189 Risk Assessment courses in Cardiff delivered Live Online

Duration 2 Days 12 CPD hours This course is intended for There is no specific prerequisite for the CDRP© course. However, participants who have at least three years' experience in a data centre and/or IT infrastructures will be best suited. Overview After completion of the course, the participant will be able to: 1. Understand the different standards and methodologies for risk management and assessment 2. Establish the required project team for risk management 3. Perform the risk assessment, identifying current threats, vulnerabilities and the potential impact based on customised threat catalogues 4. Report on the current risk level of the data centre both quantitative and qualitative 5. Anticipate and minimise potential financial impacts 6. Understand the options for handling risk 7. Continuously monitor and review the status of risk present in the data centre 8. Reduce the frequency and magnitude of incidents 9. Detect and respond to events when they occur 10. Meet regulatory and compliance requirements 11. Support certification processes such as ISO/IEC 27001 12. Support overall corporate and IT governance Introduction to Risk Management Risk management concepts Senior management and risk Enterprise Risk Management (ERM) Benefits of risk management Data Centre Risk and Impact Risk in facility, power, cooling, fire suppression, infrastructure and IT services Impact of data centre downtime Main causes of downtime Cost factors in downtime Standards, Guidelines and Methodologies ISO/IEC 27001:2013, ISO/IEC 27005:2011, ISO/IEC 27002:2013 NIST SP 800-30 ISO/IEC 31000:2009 SS507:2008 ANSI/TIA-942 Other methodologies (CRAMM, EBIOS, OCTAVE, etc.) Risk Management Definitions Asset Availability/Confidentiality/Integrity Control Information processing facility Information security Policy Risk Risk analysis/Risk assessment/Risk evaluation/ Risk treatment Threat/Vulnerability Types of risk Risk Assessment Software The need for software Automation Considerations Risk Management Process The risk management process Establishing the context Identification Analysis Evaluation Treatment Communication and consultation Monitoring and review Project Approach Project management principles Project management methods Scope Time Cost Cost estimate methods Context Establishment General considerations Risk evaluation, impact and acceptance criteria Severity rating of impact Occurrence rating of probability Scope and boundaries Scope constraints Roles & responsibilities Training, awareness and competence Risk Assessment - Identification The risk assessment process Identification of assets Identification of threats Identification of existing controls Identification of vulnerabilities Identification of consequences Hands-on exercise: Identification of assets, threats, existing controls, vulnerabilities and consequences Risk Assessment - Analysis and Evaluation Risk estimation Risk estimation methodologies Assessment of consequences Assessment of incident likelihood Level of risk estimation Risk evaluation Hands-on exercise: Assessment of consequences, probability and estimating level of risk Risk Treatment The risk treatment process steps Risk Treatment Plan (RTP) Risk modification Risk retention Risk avoidance Risk sharing Constraints in risk modification Control categories Control examples Cost-benefit analysis Control implementation Residual risk Communication Effective communication of risk management activities Benefits and concerns of communication Risk Monitoring and Review Ongoing monitoring and review Criteria for review Risk scenarios Risk assessment approach Data centre site selection Data centre facility Cloud computing UPS scenarios Force majeure Organisational shortcomings Human failure Technical failure Deliberate acts Exam: Certified Data Centre Risk Professional Actual course outline may vary depending on offering center. Contact your sales representative for more information.

Duration 3 Days 18 CPD hours This course is intended for This course is ideal for Professionals preparing to become CRISC certified. Risk practitioners Students or recent graduates Overview At course completions, students will understand the essential concepts in the 4 ISACA CRISC domains: Governance IT Risk Assessment Risk Response and Reporting Information Technology and Security This 3 Day CRISC course is geared towards preparing students to pass the ISACA Certified in Risk and Information Systems Control examination. The course covers all four of the CRISC domains, and each section corresponds directly to the CRISC job practice. CRISC validates your experience in building a well-defined, agile risk-management program, based on best practices to identify, analyze, evaluate, assess, prioritize and respond to risks. This enhances benefits realization and delivers optimal value to stakeholders. GOVERNANCE - a. Organizational Governance Organizational Strategy, Goals, and Objectives Organizational Structure, Roles, and Responsibilities Organizational Culture Policies and Standards Business Processes Organizational Assets GOVERNANCE - b. Risk Governance Enterprise Risk Management and Risk Management Framework Three Lines of Defense Risk Profile Risk Appetite and Risk Tolerance Legal, Regulatory, and Contractual Requirements Professional Ethics of Risk Management IT RISK ASSESSMENT - a. IT Risk Identification Risk Events (e.g., contributing conditions, loss result) Threat Modelling and Threat Landscape Vulnerability and Control Deficiency Analysis (e.g., root cause analysis) Risk Scenario Development IT RISK ASSESSMENT - b. IT Risk Analysis and Evaluation Risk Assessment Concepts, Standards, and Frameworks Risk Register Risk Analysis Methodologies Business Impact Analysis Inherent and Residual Risk RISK RESPONSE AND REPORTING - a. Risk Response Risk Treatment / Risk Response Options Risk and Control Ownership Third-Party Risk Management Issue, Finding, and Exception Management Management of Emerging Risk RISK RESPONSE AND REPORTING - b. Control Design and Implementation Control Types, Standards, and Frameworks Control Design, Selection, and Analysis Control Implementation Control Testing and Effectiveness Evaluation RISK RESPONSE AND REPORTING - c. Risk Monitoring and Reporting Risk Treatment Plans Data Collection, Aggregation, Analysis, and Validation Risk and Control Monitoring Techniques Risk and Control Reporting Techniques (heatmap, scorecards, dashboards) Key Performance Indicators Key Risk Indicators (KRIs) Key Control Indicators (KCIs) INFORMATION TECHNOLOGY AND SECURITY - a. Information Technology Principles Enterprise Architecture IT Operations Management (e.g., change management, IT assets, problems, incidents) Project Management Disaster Recovery Management (DRM) Data Lifecycle Management System Development Life Cycle (SDLC) Emerging Technologies INFORMATION TECHNOLOGY AND SECURITY - b. Information Security Principles Information Security Concepts, Frameworks, and Standards Information Security Awareness Training Business Continuity Management Data Privacy and Data Protection Principles

Overview The course begins by introducing credit risk, its components and its drivers. The course then dives into business risk assessment and group structure risks. After examining financial statements, including accounting concepts and principles, the course concludes with a review of financial analysis and its four main risk areas.

Safety in Confined Spaces: Regulations and Risk Assessment Course Overview This course on Safety in Confined Spaces: Regulations and Risk Assessment provides an essential understanding of the safety standards and regulations governing confined space work environments. Focusing on the critical aspects of risk assessment, learners will gain insights into the identification, evaluation, and mitigation of hazards associated with confined spaces. The course covers a range of key safety protocols, regulations, and best practices that professionals need to adhere to in order to protect themselves and their colleagues. With a strong emphasis on UK-specific legal frameworks and safety guidelines, the course ensures that learners are well-equipped to make informed decisions in hazardous work settings. Learners will leave with the confidence to assess risks and implement appropriate safety measures, ensuring compliance with industry standards. Course Description This comprehensive course delves into the regulations and risk assessment processes crucial for ensuring safety in confined spaces. Key topics include relevant UK health and safety legislation, types of confined spaces, hazard identification, risk evaluation, emergency procedures, and the implementation of safety controls. Learners will explore risk management strategies, focusing on how to conduct thorough risk assessments and mitigate potential dangers in confined environments. The course also provides an overview of the roles and responsibilities of employees and employers in maintaining a safe work environment. Through a structured learning experience, participants will gain the skills necessary to evaluate confined spaces, understand their legal obligations, and implement effective risk control measures. On completion, learners will have a thorough understanding of safety in confined spaces, ensuring they are prepared to contribute effectively to workplace safety initiatives. Safety in Confined Spaces: Regulations and Risk Assessment Curriculum Module 01: Safety in Confined Spaces: Regulations and Risk Assessment (See full curriculum) Who is this course for? Individuals seeking to enhance their understanding of confined space safety. Professionals aiming to ensure compliance with safety regulations in high-risk environments. Beginners with an interest in occupational safety and health. Safety officers and managers working in sectors involving confined spaces. Career Path Health and Safety Officer Risk Assessment Specialist Confined Space Safety Coordinator Environmental Health and Safety Consultant Occupational Safety Manager

Learners will develop knowledge of FD&FA systems and apply this to the provision of detection and electrical actuation for gas extinguishing systems.

About this Virtual Instructor Led Training (VILT) This 3 half-day Virtual Instructor Led Training (VILT) course will help participants grasp the idea of real-world risk management and how this relates to the cyber world. The VILT course will cover topics surrounding identifying cyber risks and vulnerabilities, guidance on applying administrative actions, and comprehensive solutions to ensure your organization is adequately secure and protected. The VILT course will guide participants on how to conduct a security risk assessment for their organization, and equip them with the skills to develop a risk compliance assessment plan as well as methods to develop risk management strategies which can improve their organization's security posture. The VILT course has at least a 30% hands-on approach through the use of Table Top Exercises. The VILT course will cover the following modules: Introduction to Risk Assessments (RA) Threat Actors and Their Motivations Threat and Risk Assessment Critical Controls Identification Maturity Assessment Treated Cyber Risk Profile Target Cyber Risk Profile and Strategy Target Audience The VILT course is intended for professionals responsible for organizational information and security system and those involved in operating and maintenance of critical information and IT network & sotware systems. Professionals who are designated as the Single Point of Accountability (SPoA) as well as system auditors will find this course useful. Course Level Basic or Foundation Training Methods The VILT course will be delivered online in 3 half-day sessions comprising 4 hours per day, with 2 x 10 minutes break per day, including time for lectures, discussion, quizzes and short classroom exercises. Course Duration: 3 half-day sessions, 4 hours per session (12 hours in total). This VILT course is delivered in partnership with ENGIE Laborelec. Trainer Your expert course leader is a is specialized in cybersecurity risk management. Before joining ENGIE, she worked for The National Cybersecurity Agency of France (ANSSI) based in Paris (France) and for Deloitte Belgium located in Zaventem (Belgium). She has been involved in cybersecurity projects focusing on the principle of protecting critical infrastructures. Her different experiences in Cyber Security, Anti-Money Laundering and Global Trade Compliance (including Export Control and Customs) gave her the opportunity to use methodologies tackling strategic, operational and financial control issues at all levels of an organization: people, business processes, IT applications and infrastructure, legal and regulatory compliance. She was an EBIOS Risk Manager (RM) trainer while she worked for the French government; EBIOS RM is the French method for assessing and treating digital risks. She also had the opportunity to represent France towards European institutions and other relevant stakeholders for topics related to cybersecurity risk management. POST TRAINING COACHING SUPPORT (OPTIONAL) To further optimise your learning experience from our courses, we also offer individualized 'One to One' coaching support for 2 hours post training. We can help improve your competence in your chosen area of interest, based on your learning needs and available hours. This is a great opportunity to improve your capability and confidence in a particular area of expertise. It will be delivered over a secure video conference call by one of our senior trainers. They will work with you to create a tailor-made coaching program that will help you achieve your goals faster. Request for further information about post training coaching support and fees applicable for this. Accreditions And Affliations

Hoarding training designed to be an educational, interactive and empowering day that works to positively impact attendees active client work.

The main subject areas of the course are: the properties of asbestos and health effects of exposure to asbestos fibres an introduction to regulatory requirements types of asbestos and its uses in buildings types of asbestos surveys the asbestos register, risk assessment and management plan asbestos remediation

  Delivered in either Live Online (4 days) or in our Classroom (5 days), the ISO/IEC 27005 Lead Risk Manager training enables you to acquire the necessary expertise to support an organization in the risk management process related to all assets of relevance for Information Security using the ISO 27005 standard as a reference framework. During this training course, you will gain a comprehensive knowledge of a process model for designing and developing an Information Security Risk Management program. The training will also contain a thorough understanding of best practices of risk assessment methods such as OCTAVE, EBIOS, MEHARI and harmonized TRA. This training course supports the implementation process of the ISMS framework presented in the ISO/IEC 27001 standard. About This Course   After mastering all the necessary concepts of Information Security Risk Management based on ISO/IEC 27005, you can sit for the exam and gain the "Certified ISO/IEC 27005 Lead Risk Manager' credential. By holding this credential, you will be able to demonstrate that you have the practical knowledge and professional capabilities to support and lead a team in managing Information Security Risks.   Learning objectives Master the concepts, approaches, methods and techniques that enable an effective risk management process based on ISO/IEC 27005 Acknowledge the correlation between Information Security risk management and security controls Learn how to interpret the requirements of ISO/IEC 27001 in Information Security Risk Management Acquire the competence and skills to effectively advise organizations on Information Security Risk Management best practices Acquire the knowledge necessary for the implementation, management and maintenance of an ongoing risk management program Educational approach This training is based on both theory and best practices used in Information Security Risk Management Lecture sessions are illustrated with examples based on cases studies Practical exercises are based on a case study which includes role playing and discussions Practice tests are similar to the Certification Exam Who Should Attend?   Information Security risk managers Information Security team members Individuals responsible for Information Security, compliance, and risk within an organization Individuals implementing ISO/IEC 27001, seeking to comply with ISO/IEC 27001 or individuals who are involved in a risk management program IT consultants IT professionals Information Security officers Privacy officers What's Included?   Official Course Slide decks Candidate pack Exam fees Prerequisites   A foundational understanding of ISO/IEC 27005 and knowledge of Risk Assessment and Information Security. Our Guarantee     We are an approved IECB Training Partner. You can learn wherever and whenever you want with our robust classroom and interactive online training courses. Our courses are taught by qualified practitioners with commercial experience. We strive to give our delegates the hands-on experience. Our courses are all-inclusive with no hidden extras.  The one-off cost covers the training, all course materials, and exam voucher. Our aim: To achieve a 100% first time pass rate on all our instructor-led courses. Our Promise: Pass first time or 'train' again for FREE. *FREE training and exam retake offered Accreditation Assessment   The exam for this course is a 12 question essay type. The pass mark is 70% and should be achieved within the allotted 150 minute exam timeframe. Exam results are provided within 24 hours. Provided by   This course is Accredited by NACSand Administered by the IECB

Where should management effort be directed? In controlling costs and ensuring proper engineering in live projects? - yes, of course, but true cost control comes by understanding, eliminating and minimising risk prior to a business committing any funds. This course studies the stages required for practical financial and business appraisals of projects and capital expenditure. This course has two primary objectives: To impart the knowledge and skills required to ensure as risk-free as possible expenditure of that scarce resource, cash - the investors', governments' or shareholders' money must not be squandered To improve the quality of the appraisal process in the widest sense - demonstrating how the process of project and capital expenditure appraisal can be used to dramatically improve cost control and deliver as risk-free as possible expenditure As a result of the course, participants will be able to: Understand the economics of appraisal Be in control of their projects from the start Understand the economics of their projects - and devise the most appropriate mode Carry out sensitivity analysis and identify risk Improve their methods of appraisal and approach Focus on the risk areas and take out risk and control costs before they over-run The benefits of attending this course will be demonstrable from day one. Thorough appraisals and risk assessment follow through to success in project management and detailed cost control and project management. 1 Introduction Why appraise? Taking risk out of investment The short- and long-term results of not appraising business expenditure 2 Developing an appraisal process The process - overall and stage-by-stage objectives Understand business and technical risks Manage resources and time Do you invest enough time and effort at this stage? Take out the risks - control costs before you are committed to contracts and action Checklists 3 Appraisal arithmetic Review of the arithmetic of appraisalThe time value of moneyThe effects of different interest or required ratesThe effects of inflation (or deflation) in prices and costs Understanding the economics of appraisal is essential 4 Appraisal measures Meaning and use of appraisal measures Identifying the most appropriate measures for your particular business Payback Discounted cash flow measures - NPV and IRR Other measures - FW, AW, Profitability Index The meaning of the measures and their application in practice 5 Cost benefit analysis The effect on decision-making of more intangible benefits Cost benefit analysis Ensuring costs are genuine Measuring intangible benefits Environmental issues Consideration of intangible benefits in the appraisal decision-making process 6 Developing appropriate models Developing models - examples of spreadsheet models and measures for many different situations Modelling investment opportunities - summarising outcomes Sensitivity analysis - identifying, quantifying and taking out risk 7 Developing an appraisal process The process - managing risk from the outset Using the process in risk management, negotiating and project management Take out risk by thoroughly knowing your project - developing your own process