295 Risk Management courses in Mountsorrel delivered Live Online

Duration 3 Days 18 CPD hours This course is intended for This course is ideal for Professionals preparing to become CRISC certified. Risk practitioners Students or recent graduates Overview At course completions, students will understand the essential concepts in the 4 ISACA CRISC domains: Governance IT Risk Assessment Risk Response and Reporting Information Technology and Security This 3 Day CRISC course is geared towards preparing students to pass the ISACA Certified in Risk and Information Systems Control examination. The course covers all four of the CRISC domains, and each section corresponds directly to the CRISC job practice. CRISC validates your experience in building a well-defined, agile risk-management program, based on best practices to identify, analyze, evaluate, assess, prioritize and respond to risks. This enhances benefits realization and delivers optimal value to stakeholders. GOVERNANCE - a. Organizational Governance Organizational Strategy, Goals, and Objectives Organizational Structure, Roles, and Responsibilities Organizational Culture Policies and Standards Business Processes Organizational Assets GOVERNANCE - b. Risk Governance Enterprise Risk Management and Risk Management Framework Three Lines of Defense Risk Profile Risk Appetite and Risk Tolerance Legal, Regulatory, and Contractual Requirements Professional Ethics of Risk Management IT RISK ASSESSMENT - a. IT Risk Identification Risk Events (e.g., contributing conditions, loss result) Threat Modelling and Threat Landscape Vulnerability and Control Deficiency Analysis (e.g., root cause analysis) Risk Scenario Development IT RISK ASSESSMENT - b. IT Risk Analysis and Evaluation Risk Assessment Concepts, Standards, and Frameworks Risk Register Risk Analysis Methodologies Business Impact Analysis Inherent and Residual Risk RISK RESPONSE AND REPORTING - a. Risk Response Risk Treatment / Risk Response Options Risk and Control Ownership Third-Party Risk Management Issue, Finding, and Exception Management Management of Emerging Risk RISK RESPONSE AND REPORTING - b. Control Design and Implementation Control Types, Standards, and Frameworks Control Design, Selection, and Analysis Control Implementation Control Testing and Effectiveness Evaluation RISK RESPONSE AND REPORTING - c. Risk Monitoring and Reporting Risk Treatment Plans Data Collection, Aggregation, Analysis, and Validation Risk and Control Monitoring Techniques Risk and Control Reporting Techniques (heatmap, scorecards, dashboards) Key Performance Indicators Key Risk Indicators (KRIs) Key Control Indicators (KCIs) INFORMATION TECHNOLOGY AND SECURITY - a. Information Technology Principles Enterprise Architecture IT Operations Management (e.g., change management, IT assets, problems, incidents) Project Management Disaster Recovery Management (DRM) Data Lifecycle Management System Development Life Cycle (SDLC) Emerging Technologies INFORMATION TECHNOLOGY AND SECURITY - b. Information Security Principles Information Security Concepts, Frameworks, and Standards Information Security Awareness Training Business Continuity Management Data Privacy and Data Protection Principles

Duration 2 Days 12 CPD hours This course is intended for There is no specific prerequisite for the CDRP© course. However, participants who have at least three years' experience in a data centre and/or IT infrastructures will be best suited. Overview After completion of the course, the participant will be able to: 1. Understand the different standards and methodologies for risk management and assessment 2. Establish the required project team for risk management 3. Perform the risk assessment, identifying current threats, vulnerabilities and the potential impact based on customised threat catalogues 4. Report on the current risk level of the data centre both quantitative and qualitative 5. Anticipate and minimise potential financial impacts 6. Understand the options for handling risk 7. Continuously monitor and review the status of risk present in the data centre 8. Reduce the frequency and magnitude of incidents 9. Detect and respond to events when they occur 10. Meet regulatory and compliance requirements 11. Support certification processes such as ISO/IEC 27001 12. Support overall corporate and IT governance Introduction to Risk Management Risk management concepts Senior management and risk Enterprise Risk Management (ERM) Benefits of risk management Data Centre Risk and Impact Risk in facility, power, cooling, fire suppression, infrastructure and IT services Impact of data centre downtime Main causes of downtime Cost factors in downtime Standards, Guidelines and Methodologies ISO/IEC 27001:2013, ISO/IEC 27005:2011, ISO/IEC 27002:2013 NIST SP 800-30 ISO/IEC 31000:2009 SS507:2008 ANSI/TIA-942 Other methodologies (CRAMM, EBIOS, OCTAVE, etc.) Risk Management Definitions Asset Availability/Confidentiality/Integrity Control Information processing facility Information security Policy Risk Risk analysis/Risk assessment/Risk evaluation/ Risk treatment Threat/Vulnerability Types of risk Risk Assessment Software The need for software Automation Considerations Risk Management Process The risk management process Establishing the context Identification Analysis Evaluation Treatment Communication and consultation Monitoring and review Project Approach Project management principles Project management methods Scope Time Cost Cost estimate methods Context Establishment General considerations Risk evaluation, impact and acceptance criteria Severity rating of impact Occurrence rating of probability Scope and boundaries Scope constraints Roles & responsibilities Training, awareness and competence Risk Assessment - Identification The risk assessment process Identification of assets Identification of threats Identification of existing controls Identification of vulnerabilities Identification of consequences Hands-on exercise: Identification of assets, threats, existing controls, vulnerabilities and consequences Risk Assessment - Analysis and Evaluation Risk estimation Risk estimation methodologies Assessment of consequences Assessment of incident likelihood Level of risk estimation Risk evaluation Hands-on exercise: Assessment of consequences, probability and estimating level of risk Risk Treatment The risk treatment process steps Risk Treatment Plan (RTP) Risk modification Risk retention Risk avoidance Risk sharing Constraints in risk modification Control categories Control examples Cost-benefit analysis Control implementation Residual risk Communication Effective communication of risk management activities Benefits and concerns of communication Risk Monitoring and Review Ongoing monitoring and review Criteria for review Risk scenarios Risk assessment approach Data centre site selection Data centre facility Cloud computing UPS scenarios Force majeure Organisational shortcomings Human failure Technical failure Deliberate acts Exam: Certified Data Centre Risk Professional Actual course outline may vary depending on offering center. Contact your sales representative for more information.

About this Training Course More energy companies today are setting ambitious net-zero targets and are expected to pour billions into the voluntary carbon offset market by the end of this decade. To get to net zero emissions, companies will need to balance emissions with nature and technology-based offsets. Markets are the best tool for connecting carbon sources and sinks. Many countries will not have enough supply inside their borders and will need to co-operate with those who have extra greenhouse gas removal potential. The energy industry is in search of effective climate tools as pressure mounts from investors and consumers for more progress on fighting rising emissions. Corporations fighting to cut their carbon footprint have for years focused on internal reduction measures. Many are now adding to that effort by turning to carbon credits, a process made easier as verification and registration tools mature. One particular category of carbon offsets leads the way: high-quality, nature-based carbon credits. These represent the largest category of carbon credit projects in the voluntary carbon market, comprising nearly half of credits issued. Public concern about this practice focused on the additionality, leakage, and integrity of carbon offsets that are created through reforestation, land preservation, carbon capture and other projects. Lack of standardization and government regulation has also increased uncertainty for all participants in carbon markets, creating risks for developers of credit-generating projects and offset purchasers. Demand for higher-quality offsets will value projects that were subjected to due diligence and rely upon reputable third-party verification. Companies purchasing offsets generated by permanent and quantifiable projects will therefore be in the best position moving forward. In this highly interactive training course, your course instructor will guide you through the latest developments and best procurement practices to successfully operate in the voluntary carbon market. Training Objectives At the end of this course, the participants will be able to: Discover the current state of the carbon economy Gain insights into the voluntary carbon market Learn about the different type carbon credits available Examine how companies can reach net zero target by using carbon offsets Uncover best practices in carbon credit procurement strategy Learn the pricing dynamics carbon credits Examine how to identify and ensure high quality credits Obtain key learning from flawed carbon offset projects Target Audience This course is intended for: Energy transition team leaders Carbon credit procurement professionals ESG strategy team leaders Finance and accounting professionals Low carbon business analysts or economists Corporate business sustainability professionals Legal, compliance and regulatory professionals Carbon trading professionals Course Level Intermediate Trainer Your expert course leader is a skilled and accomplished professional with over 25 years of extensive C-level experience in the energy markets worldwide. He has a strong expertise in all the aspects of (energy) commodity markets, international sales, marketing of services, derivatives trading, staff training and risk management within dynamic and high-pressure environments. He received a Master's degree in Law from the University of Utrecht in 1987. He started his career at the NLKKAS, the Clearing House of the Commodity Futures Exchange in Amsterdam. After working for the NLKKAS for five years, he was appointed as Member of the Management Board of the Agricultural Futures Exchange (ATA) in Amsterdam at the age of 31. While working for the Clearing House and exchange, he became an expert in all the aspects of trading and risk management of commodities. In 1997, he founded his own specialist-consulting firm that provides strategic advice about (energy) commodity markets, trading and risk management. He has advised government agencies such as the European Commission, investment banks, major utilities and commodity trading companies and various energy exchanges and market places in Europe, CEE countries, North America and Asia. Some of the issues he has advised on are the development and implementation of a Risk Management Framework, investment strategies, trading and hedging strategies, initiation of Power Exchanges (APX) and other trading platforms, the set-up of (OTC) Clearing facilities, and feasibility and market studies like for the Oil, LNG and the Carbon Market. The latest additions are (Corporate) PPAs and Artificial Intelligence for energy firms. He has given numerous seminars, workshops and (in-house) training sessions about both the physical and financial trading and risk management of commodity and carbon products. The courses have been given to companies all over the world, in countries like Japan, Singapore, Thailand, United Kingdom, Germany, Poland, Slovenia, Czech Republic, Malaysia, China, India, Belgium and the Netherlands. He has published several articles in specialist magazines such as Commodities Now and Energy Risk and he is the co-author of a book called A Guide to Emissions Trading: Risk Management and Business Implications published by Risk Books in 2004. POST TRAINING COACHING SUPPORT (OPTIONAL) To further optimise your learning experience from our courses, we also offer individualized 'One to One' coaching support for 2 hours post training. We can help improve your competence in your chosen area of interest, based on your learning needs and available hours. This is a great opportunity to improve your capability and confidence in a particular area of expertise. It will be delivered over a secure video conference call by one of our senior trainers. They will work with you to create a tailor-made coaching program that will help you achieve your goals faster. Request for further information post training support and fees applicable Accreditions And Affliations

RESILIA™ Foundation: In-House Training AXELOS RESILIA™: Cyber Resilience Best Practice is designed to help commercial and government organizations around the world prevent, detect, and correct any impact cyber attacks will have on the information required to do business. Adding RESILIA to the existing AXELOS global best practice portfolio, including ITIL® and PRINCE2®, brings a common cyber resilience best practice for security, IT service management, and business. Active cyber resilience is achieved through people, process, and technology. The RESILIA™ Foundation course starts with the purpose, key terms, the distinction between resilience and security, and the benefits of implementing cyber resilience. It introduces risk management and the key activities needed to address risks and opportunities. Further, it explains the relevance of common management standards and best practice frameworks to achieve cyber resilience. Subsequently, it identifies the cyber resilience processes, the associated control objectives, interactions, and activities that should be aligned with corresponding ITSM activities. In the final part of the course, it describes the segregation of duties and dual controls related to cyber resilience roles and responsibilities. What you will Learn At the end of this course, you will be able to: Demonstrate your knowledge of the purpose, benefits, and key terms of cyber resilience Demonstrate your knowledge of the risk management and the key activities needed to address risks and opportunities Demonstrate your knowledge of the purpose of a management system and how best practices and standards can contribute Demonstrate your knowledge of the cyber resilience strategy, the associated control objectives, and their interactions with ITSM activities Demonstrate your knowledge of cyber resilience design, the associated control objectives, and their interactions with ITSM activities Demonstrate your knowledge of cyber resilience transition, the associated control objectives, and their interactions with ITSM activities Demonstrate your knowledge of cyber resilience operation, the associated control objectives, and their interactions with ITSM activities Demonstrate your knowledge of cyber resilience continual improvement, the associated control objectives, and their interactions with ITSM activities Demonstrate your knowledge of the purpose and benefits of segregation of duties and dual controls Course Introduction Course Learning Objectives Course Agenda Activities Course Book Structure RESILIA Certification Introduction to Cyber Resilience What is Cyber Resilience? Defining Cyber Resilience Balancing in Cyber Resilience Characteristics of Cyber Resilience Risk Management Understanding Risk Management: Discussion Defining Risk Management Addressing Risks and Opportunities Managing Cyber Resilience Why and What of Management Systems? Management Systems Common Management Standards and Frameworks Cyber Resilience Strategy What is Strategy? Cyber Resilience Strategy and Activities Security Controls at Cyber Resilience Strategy Interaction Between ITSM Processes and Cyber Resilience Cyber Resilience Design Why Cyber Resilience Design? Cyber Resilience Design Activities Security Controls at Cyber Resilience Design Aligning ITSM Processes with Cyber Resilience Processes Cyber Resilience Transition Why Cyber Resilience Transition? Basics of Cyber Resilience Transition Cyber Resilience Transition: Controls Interaction Between ITSM Processes and Cyber Resilience Cyber Resilience Operation The Purpose of Cyber Resilience Operation Security Controls in Cyber Resilience Operation Interaction Between IT Processes and Cyber Resilience Interaction Between ITSM Functions and Cyber Resilience Cyber Resilience Continual Improvement Continual or Continuous Improvement Maturity Models Continual Improvement Controls The Seven-Step Improvement Process The ITIL CSI Approach Cyber Resilience Roles & Responsibilities Segregating Duties Dual Controls

RESILIA™ Foundation: Virtual In-House Training AXELOS RESILIA™: Cyber Resilience Best Practice is designed to help commercial and government organizations around the world prevent, detect, and correct any impact cyber attacks will have on the information required to do business. Adding RESILIA to the existing AXELOS global best practice portfolio, including ITIL® and PRINCE2®, brings a common cyber resilience best practice for security, IT service management, and business. Active cyber resilience is achieved through people, process, and technology. The RESILIA™ Foundation course starts with the purpose, key terms, the distinction between resilience and security, and the benefits of implementing cyber resilience. It introduces risk management and the key activities needed to address risks and opportunities. Further, it explains the relevance of common management standards and best practice frameworks to achieve cyber resilience. Subsequently, it identifies the cyber resilience processes, the associated control objectives, interactions, and activities that should be aligned with corresponding ITSM activities. In the final part of the course, it describes the segregation of duties and dual controls related to cyber resilience roles and responsibilities. What you will Learn At the end of this course, you will be able to: Demonstrate your knowledge of the purpose, benefits, and key terms of cyber resilience Demonstrate your knowledge of the risk management and the key activities needed to address risks and opportunities Demonstrate your knowledge of the purpose of a management system and how best practices and standards can contribute Demonstrate your knowledge of the cyber resilience strategy, the associated control objectives, and their interactions with ITSM activities Demonstrate your knowledge of cyber resilience design, the associated control objectives, and their interactions with ITSM activities Demonstrate your knowledge of cyber resilience transition, the associated control objectives, and their interactions with ITSM activities Demonstrate your knowledge of cyber resilience operation, the associated control objectives, and their interactions with ITSM activities Demonstrate your knowledge of cyber resilience continual improvement, the associated control objectives, and their interactions with ITSM activities Demonstrate your knowledge of the purpose and benefits of segregation of duties and dual controls Course Introduction Course Learning Objectives Course Agenda Activities Course Book Structure RESILIA Certification Introduction to Cyber Resilience What is Cyber Resilience? Defining Cyber Resilience Balancing in Cyber Resilience Characteristics of Cyber Resilience Risk Management Understanding Risk Management: Discussion Defining Risk Management Addressing Risks and Opportunities Managing Cyber Resilience Why and What of Management Systems? Management Systems Common Management Standards and Frameworks Cyber Resilience Strategy What is Strategy? Cyber Resilience Strategy and Activities Security Controls at Cyber Resilience Strategy Interaction Between ITSM Processes and Cyber Resilience Cyber Resilience Design Why Cyber Resilience Design? Cyber Resilience Design Activities Security Controls at Cyber Resilience Design Aligning ITSM Processes with Cyber Resilience Processes Cyber Resilience Transition Why Cyber Resilience Transition? Basics of Cyber Resilience Transition Cyber Resilience Transition: Controls Interaction Between ITSM Processes and Cyber Resilience Cyber Resilience Operation The Purpose of Cyber Resilience Operation Security Controls in Cyber Resilience Operation Interaction Between IT Processes and Cyber Resilience Interaction Between ITSM Functions and Cyber Resilience Cyber Resilience Continual Improvement Continual or Continuous Improvement Maturity Models Continual Improvement Controls The Seven-Step Improvement Process The ITIL CSI Approach Cyber Resilience Roles & Responsibilities Segregating Duties Dual Controls

About this Virtual Instructor Led Training (VILT) This 3 half-day Virtual Instructor Led Training (VILT) course will help participants grasp the idea of real-world risk management and how this relates to the cyber world. The VILT course will cover topics surrounding identifying cyber risks and vulnerabilities, guidance on applying administrative actions, and comprehensive solutions to ensure your organization is adequately secure and protected. The VILT course will guide participants on how to conduct a security risk assessment for their organization, and equip them with the skills to develop a risk compliance assessment plan as well as methods to develop risk management strategies which can improve their organization's security posture. The VILT course has at least a 30% hands-on approach through the use of Table Top Exercises. The VILT course will cover the following modules: Introduction to Risk Assessments (RA) Threat Actors and Their Motivations Threat and Risk Assessment Critical Controls Identification Maturity Assessment Treated Cyber Risk Profile Target Cyber Risk Profile and Strategy Target Audience The VILT course is intended for professionals responsible for organizational information and security system and those involved in operating and maintenance of critical information and IT network & sotware systems. Professionals who are designated as the Single Point of Accountability (SPoA) as well as system auditors will find this course useful. Course Level Basic or Foundation Training Methods The VILT course will be delivered online in 3 half-day sessions comprising 4 hours per day, with 2 x 10 minutes break per day, including time for lectures, discussion, quizzes and short classroom exercises. Course Duration: 3 half-day sessions, 4 hours per session (12 hours in total). This VILT course is delivered in partnership with ENGIE Laborelec. Trainer Your expert course leader is a is specialized in cybersecurity risk management. Before joining ENGIE, she worked for The National Cybersecurity Agency of France (ANSSI) based in Paris (France) and for Deloitte Belgium located in Zaventem (Belgium). She has been involved in cybersecurity projects focusing on the principle of protecting critical infrastructures. Her different experiences in Cyber Security, Anti-Money Laundering and Global Trade Compliance (including Export Control and Customs) gave her the opportunity to use methodologies tackling strategic, operational and financial control issues at all levels of an organization: people, business processes, IT applications and infrastructure, legal and regulatory compliance. She was an EBIOS Risk Manager (RM) trainer while she worked for the French government; EBIOS RM is the French method for assessing and treating digital risks. She also had the opportunity to represent France towards European institutions and other relevant stakeholders for topics related to cybersecurity risk management. POST TRAINING COACHING SUPPORT (OPTIONAL) To further optimise your learning experience from our courses, we also offer individualized 'One to One' coaching support for 2 hours post training. We can help improve your competence in your chosen area of interest, based on your learning needs and available hours. This is a great opportunity to improve your capability and confidence in a particular area of expertise. It will be delivered over a secure video conference call by one of our senior trainers. They will work with you to create a tailor-made coaching program that will help you achieve your goals faster. Request for further information about post training coaching support and fees applicable for this. Accreditions And Affliations

Earned Value Management: In-House Training: In-House Training Earned Value Management (EVM) incorporates a set of proven practices appropriate for project or program management methodologies. These include integration of program scope, schedule, and cost objectives, establishment of a baseline plan for accomplishment of program objectives and use of earned value techniques for performance measurement during the execution of a program. Earned Value Management (EVM) incorporates a set of proven practices appropriate for project or program management methodologies. These include integration of program scope, schedule, and cost objectives, establishment of a baseline plan for accomplishment of program objectives and use of earned value techniques for performance measurement during the execution of a program. EVM provides a solid platform for risk identification, corrective actions, and management re-planning as may be required over the life of a project or program. The course emphasis is on the latest EVM principles and concepts in accordance with changes and guidelines for Earned Value Management in The Guide to the Project Management Body of Knowledge (PMBOK® Guide) and The Practice Standard for Earned Value Management published by the Project Management Institute. What you Will Learn You'll learn how to: Develop a project baseline, using an effective WBS Record actual project performance Calculate EVM measures Evaluate project performance based on EVM measures Respond to project variances Integrate EVM and risk management Determine how EVM will add value to your organization Develop an EVM implementation plan for your organization Getting Started Introductions Course structure Course goals and objectives Expectations Foundation Concepts Introduction to Earned Value Management (EVM) Benefits of EVM EVM Process Overview Applications of EVM Creating a Work Breakdown Structure Reviewing WBS concepts Reviewing WBS development process (decomposition) Using a WBS to support EVM Building a Project Baseline Defining a project baseline Developing a project baseline Using a project baseline Recording Actuals Recording actuals overview Collecting data for actual project performance Determining earned value - various methods EVM Performance Measures Using current status measures Using forecasting measures Analyzing EVM measures EVM and Risk Management Integrating EVM and Risk Management Using EVM measures in the risk register Exploring how EVM can facilitate reserves management Drawing down contingency reserves Responding to Variances Introduction to variances Process for responding to variances Response options Reporting Project Performance EVM reporting overview Meeting EVM reporting needs Addressing EVM reporting challenges Implementing an EVMS Defining EVMS requirements EVM for Agile projects Tailoring the EVMS Summary and Next Steps Review of content Review of objectives / expectations Personal action plan

This course is designed to enable learners to increase their understanding of risk assessment and risk management in Health and Social Care settings.

Duration 3 Days 18 CPD hours This course is intended for The intended audience for this course is information security and IT professionals, such as network administrators and engineers, IT managers, and IT auditors, and other individuals who want to learn more about information security, who are interested in learning in-depth information about information security management, who are looking for career advancement in IT security, or who are interested in earning the CISM certification. Overview Establish and maintain a framework to provide assurance that information security strategies are aligned with business objectives and consistent with applicable laws and regulations. Identify and manage information security risks to achieve business objectives. Create a program to implement the information security strategy. Implement an information security program. Oversee and direct information security activities to execute the information security program. Plan, develop, and manage capabilities to detect, respond to, and recover from information security incidents. In this course, students will establish processes to ensure that information security measures align with established business needs. Prerequisites Information security governance Information risk management Information security program development Information security program management Incident management and response 1 - Information Security Governance Develop an Information Security Strategy Align Information Security Strategy with Corporate Governance Identify Legal and Regulatory Requirements Justify Investment in Information Security Identify Drivers Affecting the Organization Obtain Senior Management Commitment to Information Security Define Roles and Responsibilities for Information Security Establish Reporting and Communication Channels 2 - Information Risk Management Implement an Information Risk Assessment Process Determine Information Asset Classification and Ownership Conduct Ongoing Threat and Vulnerability Evaluations Conduct Periodic BIAs Identify and Evaluate Risk Mitigation Strategies Integrate Risk Management into Business Life Cycle Processes Report Changes in Information Risk 3 - Information Security Program Development Develop Plans to Implement an Information Security Strategy Security Technologies and Controls Specify Information Security Program Activities Coordinate Information Security Programs with Business Assurance Functions Identify Resources Needed for Information Security Program Implementation Develop Information Security Architectures Develop Information Security Policies Develop Information Security Awareness, Training, and Education Programs Develop Supporting Documentation for Information Security Policies 4 - Information Security Program Implementation Integrate Information Security Requirements into Organizational Processes Integrate Information Security Controls into Contracts Create Information Security Program Evaluation Metrics 5 - Information Security Program Management Manage Information Security Program Resources Enforce Policy and Standards Compliance Enforce Contractual Information Security Controls Enforce Information Security During Systems Development Maintain Information Security Within an Organization Provide Information Security Advice and Guidance Provide Information Security Awareness and Training Analyze the Effectiveness of Information Security Controls Resolve Noncompliance Issues 6 - Incident Management and Response Develop an Information Security Incident Response Plan Establish an Escalation Process Develop a Communication Process Integrate an IRP Develop IRTs Test an IRP Manage Responses to Information Security Incidents Perform an Information Security Incident Investigation Conduct Post-Incident Reviews

Duration 4 Days 24 CPD hours This course is intended for The information protection administrator translates an organization?s risk and compliance requirements into technical implementation. They are responsible for implementing and managing solutions for content classification, data loss prevention (DLP), information protection, data lifecycle management, records management, privacy, risk, and compliance. They also work with other roles that are responsible for governance, data, and security to evaluate and develop policies to address an organization's risk reduction and compliance goals. This role assists workload administrators, business application owners, human resources departments, and legal stakeholders to implement technology solutions that support the necessary policies and controls. Learn how to protect information in your Microsoft 365 deployment. This course focuses on data lifecycle management and information protection and compliance within your organization. The course covers implementation of data loss prevention policies, sensitive information types, sensitivity labels, data retention policies, Microsoft Purview Message Encryption, audit, eDiscovery, and insider risk among other related topics. The course helps learners prepare for the Microsoft Information Protection Administrator exam (SC-400). Prerequisites Foundational knowledge of Microsoft security and compliance technologies. Basic knowledge of information protection concepts. Understanding of cloud computing concepts. Understanding of Microsoft 365 products and services. 1 - Introduction to information protection and data lifecycle management in Microsoft Purview Know your data Protect your data Prevent data loss Govern your data 2 - Classify data for protection and governance Data classification overview Classify data using sensitive information types Classify data using trainable classifiers Review sensitive information and label usage Explore labeled and sensitive content Understand activities related to your data 3 - Create and manage sensitive information types Compare built-in versus custom sensitive information types Create and manage custom sensitive information types Describe custom sensitive information types with exact data match Implement document fingerprinting Create keyword dictionary 4 - Understand Microsoft 365 encryption Learn how Microsoft 365 data is encrypted at rest Understand service encryption in Microsoft Purview Explore customer key management using Customer Key Learn how data is encrypted in-transit 5 - Deploy Microsoft Purview Message Encryption Implement Microsoft Purview Message Encryption Implement Microsoft Purview Advanced Message Encryption Use Microsoft Purview Message Encryption templates in mail flow rules 6 - Protect information in Microsoft Purview Information protection overview Configure sensitivity labels Configure sensitivity label policies Configure auto-labeling policies Manage, monitor, and remediate information protection 7 - Apply and manage sensitivity labels Apply sensitivity labels to Microsoft Teams, Microsoft 365 groups, and SharePoint sites Plan on-premises labeling Configure on-premises labeling for the Unified Labeling Scanner Apply protections and restrictions to email and files Monitor label performance using label analytics 8 - Prevent data loss in Microsoft Purview Data loss prevention overview Identify content to protect Define policy settings for your DLP policy Test and create your DLP policy Prepare Endpoint DLP Manage DLP alerts in the Microsoft Purview compliance portal View data loss prevention reports Implement the Microsoft Purview Extension 9 - Configure DLP policies for Microsoft Defender for Cloud Apps and Power Platform Configure data loss prevention policies for Power Platform Integrate data loss prevention in Microsoft Defender for Cloud Apps Configure policies in Microsoft Defender for Cloud Apps Manage data loss prevention violations in Microsoft Defender for Cloud Apps 10 - Manage data loss prevention policies and reports in Microsoft 365 Configure data loss prevention for policy precedence Implement data loss prevention policies in test mode Explain data loss prevention reporting capabilities Manage permissions for data loss prevention reports Manage and respond to data loss prevention policy violations 11 - Manage the data lifecycle in Microsoft Purview Data Lifecycle Management overview Configure retention policies Configure retention labels Configure manual retention label policies Configure auto-apply retention label policies Import data for Data Lifecycle Management Manage, monitor, and remediate Data Lifecycle Management 12 - Manage data retention in Microsoft 365 workloads Explain retention in Exchange Online Explain retention in SharePoint Online and OneDrive Explain retention in Microsoft Yammer Activate archive mailboxes in Microsoft Exchange Apply mailbox holds in Microsoft Exchange Recover content in Microsoft Exchange 13 - Manage records in Microsoft Purview Records management overview Import a file plan Configure retention labels Configure event driven retention Manage, monitor, and remediate records 14 - Explore compliance in Microsoft 365 Plan for security and compliance in Microsoft 365 Plan your beginning compliance tasks in Microsoft Purview Manage your compliance requirements with Compliance Manager Examine the Compliance Manager dashboard Analyze the Microsoft Compliance score 15 - Search for content in the Microsoft Purview compliance portal Explore Microsoft Purview eDiscovery solutions Create a content search View the search results and statistics Export the search results and search report Configure search permissions filtering Search for and delete email messages 16 - Manage Microsoft Purview eDiscovery (Standard) Explore Microsoft Purview eDiscovery solutions Implement Microsoft Purview eDiscovery (Standard) Create eDiscovery holds Search for content in a case Export content from a case Close, reopen, and delete a case 17 - Manage Microsoft Purview eDiscovery (Premium) Explore Microsoft Purview eDiscovery (Premium) Implement Microsoft Purview eDiscovery (Premium) Create and manage an eDiscovery (Premium) case Manage custodians and non-custodial data sources Analyze case content 18 - Manage Microsoft Purview Audit (Standard) Explore Microsoft Purview Audit solutions Implement Microsoft Purview Audit (Standard) Search the audit log Export, configure, and view audit log records Use audit log searching to investigate common support issues 19 - Prepare Microsoft Purview Communication Compliance Plan for communication compliance Identify and resolve communication compliance workflow Case study--Configure an offensive language policy Investigate and remediate communication compliance alerts 20 - Manage insider risk in Microsoft Purview Insider risk management overview Create and manage insider risk policies Investigate insider risk alerts Take action on insider risk alerts through cases Manage insider risk management forensic evidence Create insider risk management notice templates 21 - Implement Microsoft Purview Information Barriers Explore Microsoft Purview Information Barriers Configure information barriers in Microsoft Purview Examine information barriers in Microsoft Teams Examine information barriers in OneDrive Examine information barriers in SharePoint 22 - Manage regulatory and privacy requirements with Microsoft Priva Create and manage risk management policies Investigate and remediate risk management alerts Create rights requests Manage data estimate and retrieval for rights requests Review data from rights requests Get reports from rights requests 23 - Implement privileged access management Case study--Implementing privileged access management 24 - Manage Customer Lockbox Manage Customer Lockbox requests