Information Systems Auditor Training Course

This course is designed to help participants build organizational resilience against a range of threats so that organizations can respond effectively to incidents, maintain the availability of business operations and safeguard its interests.

Who is it for:

This certification is designed for professionals involved in information security and information assurance.

The qualification is particularly relevant for individuals seeking to deepen their understanding of Business Continuity Management, as well as those currently active in the fields of information security and assurance.

What will I learn:

Candidates will be expected to demonstrate proficiency in the following areas:

• The role and necessity of business continuity management within an organization
• The business continuity management life cycle
• The key components of a business continuity management programme
• The importance of risk assessment within business continuity management
• Options for developing a business continuity management strategy
• Methods for preparing and developing business continuity management response plans
• The necessity of exercising, maintaining, and reviewing plans
• The need to embed business continuity management awareness throughout the organization

Target Audience:

This course is designed for professionals involved in information security and information assurance disciplines.

Learning Outcomes:

Upon completion, candidates will be able to demonstrate:

• The significant business benefits derived from effective information risk management.
• The ability to articulate and apply information risk management terminology accurately.
• Competence in conducting threat and vulnerability assessments, business impact analyses, and risk assessments.
• A thorough understanding of control principles and risk treatment strategies.
• Skills to present findings in a format suitable for developing a risk treatment plan.
• Proficiency in using information classification schemes.

The EC-Council’s CCISO Program has certified leading information security professionals around the world. A core group of high-level information security executives, the CCISO Advisory Board, contributed by forming the foundation of the program and outlining the content that would be covered by the exam, body of knowledge, and training. Some members of the Board contributed as authors, others as exam writers, others as quality assurance checks, and still others as trainers. Each segment of the program was developed with the aspiring CISO in mind and looks to transfer the knowledge of seasoned professionals to the next generation in the areas that are most critical in the development and maintenance of a successful information security program.

The Certified CISO (CCISO) program is the first of its kind training and certification program aimed at producing top-level information security executives. The CCISO does not focus solely on technical knowledge but on the application of information security management principles from an executive management point of view. The program was developed by sitting CISOs for current and aspiring CISOs.

This instructor-led, live training in Serbia (online or onsite) is aimed at beginner to intermediate-level system administrators and security professionals who wish to learn how to implement Cloudflare for content delivery and cloud security, as well as mitigate DDoS attacks.

By the end of this training, participants will be able to:

• Configure Cloudflare for their websites.
• Set up DNS records and SSL certificates.
• Implement Cloudflare for content delivery and caching.
• Protect their websites from DDoS attacks.
• Implement firewall rules to restrict traffic to their websites.

Description:

This course offers an intensive and rigorous preparation for the ISACA Certified Information Systems Auditor (CRISC) Examination. It covers the four latest domains of the ISACA CRISC syllabus, with a strong emphasis on exam readiness. Attendees will receive the Official ISACA CRISC Review Manual as well as the Question, Answer, and Explanation (Q,A&E) supplement. The Q,A&E material is invaluable for helping candidates grasp the style of ISACA questions, understand the types of answers they seek, and accelerate the retention of key concepts.

The technical skills and practices promoted by ISACA for the CRISC certification form the foundation for success in this field. Holding the CRISC certification demonstrates your professional competence. Given the increasing demand for experts in risk and control, ISACA’s CRISC has become the preferred certification choice for professionals and organizations worldwide. Earning this certification reflects a dedicated commitment to excelling in both your enterprise and your profession.

Objectives:

• Assist you in passing the CRISC examination on your first attempt.
• Demonstrate your dedication to delivering exceptional service to an enterprise through this certification.
• Leverage the rising market demand for risk and control expertise to secure better career positions and salary potential.

You will learn:

• How to help organizations achieve their business goals by designing, implementing, monitoring, and maintaining risk-based, efficient, and effective IS controls.
• The core technical skills and practices endorsed by CRISC, which serve as the essential building blocks for success in the industry.

This instructor-led, live training in Serbia (online or onsite) is aimed at intermediate-level IT professionals who wish to enhance their skills in identifying and managing IT risk and implementing information systems controls, and prepare for the CRISC certification exam.

By the end of this training, participants will be able to:

• Understand the governance and risk management aspects of IT.
• Conduct IT risk assessments and implement risk responses.
• Design and implement information systems controls.
• Prepare effectively for the CRISC certification exam.

This instructor-led, live training in Serbia (online or onsite) is designed for supply chain professionals who want to establish robust control and oversight over their supply chains, with a particular focus on cybersecurity.

By the end of this training, participants will be able to:

• Identify security oversights that can cause significant damage and disruption to the supply chain.
• Deconstruct complex security challenges into manageable and actionable components.
• Tackle common supply chain vulnerabilities by analyzing high-risk areas and engaging with stakeholders.
• Implement best practices for securing the supply chain.
• Significantly reduce or eliminate the most critical risks to an organization's supply chain.

This instructor-led, live training in Serbia (online or onsite) is designed for IT professionals and business leaders at an intermediate to advanced level who aim to develop a structured approach to handling data breaches.

Upon completion of this training, participants will be capable of:

• Comprehending the causes and implications of data breaches.
• Creating and executing strategies to prevent data breaches.
• Developing an incident response plan to contain and mitigate breaches.
• Performing forensic investigations and evaluating the impact of breaches.
• Meeting legal and regulatory obligations regarding breach notification.
• Recovering from data breaches and enhancing overall security postures.

This instructor-led, live training in Serbia (online or onsite) is aimed at developers and administrators who wish to produce software and products that are HiTRUST compliant.

By the end of this training, participants will be able to:

• Grasp the fundamental concepts of the HiTrust CSF (Common Security Framework).
• Recognize the administrative and security control domains within the HITRUST CSF.
• Gain insights into the various assessment types and scoring methods used by HiTrust.
• Comprehend the certification procedure and specific requirements for achieving HiTrust compliance.
• Apply best practices and practical tips for successfully adopting the HiTrust approach.

This training program teaches how information security risk assessment is conducted by integrating information from ISO/IEC 27005:2022 and ISO/IEC 27001. Alongside theoretical knowledge, the course includes practical exercises, quizzes, and case studies, making it a highly engaging learning experience.

Description:

Designed as a 'Practitioner' level course, this program emphasizes hands-on exercises aimed at reinforcing key concepts and building participants' confidence in executing business continuity management strategies. The curriculum also fosters open debate, facilitating the exchange of knowledge and professional experience among attendees.
Participants will gain valuable insights from our trainers, who bring extensive practical experience as practicing business continuity management professionals and ISO 22301:2019 specialists.

Key Learning Outcomes:

• Articulate the importance of business continuity management (BCM) across all types of organizations
• Define the business continuity lifecycle
• Manage business continuity programs effectively
• Gain a deep understanding of their organization to identify mission-critical impact areas
• Develop a robust business continuity strategy tailored to the organization
• Establish an effective business continuity response framework
• Exercise, maintain, and review continuity plans
• Integrate business continuity principles into the organizational culture
• Define relevant terms and terminology specific to business continuity

Upon completion of the course, participants will possess a comprehensive understanding of all essential components of business continuity management, enabling them to return to their roles and make significant contributions to their organization's continuity efforts.

This instructor-led, live training in Serbia (online or onsite) is designed for security engineers who wish to use IBM QRadar SIEM to address pressing security use cases.

By the end of this training, participants will be able to:

• Gain visibility into enterprise data across on-premise and cloud environments.
• Automate security intelligence to hunt threats and to contain risks.
• Detect, identify, and prioritize threats.

This instructor-led, live training in Serbia (online or onsite) is aimed at developers who wish to integrate Snyk into their development tools to find and fix security issues in their code.

By the end of this training, participants will be able to:

• Understand the features and structure of Snyk.
• Use Snyk to find and fix code security issues.
• Integrate Snyk in a software development lifecycle.

This course provides an overview of fundamental principles in security and IT security, focusing on protection against network-based threats. Participants will develop a solid understanding of critical security protocols and the security frameworks underlying web services. Additionally, the curriculum examines recent attacks targeting cryptosystems and highlights several associated vulnerabilities.