Building up information security according to ISO 27005 Training Course

This instructor-led, live training in Brazil (online or onsite) is aimed at beginner-level professionals who wish to gain an understanding of ISO 27001 and its role in enhancing information security within an organization.

By the end of this training, participants will be able to:

• Understand the purpose and benefits of an ISMS.
• Familiarize themselves with key ISO 27001 concepts, terms, and principles.
• Recognize the role of an auditor in ensuring compliance.
• Gain insight into the audit process and continual improvement within ISO 27001.

Accountability in Professional Regulatory Boards is an applied course focusing on the legal framework, procedural duties, and TCU jurisprudence that guide oversight and accountability for professional councils in Brazil.

This instructor-led, live training (online or onsite) is aimed at intermediate-level to advanced-level professionals who wish to understand TCU oversight, prevent common irregularities, and strengthen internal controls and responses to audit findings.

By the end of this training, participants will be able to:

• Explain the institutional role of the TCU and the legal nature of professional councils.
• Identify common irregularities found by the TCU and understand relevant jurisprudence.
• Design internal control measures and segregation of duties to mitigate accountability risks.
• Prepare compliant annual accountability submissions (SISTC / e-Contas) and structured responses to TCU determinations.

Format of the Course

• Interactive lecture and legal analysis.
• Case study review and group discussion.
• Practical workshop and simulation exercises.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

Description:

Basel III serves as a global regulatory framework addressing bank capital adequacy, stress testing, and market liquidity risk. Originally established by the Basel Committee on Banking Supervision between 2010 and 2011, the implementation timeline for the Accord was extended to March 31, 2019. The framework enhances bank capital requirements by boosting liquidity and reducing leverage.
Unlike its predecessors, Basel I and II, Basel III mandates varying reserve levels for different types of deposits and borrowings. Rather than replacing earlier standards, it complements them by working in conjunction with Basel I and II.
Navigating this complex and evolving regulatory landscape can be challenging. Our course and training programs are designed to help you anticipate changes and manage their impact on your institution. As an accredited training partner of the Basel Certification Institute, we guarantee that our training materials and quality remain current and effective.

Objectives:

• Prepare participants for the Certified Basel Professional Examination.
• Establish practical strategies and techniques for defining, measuring, analyzing, improving, and controlling operational risk within banking organizations.

Target Audience:

• Board members with risk oversight responsibilities
• Chief Risk Officers (CROs) and Heads of Risk Management
• Members of the Risk Management team
• Compliance, legal, and IT support staff
• Equity and Credit Analysts
• Portfolio Managers
• Rating Agency Analysts

Overview:

• Introduction to Basel norms and amendments to the Basel Accord (III)
• Regulations governing market, credit, counterparty, and liquidity risk
• Stress testing for various risk measures, including formulation and delivery of stress tests
• Projected impacts of Basel III on the international banking industry, with demonstrations of practical application
• The necessity for new Basel norms
• Key components of the Basel III norms
• Objectives of the Basel III norms
• Timeline for Basel III implementation

This instructor-led, live training in Brazil (online or onsite) is designed for advanced-level professionals who wish to gain a comprehensive understanding of fraud examination concepts and prepare for the Certified Fraud Examiner (CFE) exam.

Upon completion of this training, participants will be able to:

• Acquire comprehensive knowledge of fraud examination principles and the overall examination process.
• Learn to identify, investigate, and prevent various forms of financial fraud.
• Understand the legal landscape surrounding fraud, including the legal components of fraud, applicable laws, and regulations.
• Develop practical skills for conducting fraud investigations, such as evidence collection, interviewing techniques, and data analysis.
• Learn to design and implement effective fraud prevention and deterrence programs within organizations.
• Gain the confidence and knowledge necessary to successfully pass the Certified Fraud Examiner (CFE) exam.

Description:

This four-day event (CGEIT training) serves as the ultimate preparation for the exam, designed to ensure you pass the challenging CGEIT exam on your first attempt.
The CGEIT qualification is an internationally recognized symbol of excellence in IT governance, awarded by ISACA. It is intended for professionals responsible for managing IT governance or who hold significant advisory or assurance responsibilities related to IT governance.
Achieving CGEIT status will provide you with broader recognition in the marketplace, as well as increased influence at the executive level.

Objectives:

This seminar is designed to prepare delegates for the CGEIT examination by enabling them to supplement their existing knowledge and understanding to be better prepared to pass the exam, as defined by ISACA.

Target Audience:

Our training course is for IT and business professionals, with significant IT governance experience who are undertaking the CGEIT exam.

This instructor-led, live training in Brazil (online or onsite) is designed for payment services compliance professionals who wish to create, implement, and enforce a robust compliance program within their organization.

By the end of this training, participants will be able to:

• Understand the rules set forth by government regulators for payment service providers.
• Create the internal policies and procedures needed to satisfy government regulations.
• Implement a compliance program that adheres to relevant laws.
• Ensures that all corporate processes and procedures comply with the compliance program.
• Uphold the business's reputation while protecting it from lawsuits.

This instructor-led, live training in Brazil (online or onsite) is aimed at intermediate-level cybersecurity professionals who wish to enhance their understanding of GRC frameworks and apply them to secure and compliant business operations.

By the end of this training, participants will be able to:

• Understand the key components of cybersecurity governance, risk, and compliance.
• Conduct risk assessments and develop risk mitigation strategies.
• Implement compliance measures and manage regulatory requirements.
• Develop and enforce security policies and procedures.

This course offers an expert introduction to the newly enacted Accessibility Law, equipping developers with the practical skills needed to design, develop, and maintain fully accessible applications. Beginning with a contextual discussion on the law's importance and implications, the course quickly transitions to hands-on coding practices, tools, and testing techniques to ensure compliance and inclusivity for users with disabilities.

Course Objective:

Equip participants with a solid grasp of GRC processes and capabilities, along with the practical skills needed to integrate governance, performance management, risk management, internal control, and compliance activities effectively.

Course Summary:

• Essential GRC terminology and definitions
• Foundational GRC principles
• Core components, best practices, and key activities
• The connection between GRC and other professional disciplines

This instructor-led, live training in Brazil (online or onsite) is aimed at developers and administrators who wish to produce software and products that are HiTRUST compliant.

By the end of this training, participants will be able to:

• Understand the key concepts of the HiTrust CSF (Common Security Framework).
• Identify the HITRUST CSF administrative and security control domains.
• Learn about the different types of HiTrust assessments and scoring.
• Understand the certification process and requirements for HiTrust compliance.
• Know the best practices and tips for adopting the HiTrust approach.

The ISO/IEC 27002 Lead Manager training empowers you with the essential expertise and knowledge to support an organization in implementing and managing Information Security controls as outlined in ISO/IEC 27002.

Upon completing this course, you will be eligible to take the exam and apply for the “PECB Certified ISO/IEC 27002 Lead Manager” credential. A PECB Lead Manager Certification demonstrates that you have mastered the principles and techniques for implementing and managing Information Security Controls based on ISO/IEC 27002.

Who should attend?

• Managers or consultants aiming to implement an Information Security Management System (ISMS) based on ISO/IEC 27001 and ISO/IEC 27002
• Project managers or consultants looking to master the Information Security Management System implementation process
• Individuals responsible for information security, compliance, risk, and governance within an organization
• Members of information security teams
• Expert advisors in information technology
• Information Security officers
• Privacy officers
• IT professionals
• CTOs, CIOs, and CISOs

Learning objectives

• Master the implementation of Information Security controls by adhering to the framework and principles of ISO/IEC 27002
• Gain a comprehensive understanding of the concepts, approaches, standards, methods, and techniques required for the effective implementation and management of Information Security controls
• Comprehend the relationship between the components of Information Security controls, including responsibility, strategy, acquisition, performance, conformance, and human behavior
• Understand the importance of information security for the organization’s strategy
• Master the implementation of information security management processes
• Master the formulation and implementation of security requirements and objectives

Educational approach

• This training is based on both theory and practice
• Sessions of lectures illustrated with examples based on real cases
• Practical exercises based on case studies
• Review exercises to assist exam preparation
• Practice test similar to the certification exam

General Information

• Certification fees are included in the exam price
• Training material containing over 500 pages of information and practical examples will be distributed to participants
• A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued to participants
• In case of exam failure, you can retake the exam within 12 months for free

Information security threats and attacks are constantly evolving and becoming more sophisticated. The most effective defense against these risks is the proper implementation and management of information security controls and best practices. Additionally, robust information security is a key expectation and requirement from customers, regulators, and other stakeholders.

This training course is designed to equip participants with the skills needed to implement an Information Security Management System (ISMS) based on ISO/IEC 27001. It aims to provide a comprehensive understanding of ISMS best practices and a framework for its ongoing management and improvement.

Upon completing the training course, you can take the associated exam. If you pass successfully, you may apply for the “PECB Certified ISO/IEC 27001 Lead Implementer” credential, demonstrating your ability and practical knowledge to implement an ISMS in accordance with the requirements of ISO/IEC 27001.

Who Can Attend?

• Project managers and consultants involved in or responsible for the implementation of an ISMS
• Expert advisors seeking to master ISMS implementation
• Individuals responsible for ensuring organizational conformity to information security requirements
• Members of an ISMS implementation team

General Information

• Certification fees are included in the exam price
• Training material, comprising over 450 pages of content and practical examples, will be provided
• A participation certificate awarding 31 CPD (Continuing Professional Development) credits will be issued
• In case of exam failure, you can retake the exam free of charge within 12 months

Educational Approach

• This training course includes essay-type exercises, multiple-choice quizzes, examples, and best practices relevant to ISMS implementation.
• Participants are encouraged to communicate and engage in discussions while completing quizzes and exercises.
• The exercises are based on a case study.
• The structure of the quizzes mirrors that of the certification exam.

Learning Objectives

This training course will help you:

• Gain a comprehensive understanding of the concepts, approaches, methods, and techniques used for implementing and effectively managing an ISMS
• Recognize the relationship between ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks
• Understand the operation of an information security management system and its processes as defined by ISO/IEC 27001
• Learn how to interpret and implement the requirements of ISO/IEC 27001 within the specific context of an organization
• Acquire the necessary knowledge to support an organization in effectively planning, implementing, managing, monitoring, and maintaining an ISMS

Audience

This course is designed for all employees seeking a practical grasp of Compliance and effective Risk Management.

Course Format

The training utilizes a blended methodology that incorporates:

• Facilitated discussions
• Slide-based presentations
• Case studies
• Real-world examples

Course Objectives

Upon completion of this course, participants will be able to:

Gain a robust understanding of the core aspects of Compliance, including national and international initiatives aimed at managing related risks.

Articulate how organizations and their teams can establish an effective Compliance Risk Management Framework.

Clarify the responsibilities of the Compliance Officer and the Money Laundering Reporting Officer, and comprehend how these roles are integrated within a business structure.

Identify critical risk areas in Financial Crime, with a specific focus on international operations, offshore centers, and high-net-worth clients.

Managing Open Source Software (OSS) involves overseeing the entire lifecycle of open-source components within an organization to ensure their secure, compliant, and efficient utilization.

This instructor-led, live training (available online or onsite) targets intermediate IT professionals seeking to implement best practices for managing open-source software in enterprise and government settings.

Upon completing this training, participants will be capable of:

• Creating effective OSS policies and governance frameworks.
• Leveraging SBOM and SCA tools to identify, track, and manage open-source dependencies.
• Reducing risks related to licensing and security vulnerabilities.
• Accelerating OSS adoption to maximize innovation and cost savings.

Course Format

• Interactive lectures and discussions.
• Case studies and scenario-based exercises.
• Hands-on demonstrations using OSS management tools.

Customization Options

• This course can be customized to align with your organization's specific OSS policies and toolchains. Please contact us to arrange this.

This instructor-led, live Payment Card Industry Professional training in Brazil (online or onsite) grants an individual qualification for industry practitioners seeking to demonstrate their professional expertise and understanding of the PCI Data Security Standard (PCI DSS).

Upon completion of this training, participants will be able to:

• Grasp the payment process and the PCI standards designed to safeguard it.
• Comprehend the roles and responsibilities of entities within the payment industry.
• Gain deep insight into and understanding of the 12 PCI DSS requirements.
• Demonstrate knowledge of PCI DSS and its application to organizations involved in the transaction process.