise: Pass first time or 'train' again for FREE. *FREE training offered for retakes - come back within a year and only pay for the exam.

  Being ISO 27701 Certified proves your Information Privacy Systems Audit experience, skills and knowledge, and demonstrates you are capable in the assessment of vulnerabilities, Compliance with GDPR and institutional controls within the enterprise.   Gain an in-depth understanding of GDPR solutions and how they map to compliance requirements Learn how to perform and lead Privacy Information Management System (PIMS) certification audits to ISO 19011 standards Enhance your existing or learn with new skills in the field of Data Protection Candidates deliver Assurance services to organisations by advising on conformance with PIMS requirements Become a Technical expert on the preparation required for ISO 27701 Certification Understand a Privacy Information Management System (PIMS) and its processes based on ISO/IEC 27701 Identify the relationship between ISO/IEC 27701, ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks Acquire the competences of the auditor's role in planning, leading, and following up on a management system audit in accordance with ISO 19011. Learn how to interpret the requirements of ISO/IEC 27701 in the context of a PIMS audit About This Course   ISO 27701 Internal Auditor Certification;    Confirms your knowledge and experience Quantifies and markets your expertise Demonstrates that you have gained and maintained the level of knowledge required to meet the dynamic challenges of a modern enterprise Is globally recognized as the mark of excellence for the Information Privacy Audit professional Increases your value to your organization Gives you a competitive advantage over peers when seeking a new role Is administered by the International Examination & Certification Board (IECB), based in Estonia, and fully aligned to the ISO/IEC 17024:2012 standard (Conformity assessment - General requirements for bodies operating certification of persons)   Certified Individuals:    Are highly qualified, experienced professionals in the field of Data Protection Systems Audit Provide the enterprise with a Certification route for Information Privacy Assurance that is recognized by multinational clients, lending credibility to the enterprise Are excellent indicators of proficiency in control requirements creation and monitoring Demonstrate competence in five domains, including standards and practices; organization and management; processes; integrity, confidentiality and availability; and software development, acquisition and maintenance Demonstrate a commitment to providing the enterprise with trust in and value from your Privacy Compliance Framework Maintain ongoing professional development for successful on -the -job performance   The below job practice is organized by domains. Each domain is covered in the course.   Domain 1-The Process of Auditing Information Privacy Systems and Solutions   Provide audit services in accordance with ISO 19011 audit standards to assist the organization in protecting and controlling information privacy systems.    Domain 2 - Governance and Management of Information Privacy Technology   Provide assurance that the necessary leadership and organizational structures and processes are in place to achieve objectives and to support the organization's strategy.    Domain 3-Information Systems Acquisition, Development and Implementation   Provide assurance that the practices for the acquisition, development, testing and implementation of information systems meet the organization's strategies and objectives.    Domain 4-Information Systems Operations, Maintenance and Service Management Provide assurance that the processes for information systems operations, maintenance and service management meet the organization's strategies and objectives.   Domain 5-Protection of Personally Identifiable Information (PII) Assets   Provide assurance that the organization's policies, standards, procedures and controls ensure the confidentiality, integrity and availability of PII.   Prerequisites   A thorough understanding of current Data Protection legislation, Information Security & Risk Management knowledge as well as ISO 19011 Auditing Standards is required to successfully pass the examination. What's Included?   Teas, Coffees, refreshments and a full Lunch* Course Slides Study Guide Exam Fees * For Classroom based Courses only Accreditation   Who Should Attend?   Auditors seeking to perform and lead Privacy Information Management System (PIMS) certification audits Managers or consultants seeking to master a PIMS audit process Individuals responsible for maintaining conformance with PIMS requirements Technical experts seeking to prepare for a PIMS audit Expert advisors in the protection of Personally Identifiable Information (PII)   Assessment     Delegates sit a combined exam, consisting of in-course quizzes and exercises, as well as a final 12 question, essay type exam on Day 3 of the course. The overall passing score is 70%, to be achieved within the 150 minute time allowance. Exam results are provided within 24 hours, with both a Certificate and a digital badge provided as proof of success. Our Guarantee   We are an approved IECB Training Partner. You can learn wherever and whenever you want with our robust classroom and interactive online training courses. Our courses are taught by qualified practitioners with commercial experience. We strive to give our delegates the hands-on experience. Our courses are all-inclusive with no hidden extras. The one-off cost covers the training, all course materials, and exam voucher. Our aim: To achieve a 100% first time pass rate on all our instructor-led courses. Our Promise: Pass first time or 'train' again for FREE.   *FREE training offered for retakes - come back within a year and train for free. Provided by   This course is Accredited by NACS and Administered by the IECB

  Gain an in-depth understanding of GDPR solutions and how they map to compliance requirements.   Learn how to perform and lead Privacy Information Management System (PIMS) certification audits to ISO 19011 standards. Enhance your existing or learn with new skills in the field of Data Protection; Candidates deliver Assurance services to organisations by advising on conformance with PIMS requirements; Become a Technical expert on the preparation required for ISO 27701 Certification About This Course   Learning outcomes Understand a Privacy Information Management System (PIMS) and its processes based on ISO/IEC 27701 Identify the relationship between ISO/IEC 27701, ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks Acquire the competences of the auditor's role in planning, leading, and following up on a management system audit in accordance with ISO 19011. Learn how to interpret the requirements of ISO/IEC 27701 in the context of a PIMS audit Course Overview Domain 1-The Process of Auditing Information Privacy Systems & Solutions Domain 2-Governance & Management of Information Privacy Technology Domain 3-Information Systems Acquisition, Development & Implementation Domain 4-Information Systems Operations, Maintenance & Service Management Domain 5-Protection of Personally Identifiable Information (PII) Assets Course Agenda Day 1: Introduction to Privacy Information Management System (PIMS) and ISO/IEC 27701 Day 2: Audit principles, preparation, and launching of an audit Day 3: On-site audit activities and Closing the Audit Accreditation   This course is Accredited by NAS and Administered by the IECB Assessment   All candidates at official training courses will be tested throughout the course delivery, with quizzes and exercises. The final exam is a 10 question essay type exam, offered on the afternoon of the final day. This exam should be completed within 180 minutes. A passing score is achieved at 70%. Self-study candidates can purchase an exam voucher from our Store. Prerequisites   None, but candidates would benefit from having a fundamental understanding of Audit principles What's Included?   Comprehensive course materials totalling some 450 pages Case Study Exam fees Exam pass guarantee Who Should Attend?   Auditors seeking to perform and lead Privacy Information Management System (PIMS) certification audits Managers or consultants seeking to master a PIMS audit process Individuals responsible for maintaining conformance with PIMS requirements Technical experts seeking to prepare for a PIMS audit Expert advisors in the protection of Personally Identifiable Information (PII)

  The GDPR came into effect in May 2018. This legislation is designed to guide organisations in their obligations relative to the processing of personal and sensitive data. About This Course   Organisations are required to comply with the GDPR regardless of their size of business. If you process 'personal data', there is a potential need to be compliant with the legislation. The scope of the GDPR considers how this information is collected, stored, used, transported, shared and disposed of. To ensure organisations' understand this obligation, this interactive one-day course considers both scoping and auditing of an organisations processing activities, as well as an understanding of compliance with GDPR.  Learning Outcomes; GDPR - what is it and how does it apply to us? Personal and sensitive data Lawful basis for processing Consent and the GDPR The Data Protection Act 2018 Data Subject rights The role of the ICO Data breach or Incident? Privacy by Design and by default GDPR Audit checklist Prerequisites   There are no prerequisites to attend this course, however all attendees are expected to have a basic understanding of the Data Protection principles. What's Included?   Refreshments & Lunch (Classroom courses only) Course Slide Deck Quizzes Who Should Attend?   The course is designed for any member of the organisation whose role includes processing personal data. Data Protection Officers, Information Security team members or Information Governance Leads who may also see benefit in attending. Accreditation Assessment    There is no exam with this course but delegates do receive a Course Attendance Certificate and an 8 hour CPD Certificate. Provided by   This course is Accredited by NACS and administered by the IECB

In January 2024 alone, reports were published about the SRA taking enforcement action against 3 firms and 4 individuals for failure to comply with the Money Laundering Regulations 2017. The fines issued for these non-compliances total over £570,000 plus costs. The absence of staff training, or requirement to complete additional training, was noted in a number of these cases. As a manager of a law firm, or more crucially an MLRO or MLCO, the ultimate responsibility for the firm's compliance, including with the MLR 2017, lies with you. It is your responsibility to ensure that the firm puts in place, reviews and updates compliant policies, controls and procedures. You must ensure that the firm maintains an up to date practice wide risk assessment. You are required to ensure that your employees are regularly given training on the MLR 2017 and associated risks. If a breach occurs, the SRA will take a wider look at the firm and identify any supervisory deficiencies that may have contributed to failures by fee earners or support staff. It has proven that it will not shy away from holding to account managers, compliance officers and MLRO/MLCOs for failures by their firms to comply with requirements of the MLR 2017. This course will cover the following to assist firms MLROs, MLCOs and Management with fulfilling their AML management responsibilities: How to comply with your obligations and stay compliant FWRA – linked with PCPs Mandatory AML Policies and Procedures - SRA have concerns Training and supervising staff Audits SRA requirements Reporting SARS POCA/TA Fulfilling reporting officer and compliance officer duties Target Audience The online course is suitable for MLROs, MLCOs, firm management and those supporting these roles. Resources Comprehensive and up to date course notes will be provided to all delegates which may be useful for ongoing reference or cascade training. Please note a recording of the course will not be made available. Speaker Helen Torresi, Consultant, DG Legal Helen is a qualified solicitor with a diverse professional background spanning leadership roles in both the legal and tech/corporate sectors. Throughout her career, she has held key positions such as COLP, HOLP, MLCO, MLRO and DPO for law firms and various regulated businesses and services. Helen’s specialised areas encompass AML, complaint and firm negligence handling, DPA compliance, file review and auditing, law management, and operational effectiveness in law firms, particularly in conveyancing (CQS).