Information Management Diploma Unlock the potential of effective data governance with our Information Management Diploma. This course is meticulously designed to equip you with the expertise needed in Information Management, focusing on IT Asset Management (ITAM), data security, compliance, and the legal landscape around data management, such as GDPR. Learning Outcomes: Master the essentials of ITAM Policies and delineate IT Management Responsibilities within the scope of Information Management. Understand the intricacies of setting up an effective ITAM Program as a pivotal part of your Information Management strategy. Be adept in IT Asset Procurement and Deployment, essential processes in Information Management. Gain comprehensive knowledge in IT Asset Security and Compliance, key components of Information Management. Become proficient in the Principles of GDPR, especially its implications on Information Management. Recognise the Rights of Data Subjects and learn how to safeguard them in your Information Management systems. More Benefits: LIFETIME access Device Compatibility Free Workplace Management Toolkit Key Modules from Information Management Diploma: ITAM Policies and IT Management Responsibilities in Information Management Learn the foundational policies that govern IT Asset Management and the responsibilities that IT managers bear in Information Management. Setting up an ITAM Program within Information Management Acquire the knowledge and tools required to initiate, plan, and manage an ITAM program, ensuring it complements your Information Management strategy effectively. IT Asset Procurement and Deployment in Information Management Delve into the processes that govern the acquisition and implementation of IT assets, understanding how these processes fit into Information Management. IT Asset Security and Compliance in Information Management Develop the acumen to secure IT assets effectively and understand the compliance parameters within the realm of Information Management. Principles of GDPR in Information Management Equip yourself with an in-depth understanding of GDPR principles and their critical importance to Information Management. Rights of Data Subjects in Information Management Comprehend the rights that data subjects possess under GDPR and learn how to implement mechanisms to protect these rights within your Information Management strategies.
Enhance your professional skills in Health & Care with our Mandatory Refresher Training. Covering critical areas from First Aid to Mental Health, this training is designed to update and deepen your knowledge in Health Care settings. Ensure compliance and excellence in Care with our comprehensive course offerings. Learning Outcomes Administer effective First Aid as a Health Care professional. Apply specialised paediatric First Aid techniques in Care settings. Understand comprehensive Care Certificate standards for Health & Care. Advance in Health & Care with a Level 3 Diploma in Health & Social Care. Fulfill Duty of Care obligations with updated practices. Enhance communication within Health Care settings. Manage information securely and efficiently in Care environments. Implement robust infection control protocols in Health & Care. Promote equality and inclusion within Care settings. Adopt person-centred approaches to improve Care quality. Address mental health issues with confidence in Health Care. This Mandatory Refresher Training Bundle comes up with the following courses:Course 01: First Aid at Work Essentials of First Aid in Health & Care: Equip Health Care professionals with the skills necessary to respond to emergencies effectively. Course 02: Paediatric First Aid Specialised First Aid for Children: Focus on paediatric emergencies and preventative measures in Care settings. Course 03: Care Certificate Foundations of Professional Care: Standardized training fulfilling the Care Certificate requirements to ensure high-quality Health & Care services. Course 04: Level 3 Diploma in Health & Social Care Advanced Practices in Health & Care: Enhance your qualifications with advanced knowledge crucial for Health & Care professionals. Course 05: Duty of Care Ethical and Legal Practices in Care: Understand and apply Duty of Care to safeguard and promote the interests of those receiving Care. Course 06: Communication in Care Settings Effective Communication Techniques: Master communication skills to improve interactions and understanding within Health Care environments. Course 07: Information Handling in Care Settings Confidentiality and Data Management: Training on secure handling of information in compliance with Care standards. Course 08: Infection Prevention and Control in Care Settings Maintaining Safe Care Environments: Strategies to prevent and control infections, critical for patient and staff safety in Health Care settings. Course 09: Equality and Inclusion in Care Settings Promoting Diverse and Inclusive Care: Address and foster equality and inclusion practices within Health Care facilities. Course 10: Person Centred Approaches in Care Settings Individualized Care Strategies: Emphasize the importance of person-centred Care to enhance patient satisfaction and outcomes. Course 11: Mental Health Mental Health Awareness and Support: Equip staff with the skills to recognize and address mental health issues effectively in Health & Care settings.
Cyber Security Online Course For Non-Tech People Our lives are getting more and more drawn to technology. Both companies and entities are collecting more and more confidential data that can theoretically fall into the wrong hands at any time. As a result, the need for relevant expertise to deter cyber threats has grown in several respects. The course shows you how firms and employees should keep their vital assets secure from disruptive threats, such as computers, servers, mobile devices, automated platforms, networks, and records. The course is devised for students who have little or no previous experience or knowledge in the cybersecurity field. So the course would help you learn in-depth with wise step-by-step instructions, particularly though you know very few about the fundamentals. Our course is free for all, and no specific entry requirement is needed to enrol in this course. Anyone interested in, and committed to developing their concept about cybersecurity are cordially invited to undertake this course. Therefore, all you need is a passion for learning and proficiency in English. Course Curriculum Basic Introduction to Cyber security & Information Security Some Basics About A Hacker Attacks From Hackers Malware Digital Wallets Defenses Email & Security Extras & Gifts For You (Learn more about this online course)
Duration 3 Days 18 CPD hours This course is intended for The intended audience for this course is information security and IT professionals, such as network administrators and engineers, IT managers, and IT auditors, and other individuals who want to learn more about information security, who are interested in learning in-depth information about information security management, who are looking for career advancement in IT security, or who are interested in earning the CISM certification. Overview Establish and maintain a framework to provide assurance that information security strategies are aligned with business objectives and consistent with applicable laws and regulations. Identify and manage information security risks to achieve business objectives. Create a program to implement the information security strategy. Implement an information security program. Oversee and direct information security activities to execute the information security program. Plan, develop, and manage capabilities to detect, respond to, and recover from information security incidents. In this course, students will establish processes to ensure that information security measures align with established business needs. Prerequisites Information security governance Information risk management Information security program development Information security program management Incident management and response 1 - Information Security Governance Develop an Information Security Strategy Align Information Security Strategy with Corporate Governance Identify Legal and Regulatory Requirements Justify Investment in Information Security Identify Drivers Affecting the Organization Obtain Senior Management Commitment to Information Security Define Roles and Responsibilities for Information Security Establish Reporting and Communication Channels 2 - Information Risk Management Implement an Information Risk Assessment Process Determine Information Asset Classification and Ownership Conduct Ongoing Threat and Vulnerability Evaluations Conduct Periodic BIAs Identify and Evaluate Risk Mitigation Strategies Integrate Risk Management into Business Life Cycle Processes Report Changes in Information Risk 3 - Information Security Program Development Develop Plans to Implement an Information Security Strategy Security Technologies and Controls Specify Information Security Program Activities Coordinate Information Security Programs with Business Assurance Functions Identify Resources Needed for Information Security Program Implementation Develop Information Security Architectures Develop Information Security Policies Develop Information Security Awareness, Training, and Education Programs Develop Supporting Documentation for Information Security Policies 4 - Information Security Program Implementation Integrate Information Security Requirements into Organizational Processes Integrate Information Security Controls into Contracts Create Information Security Program Evaluation Metrics 5 - Information Security Program Management Manage Information Security Program Resources Enforce Policy and Standards Compliance Enforce Contractual Information Security Controls Enforce Information Security During Systems Development Maintain Information Security Within an Organization Provide Information Security Advice and Guidance Provide Information Security Awareness and Training Analyze the Effectiveness of Information Security Controls Resolve Noncompliance Issues 6 - Incident Management and Response Develop an Information Security Incident Response Plan Establish an Escalation Process Develop a Communication Process Integrate an IRP Develop IRTs Test an IRP Manage Responses to Information Security Incidents Perform an Information Security Incident Investigation Conduct Post-Incident Reviews
Duration 3 Days 18 CPD hours This course is intended for This course is ideal for Professionals preparing to become CRISC certified. Risk practitioners Students or recent graduates Overview At course completions, students will understand the essential concepts in the 4 ISACA CRISC domains: Governance IT Risk Assessment Risk Response and Reporting Information Technology and Security This 3 Day CRISC course is geared towards preparing students to pass the ISACA Certified in Risk and Information Systems Control examination. The course covers all four of the CRISC domains, and each section corresponds directly to the CRISC job practice. CRISC validates your experience in building a well-defined, agile risk-management program, based on best practices to identify, analyze, evaluate, assess, prioritize and respond to risks. This enhances benefits realization and delivers optimal value to stakeholders. GOVERNANCE - a. Organizational Governance Organizational Strategy, Goals, and Objectives Organizational Structure, Roles, and Responsibilities Organizational Culture Policies and Standards Business Processes Organizational Assets GOVERNANCE - b. Risk Governance Enterprise Risk Management and Risk Management Framework Three Lines of Defense Risk Profile Risk Appetite and Risk Tolerance Legal, Regulatory, and Contractual Requirements Professional Ethics of Risk Management IT RISK ASSESSMENT - a. IT Risk Identification Risk Events (e.g., contributing conditions, loss result) Threat Modelling and Threat Landscape Vulnerability and Control Deficiency Analysis (e.g., root cause analysis) Risk Scenario Development IT RISK ASSESSMENT - b. IT Risk Analysis and Evaluation Risk Assessment Concepts, Standards, and Frameworks Risk Register Risk Analysis Methodologies Business Impact Analysis Inherent and Residual Risk RISK RESPONSE AND REPORTING - a. Risk Response Risk Treatment / Risk Response Options Risk and Control Ownership Third-Party Risk Management Issue, Finding, and Exception Management Management of Emerging Risk RISK RESPONSE AND REPORTING - b. Control Design and Implementation Control Types, Standards, and Frameworks Control Design, Selection, and Analysis Control Implementation Control Testing and Effectiveness Evaluation RISK RESPONSE AND REPORTING - c. Risk Monitoring and Reporting Risk Treatment Plans Data Collection, Aggregation, Analysis, and Validation Risk and Control Monitoring Techniques Risk and Control Reporting Techniques (heatmap, scorecards, dashboards) Key Performance Indicators Key Risk Indicators (KRIs) Key Control Indicators (KCIs) INFORMATION TECHNOLOGY AND SECURITY - a. Information Technology Principles Enterprise Architecture IT Operations Management (e.g., change management, IT assets, problems, incidents) Project Management Disaster Recovery Management (DRM) Data Lifecycle Management System Development Life Cycle (SDLC) Emerging Technologies INFORMATION TECHNOLOGY AND SECURITY - b. Information Security Principles Information Security Concepts, Frameworks, and Standards Information Security Awareness Training Business Continuity Management Data Privacy and Data Protection Principles
Duration 5 Days 30 CPD hours This course is intended for IS Security Officers IS Managers Risk Managers Auditors Information Systems Owners IS Control Assessors System Managers Government Employees Overview The person who carries this certification should be able to acquire necessary resources, advise senior leadership, collaborate with stakeholders, evaluate effectiveness, identify cybersecurity problems, manage threats, oversee information security awareness programs, participate in risk assessments, support compliance activities, and define or implement policies and procedures to ensure protection of critical infrastructure within an information security environment. If you are looking for the ?gotta have it? cybersecurity course, then the Certified Information Systems Security Officer is for you.ÿ The C)ISSO will prepare you for multiple managerial roles inside the INFOSEC community by covering a broad range of topics. You will learn theories in security concepts, practices, monitoring and compliance in IS management. An Information Systems Security Officer is able to implement and maintain cost-effective security controls that are closely aligned with business and industry standards. The C)ISSO certification course is an idealÿway to increaseÿknowledge, expertise, and skill for managers, auditors, and INFOSEC professionals.ÿ At Mile2 we consider the C)ISSO to be one of our flagship courses.The things you learn in this course can be applied to management, prevention teams, and recovery professionals. Material learned in the Live Class or Self-Study options will apply directly to the certification exam. Course Outline Risk Management Security Management Identification and Authentication Access Control Security Models and Evaluation Operations Security Vulnerability Assessments Symmetric Cryptography and Hashing Network Connections Network Protocols and Devices Telephony, VPNs, and Wireless Security Architecture and Attacks Software Development Security Database Security Malware and Software Attacks Business Continuity Disaster Recovery Incident Management, Law, and Ethics Physical Security Additional course details: Nexus Humans C)ISSO - Certified Information Security Systems Officer Mile 2 training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the C)ISSO - Certified Information Security Systems Officer Mile 2 course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.
Duration 3 Days 18 CPD hours This course is intended for This course is most suited for IT professionals who have a need to understand the current requirements and core competences for managing IT in mission-critical environments. Overview After completion of the course the participant will be able to: 1. Provide guidance and implementation for IT strategy as set by senior IT and business management 2. Select and manage staff, implement training programs, career plan development and job rotation programs 3. Select, evaluate and negotiate vendors using RFI, RFP and selection criteria 4. Provide guidance for developing, testing and implementing business applications 5. Manage and/or assist in IT project management 6. Design and implement service management processes for incident, problem and change management 7. Understand the need for business continuity and design the business continuity plan 8. Review and implement information security practices and controls 9. Assist and initiate risk management practices 10. Understand and select new technologies such as cloud computing, big data, Internet of Things and social media to support business change demands 11. Select strategies for information management 12. Measure and improve quality of IT services CITS is designed to teach the skills, knowledge and competencies required of the modern IT specialist working at the senior professional, team-leader, supervisor or management level in IT management. IT Strategy The need for Information Technology Enterprise architecture Service catalogue Service level management Sustainable development IT Organisation Personnel need Roles and responsibilities Sourcing Selection process Hiring staff Managing staff Career planning Training / job rotation Performance appraisal Staff departures Vendor Selection / Management The importance of vendors Vendor selection Request For Information (RFI) Request For Proposal (RFP) Proposal evaluation Vendor reference checks Contract negotiation Contract management Vendor management Re-compete vendors Project Management Methodologies Project organisation Starting up / initiating Planning / initiation a project Risk Quality Scope Work / Product Breakdown Structure PERT diagram / Gantt chart Cost Communication Application Management Software Development Life Cycle (SDLC) Software Quality Assurance (SQA) Requirements Development Testing Adoption (implementation) Maintenance Service Management Incident management Problem management Change management Business Continuity Management Standards and guidelines Objectives Context Interested parties Scope Roles and responsibilities Resources and competences Awareness and communication Documentation Business Impact Analysis Risk Management Guidelines Context establishment Identification Analysis Evaluation Treatment Communication Monitoring and control Information Security Management Standards Confidentiality Integrity Availability Controls types Guideline for controls selection Control categories Information security awareness Security incident response Information and Knowledge Management Information management Data management Information management - technologies Business intelligence Data management - technologies Best practices in data governance Pitfalls in data governance Business Change Management Business change Frameworks, models and techniques Needs identification Cloud computing Social media / digital marketing Big data Internet of Things (IoT) Quality Management Standards, guidelines and frameworks Objectives Activities Services review Customer feedback Customer survey Key Performance Indicators (KPI) Metrics Scorecards and reports Quality register Exam Actual course outline may vary depending on offering center. Contact your sales representative for more information.
Overview Objective Understand the requirement of Information Security Concepts and Definitions of Information Security Management Systems Deeply Analysing the policies, Standards and procedures How to deliver a balanced ISMS and following its security procedures Analysing the Information risk management Evaluating the organisational responsibilities Understanding the Information security controls Scrutinising Legal framework Techniques of Cryptographic models
Duration 4 Days 24 CPD hours This course is intended for This course is designed for the aspiring or sitting upper-level manager striving to advance his or her career by learning to apply their existing deep technical knowledge to business problems. In this course, students will learn in-depth content in each of the 5 CCISO Domains Domain 01 - Governance Define, Implement, Manage, and Maintain an Information Security Governance Program Information Security Drivers Establishing an information security management structure Laws/Regulations/Standards as drivers of Organizational Policy/Standards/Procedures Managing an enterprise information security compliance program Risk Management Risk mitigation, risk treatment, and acceptable risk Risk management frameworks NIST Other Frameworks and Guidance (ISO 31000, TARA, OCTAVE, FAIR, COBIT, and ITIL) Risk management plan implementation Ongoing third-party risk management Risk management policies and processes Conclusion Domain 2 - Security Risk Management, Controls, & Audit Management INFORMATION SECURITY CONTROLS COMPLIANCE MANAGEMENT GUIDELINES, GOOD AND BEST PRACTICES AUDIT MANAGEMENT SUMMARY Domain 03 - Security Program Management and Operations PROGRAM MANAGEMENT OPERATIONS MANAGEMENT Summary Domain 04 - Information Security Core Concepts ACCESS CONTROL PHYSICAL SECURITY NETWORK SECURITY ENDPOINT PROTECTION APPLICATION SECURITY ENCRYPTION TECHNOLOGIES VIRTUALIZATION SECURITY CLOUD COMPUTING SECURITY TRANSFORMATIVE TECHNOLOGIES Summary Domain 05 - Strategic Planning, Finance, Procurement and Vendor Management STRATEGIC PLANNING Designing, Developing, and Maintaining an Enterprise Information Security Program Understanding the Enterprise Architecture (EA) FINANCE PROCUREMENT VENDOR MANAGEMENT Summary
Duration 5 Days 30 CPD hours This course is intended for This course is intended for experienced IT security-related practitioners, auditors, consultants, investigators, or instructors, including network or security analysts and engineers, network administrators, information security specialists, and risk management professionals, who are pursuing CISSP training and certification to acquire the credibility and mobility to advance within their current computer security careers or to migrate to a related career. Through the study of all eight CISSP Common Body of Knowledge (CBK) domains, students will validate their knowledge by meeting the necessary preparation requirements to qualify to sit for the CISSP certification exam. Additional CISSP certification requirements include a minimum of five years of direct professional work experience in two or more fields related to the eight CBK security domains, or a college degree and four years of experience. Overview #NAME? In this course, students will expand upon their knowledge by addressing the essential elements of the 8 domains that comprise a Common Body of Knowledge (CBK)© for information systems security professionals. Prerequisites CompTIA Network+ Certification 1 - Security and Risk Management Security Governance Principles Compliance Professional Ethics Security Documentation Risk Management Threat Modeling Business Continuity Plan Fundamentals Acquisition Strategy and Practice Personnel Security Policies Security Awareness and Training 2 - Asset Security Asset Classification Privacy Protection Asset Retention Data Security Controls Secure Data Handling 3 - Security Engineering Security in the Engineering Lifecycle System Component Security Security Models Controls and Countermeasures in Enterprise Security Information System Security Capabilities Design and Architecture Vulnerability Mitigation Vulnerability Mitigation in Embedded, Mobile, and Web-Based Systems Cryptography Concepts Cryptography Techniques Site and Facility Design for Physical Security Physical Security Implementation in Sites and Facilities 4 - Information Security Management Goals Organizational Security The Application of Security Concepts 5 - Information Security Classification and Program Development Information Classification Security Program Development 6 - Risk Management and Ethics Risk Management Ethics 7 - Software Development Security Software Configuration Management Software Controls Database System Security 8 - Cryptography Ciphers and Cryptography Symmetric-Key Cryptography Asymmetric-Key Cryptography Hashing and Message Digests Email, Internet, and Wireless Security Cryptographic Weaknesses 9 - Physical Security Physical Access Control Physical Access Monitoring Physical Security Methods Facilities Security
Penetration testing training course description An advanced technical hands on course focusing on hacking and counter hacking. The course revolves around a series of exercises based on "hacking" into a network (pen testing the network) and then defending against the hacks. What will you learn Perform penetration tests. Explain the technical workings of various penetration tests. Produce reports on results of penetration tests. Defend against hackers. Penetration testing training course details Who will benefit: Technical support staff, auditors and security professionals. Staff who are responsible for network infrastructure integrity. Prerequisites: IP Security IP VPNs Duration 5 days Penetration testing training course contents Introduction Hacking concepts, phases, types of attacks, 'White hacking', What is penetration testing? Why use pen testing, black box vs. white box testing, equipment and tools, security lifecycles, counter hacking, pen testing reports, methodologies, legal issues. Physical security and social engineering Testing access controls, perimeter reviews, location reviews, alarm response testing. Request testing, guided suggestions, trust testing. Social engineering concepts, techniques, counter measures, Identity theft, Impersonation on social media, Footprints through social engineering Reconnaissance (discovery) Footprinting methodologies, concepts, threats and countermeasures, WHOIS footprinting, Gaining contacts and addresses, DNS queries, NIC queries, ICMP ping sweeping, system and server trails from the target network, information leaks, competitive intelligence. Scanning pen testing. Gaining access Getting past passwords, password grinding, spoofed tokens, replays, remaining anonymous. Scanning (enumeration) Gaining OS info, platform info, open port info, application info. Routes used, proxies, firewalking, Port scanning, stealth port scanning, vulnerability scanning, FIN scanning, Xmas tree scanning, Null scanning, spoofed scanning, Scanning beyond IDS. Enumeration concepts, counter measures and enumeration pen testing. Hacking Hacking webservers, web applications, Wireless networks and mobile platforms. Concepts, threats, methodology, hacking tools and countermeasures. Trojan, Backdoors, Sniffers, Viruses and Worms Detection, concepts, countermeasures, Pen testing Trojans, backdoors, sniffers and viruses. MAC attacks, DHCP attacks, ARP poisoning, DNS poisoning Anti-Trojan software, Malware analysis Sniffing tools. Exploiting (testing) vulnerabilities Buffer overflows,, simple exploits, brute force methods, UNIX based, Windows based, specific application vulnerabilities. DoS/DDoS Concepts, techniques, attack tools, Botnet, countermeasures, protection tools, DoS attack pen testing. SQL Injection Types and testing, Blind SQL Injection, Injection tools, evasion and countermeasures. Securing networks 'Hurdles', firewalls, DMZ, stopping port scans, IDS, Honeypots, Router testing, firewall testing, IDS testing, Buffer Overflow. Cryptography PKI, Encryption algorithms, tools, Email and Disk Encryption. Information security Document grinding, privacy.
Duration 5 Days 30 CPD hours This course is intended for The CCSP is ideal for IT and information security leaders responsible for applying best practices to cloud security architecture, design, operations and service orchestration. Overview Upon completing this course, the participants will gain valuable knowledge and skills including the ability to: - Successfully pass the CCSP exam. - Understand the fundamentals of the cloud computing architecture framework. - Understand security challenges associated with different types of cloud services. - Identify and evaluate security risks for their organization?s cloud environments. - Select and implement appropriate controls to ensure secure implementation of cloud services. - Thoroughly understand the 6 essential core domains of the CCSP common body of knowledge: 1. Architectural Concepts & Design Requirements 2. Cloud Data Security 3. Cloud Platform & Infrastructure Security 4. Cloud Application Security 5. Operations 6. Legal & Compliance The goal of the course is to prepare professionals for the challenging CCSP exam by covering the objectives of the exam based on the six domains as defined in the (ISC)2 CCSP common body of knowledge. 1 - Architectural Concepts and Design Requirements Cloud Computing Concepts Cloud Reference Architecture Cloud Computing Security Concepts Design Principles of Secure Cloud Computing Trusted Cloud Services 2 - Cloud Data Security CSA (Cloud Security Alliance) Cloud Data Lifecycle Cloud Data Storage Architectures Data Security Strategies Data Discovery and Classification Technologies Protecting Privacy and PII (Personally Identifiable Information) Data Rights Management Data Retention, Deletion, and Archiving Policies Auditability, Traceability, and Accountability of Data Events 3 - Cloud Platform and Infrastructure Security Cloud Infrastructure Components Cloud Infrastructure Risks Designing and Planning Security Controls Disaster Recovery and Business Continuity Management 4 - Cloud Application Security The Need for Security Awareness and Training in application Security Cloud Software Assurance and Validation Verified Secure Software SDLC (Software Development Life Cycle) Process Secure SDLC Specifics of Cloud Application Architecture Secure IAM (Identity and Access Management) Solutions 5 - Operations Planning Process for the Data Center Design Installation and Configuration of Physical Infrastructure for Cloud Environment Running Physical Infrastructure for Cloud Environment Managing Physical Infrastructure for Cloud Environment Installation and Configuration of Logical Infrastructure for Cloud Environment Running Logical Infrastructure for Cloud Environment Managing Logical Infrastructure for Cloud Environment Compliance with Regulations and Controls Risk Assessment for Logical and Physical Infrastructure Collection, Acquisition, and Preservation of Digital Evidence Managing Communication with Stakeholders 6 - Legal and Compliance Legal Requirements and Unique Risks within the Cloud Environment Relevant Privacy and PII Laws and Regulations Audit Process, Methodologies, and Required Adaptions for a Cloud Environment Implications of Cloud to Enterprise Risk Management Outsourcing and Cloud Contract Design Vendor Management