Guidance on an effective PCI DSS staff awareness programme


Staff awareness training is fundamental for effective information security management and for meeting regulatory and compliance requirements. In order for an organisation to comply with PCI DSS v3.0, Requirement 12.6, a formal security awareness programme must be implemented. The PCI Security Standards Council (PCI SSC) has recently released its Information Supplement: Best Practices for Implementing […]

Always judge a training company by its schedule

At this time of year, most successful training companies take the opportunity to release their schedule of public training courses for the following year. With course names, locations and dates confirmed, a schedule should provide a clear statement of both the availability and ‘business intent’ of any training provider. With the release of its public […]

ISO27001 Lead Auditor – The most popular ISO27001 qualification worldwide?


As a leader in the supply of ISO27001 services, we have been delivering our ISO27001 Foundation, Lead Implementer and Lead Auditor training courses since the launch of the Standard in 2005. Over the subsequent years, the ISO27001 standard has become the global information security management system (ISMS) of choice, and we have enjoyed welcoming nearly […]

What is the difference between an ISO27001 Internal Auditor and a Lead Auditor?


In a week when we were pleased to announce that our ISO27001 Internal Auditor training course has been accredited by the International Board for IT Governance Qualifications (IBITGQ), I want to take the opportunity to explain the difference between an ISO27001 Internal Auditor and an ISO27001 Lead Auditor. In Clause 9.2 of the ISO27001:2013 standard, […]

Transform your career – win a package of five IBITGQ training courses


Competitions come and go in our marketing plans, but rarely do we have the chance to potentially change the life and career of any one individual. To celebrate the third anniversary of our partnership with the International Board for IT Governance Qualifications (IBITGQ), I am pleased to announce that all of our customers who spend £1000 […]

Live online training – does it actually deliver?


Low-cost Internet technology and a live video connection with a trainer have been used in the ‘live online’ training format for a number of years. Despite offering huge benefits in reduced cost and time away from the office, many still ask if live online training actually delivers. The hybrid learning model that combines the advantages […]

Which exams and certs do I need to get my first job in cyber security?


I had the pleasure of attending the Cyber Security Expo event in London last week, which focused on information security recruitment and career development in the UK.  From the many IT professionals and students I spoke to, there was really only one question: “Which exams and certs do I need to get my first job […]

PCI Training Programme – Now Updated to PCI DSS v3.0

On the 7th November, the Payment Card Industry Security Standards Council (PCI SCC) published version 3.0 of the PCI Data Security Standard. For the seasoned IS veterans out there, you may have noticed that on first inspection, there appears to be little difference between the v2.0 version and the new new improved PCI DSS v3.0. We […]

COBIT 5 Implementation Training – The First in the UK

COBIT 5 was published in 2012 and has rapidly become the IT governance best practice of choice for larger international companies. In addition to US listed companies (and UK companies with US listing) who need to be SOX compliant, companies in the UK are turning to COBIT 5 to address the requirements of the UK Combined Code […]

Current and Future Needs for ISO27001 Training

Not surprisingly for a company so focussed on ISO27001, we have received many calls from our customers about their  training requirements for the new ISO27001:2013 standard. Given that the new version of  the standard completely replaces the old ISO27001:2005 version, surely the answer is obvious! But: While ISO27001:2005 has been replaced by the new version, […]