PECB ISO/IEC 27005 Foundation Training Course

The PECB Certified DORA Lead Manager training program provides you with the essential skills to lead and manage the implementation of digital operational resilience strategies within financial entities, ensuring compliance with the European Union’s Digital Operational Resilience Act (DORA)

This training program is designed to help participants grasp the fundamental concepts and principles of a business continuity management system (BCMS) aligned with ISO 22301. Through this course, you will gain deeper insight into the standard's structure and requirements, including the BCMS policy, top management’s commitment, internal audits, management reviews, and the continual improvement process.

In light of the increasing frequency of disruptions and the unpredictable nature of various disasters—ranging from natural and occupational hazards to information security incidents—organizations are increasingly striving for ISO 22301 certification. As compliance with ISO 22301 becomes more critical, there is a rising demand for competent auditors equipped with the skills and knowledge to evaluate and verify organizational conformity.

Disasters affect organizations in diverse ways. They may stem from natural occurrences, information security violations, or a variety of other incidents. Their unpredictable nature underscores the critical importance of preparedness, which helps distinguish your business and define its future trajectory. Consequently, adequate planning is vital for mitigating risks, limiting adverse outcomes, and handling the negative effects of disasters and incidents, while guaranteeing that daily operations continue seamlessly to satisfy customer needs without any disruption.

Why participate?

The ISO/IEC 27001 Foundation training equips you with the fundamental knowledge required to implement and manage an Information Security Management System (ISMS) in accordance with ISO/IEC 27001. Throughout this course, you will gain a comprehensive understanding of the various ISMS components, such as ISMS policies, procedures, performance metrics, management commitment, internal auditing, management review, and the principle of continual improvement.

Upon successful completion of the course, you will be eligible to take the examination and apply for the “PECB Certified ISO/IEC 27001 Foundation” credential. This certificate validates your grasp of the essential methodologies, requirements, frameworks, and management approaches defined by the standard.

Target Audience

• Professionals engaged in Information Security Management
• Individuals aiming to acquire knowledge about the core processes of Information Security Management Systems (ISMS)
• Career seekers interested in Information Security Management

Training Methodology

• Lectures are enhanced with practical questions and real-world examples
• Practical exercises feature illustrative examples and interactive discussions
• Practice tests mirror the format and style of the Certification Exam

This training program teaches how information security risk assessment is conducted by integrating information from ISO/IEC 27005:2022 and ISO/IEC 27001. Alongside theoretical knowledge, the course includes practical exercises, quizzes, and case studies, making it a highly engaging learning experience.

ISO 37001:2025 is an international standard for Anti-Bribery Management Systems (ABMS) that establishes requirements and provides guidance for preventing, detecting, and addressing bribery risks within organizations of any size or industry.

This instructor-led, live training (available online or onsite) is designed for beginner to intermediate-level professionals seeking to understand and support the implementation or auditing of an anti-bribery management system aligned with ISO 37001:2025.

Upon completion of this training, participants will be able to:

• Comprehend the structure and objectives of ISO 37001:2025.
• Apply anti-bribery requirements in practical organizational settings.
• Develop and monitor effective internal controls and reporting mechanisms.
• Support organizational efforts to achieve regulatory compliance and uphold ethical integrity.

Format of the Course

• Interactive lectures and discussions.
• Real-world case studies and examples.
• Scenario-based exercises and group work.

Course Customization Options

• To request customized training for this course, please contact us to arrange it.

ISO 37301 is an international standard that outlines the requirements for establishing, developing, implementing, evaluating, maintaining, and improving an effective compliance management system (CMS).

This instructor-led, live training (online or onsite) is aimed at beginner-level to intermediate-level professionals who wish to understand, implement, or audit a compliance management system based on ISO 37301.

By the end of this training, participants will be able to:

• Understand the structure, purpose, and scope of ISO 37301.
• Implement the key elements of a compliance management system (CMS).
• Identify compliance risks and opportunities across the organization.
• Integrate ISO 37301 CMS with existing governance, risk, or ISO systems.

Format of the Course

• Interactive lecture and discussion.
• Hands-on exercises and real-world case studies.
• Group activities and compliance scenario simulations.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

ISO 9001 and ISO 27001 stand as globally acknowledged benchmarks for quality management and information security management systems, respectively.

Delivered through instructor-led live sessions, available either online or on-site, this training is designed for professionals at an intermediate level who aim to master the interpretation of ISO 9001 and ISO 27001 standards and execute internal audits with confidence.

Upon completing this course, participants will be equipped to:

• Grasp the fundamental principles and mandatory requirements of both ISO 9001 and ISO 27001.
• Apply the interpretation of specific clauses and controls to practical, real-world situations.
• Effectively plan and carry out internal audits in accordance with ISO standards.
• Detect nonconformities and propose appropriate corrective measures.

Course Delivery Format

• Engaging interactive lectures paired with group discussions.
• Practical auditing exercises and in-depth case studies.
• Direct analysis of quality and security scenarios to reinforce learning.

Customization Options

• For tailored training solutions based on this curriculum, please reach out to us to coordinate arrangements.

The ISO/IEC 27001 Transition training course allows participants to gain a comprehensive understanding of the distinctions between ISO/IEC 27001:2013 and ISO/IEC 27001:2022. Furthermore, participants will learn about the new concepts introduced by ISO/IEC 27001:2022.

This instructor-led, live training in Serbia (online or onsite) is aimed at intermediate-level professionals who wish to develop a systematic approach to identifying, analyzing, and resolving problems using RCA methodologies.

By the end of this training, participants will be able to:

• Understand essential concepts of RCA and continuous improvement cycles.
• Apply different RCA tools to identify the root cause of problems.
• Develop and implement effective problem-solving strategies.
• Integrate RCA into organizational improvement and prevention efforts.

The primary objective of this program is to shift the audit process from a reactive approach focused on identifying issues to a proactive strategy centered on prevention. By mastering Root Cause Analysis, the Internal Audit team will focus on eliminating recurring findings. This ensures that when a weakness is identified, the recommendations offer a lasting solution, thereby protecting the company's operational efficiency and financial integrity.

Failing to implement structured RCA creates a high-risk environment:

• Financial Erosion: Unaddressed root causes in financial processes result in cumulative losses that increase over time.
• Resource Wastage: Auditors spend 40% more time re-auditing the same failed controls rather than focusing on new strategic risks.
• Diminished Authority: Continuously reporting the same issues weakens the Audit Division's influence with senior management and auditees.

This instructor-led, live training in Serbia (available online or onsite) is intended for intermediate-level internal auditors aiming to boost their audit effectiveness through the application of structured RCA techniques.

By the conclusion of this training, participants will be able to:

• Grasp RCA methodologies and their role in internal auditing.
• Identify and analyze the root causes of audit findings.
• Apply RCA tools such as the 5 Whys, Fishbone Diagram, and Failure Mode and Effects Analysis (FMEA).
• Develop corrective and preventive action plans based on RCA findings.
• Integrate RCA into the internal audit process to improve risk management.

This instructor-led, live training (online or onsite) is aimed at intermediate-level safety professionals and operational managers who wish to enhance their ability to investigate incidents, identify systemic weaknesses, and design effective corrective and preventive actions.