Skip to Main Content
Learn for less: Save 25% on high-quality instructor-led and self-paced foundation training. Find out more

Sorry, the page you're looking for cannot be found

 You may not have been able to visit your page because of:

   1. An out-of-date bookmark/favourite
   2. A search engine that has an out-of-date listing
   3. A mistyped address
   4. You don't have access to this page
   5. The requested resource was not found
   6. An error has occurred whilst processing your request

Are you looking for:

Assessing Information Security - Strategies, Tactics, Logic and Framework, 2nd Edition
Overview

Build a strategic response to cyber attacks

The activities of the cyber criminal are both deliberate and hostile, and they can be compared to military operations. Many people in business understand that the insights from the classics of military strategy are as relevant to modern commerce as they are to war.

It is clear that organisations need to develop a view of cybersecurity that goes beyond technology: all staff in the organisation have a role to play, and it is the senior managers who must ensure, like generals marshalling their forces, that all staff know the cyber security policies that explain what to do when under attack.


Cyber crime… cyber war?

With this in mind, the authors have drawn on the work of Clausewitz and Sun Tzu, and applied it to the understanding of information security that they have built up through their extensive experience in the field. The result is expert guidance on information security, underpinned by a profound understanding of human conflict.

Building on the success of the first edition, this new edition covers the most recent developments in the threat landscape and the best-practice advice available in the latest version of ISO 27001:2103.


Contents

  1. Information Security Auditing and Strategy
  2. Security Auditing, Governance, Policies and Compliance
  3. Security Assessments Classification
  4. Advanced Pre-Assessment Planning
  5. Security Audit Strategies and Tactics
  6. Synthetic Evaluation of Risks
  7. Presenting the Outcome and Follow-Up Acts
  8. Reviewing Security Assessment Failures and Auditor Management Strategies 

Click here to view a sample of the book

About the author

Dr Andrew Vladimirov

Dr Andrew Vladimirov is a security researcher. His fields of expertise include network security and applied cryptography, and he has extensive experience of performing information security assessments. He and his fellow authors are the founders of Arhont Ltd, a leading information security consultancy.

Konstantin Gavrilenko

Konstantin Gavrilenko has over 15 years of experience in IT and security. As a researcher, information security is his speciality, and he has a particular interest in wireless security. He holds a BSc in management science from De Montfort University and an MSc in management from Lancaster University.

Andriej Michajlowski

Andriej Michajlowski is an expert on network security. His research interests include user and device authentication mechanisms, and wireless networking security. He has extensive experience carrying out internal and external information security assessments. He is a graduate of the University of Kent at Canterbury and he holds an MBA.

Information Security Breaches - Avoidance and Treatment based on ISO27001, Second Edition
Overview

What if you suffer an information security breach?

Many titles explain how to reduce the risk of information security breaches. Nevertheless breaches do occur, even to organisations that have taken all reasonable precautions.

Information Security Breaches - Avoidance and treatment based on ISO 27001:2013 helps you to manage this threat by detailing what to do as soon as you discover a breach.


Be prepared, be prompt, be decisive

When your organisation’s security is compromised, you cannot afford to waste time deciding how to resolve the issue. You must be ready to take prompt and decisive action. Updated to cover ISO 27001:2013, this second edition gives you clear guidance on how to treat an information security breach and tells you the plans and procedures you have to put in place to minimise damage and return to business as usual.


A recovery plan will help you to:

  • Recover, and resume normal operations, more quickly
  • Preserve customer confidence by quickly resolving service disruption
  • Secure evidence to help with any criminal investigation and improve your chances of catching those responsible. 

About the author

Michael Krausz

Michael Krausz is an IT expert and experienced professional investigator. He has investigated over a hundred cases of information security breaches.

Many of these cases have concerned forms of white-collar crime. Michael Krausz studied physics, computer science and law at the University of Technology in Vienna, and at Vienna and Webster universities. He has delivered over 5000 hours of professional and academic training and has provided services in eleven countries to date.

Certified ISO 22301 BCMS Foundation and Lead Implementer Combination Training Course
Description

Training course outline

Develop your understanding of ISO 22301, the business continuity standard with this combination course.

You will gain the skills to successfully lead the implementation of a business continuity management system (BCMS) in your organisation, as well as exploring the key concepts and benefits of ISO 22301.


ISO 22301 BCMS Foundation

This one-day introductory course explores the key concepts and benefits of ISO 22301. It provides a comprehensive introduction to the ISO/IEC 22301:2019 standard and the requirements of a BCMS.

ISO 22301 BCMS Lead Implementer

This three-day advanced course covers everything you need to plan and implement an ISO 22301 compliance project. Gain the knowledge and skills required to implement an ISO 22301-compliant BCMS.


ISO 22301 BCMS Foundation and Lead Implementer training course benefits

 Hands-on study

Participate in group discussions, practical exercises and case studies throughout the course.

 Fast-track to certification

Achieve two internationally recognised business continuity qualifications in eight days.

 Steps to success

Introduces you to the benefits of ISO 22301 best practice and compliance, and takes you through the nine steps to ISO 22301 success.  

 Delivered by professionals 

Delivered by experienced ISO 22301 practitioners, this combination course is designed to meet the international standards on auditing techniques.

 Achieve compliance for your organisation

Learn how to tackle a BCMS project from start to finish to help your organisation achieve compliance. 

 Lead the implementation project

Gain the knowledge and skills required to lead an efficient and cost-effective implementation project. 


Who should attend this course?

This combination course is ideal for anyone involved in, or responsible for, implementing or maintaining a BCMS, including: 

  • Business continuity managers
  • IT managers
  • Business managers
  • Compliance managers
  • Project managers
  • Risk managers
  • Operations managers
  • Emergency planners
  • ISO 22301 lead auditors
  • Quality managers
  • Emergency planners

Why choose IT Governance?

  • We’re the leading global provider of IT governance, risk management and compliance solutions.
  • We are leaders in ISO 22301 and Business Continuity Management - all our courses are designed by experts and delivered by experienced trainers.
  • Pass first time or train again for free – we have trained more than 17,000 people and we’re confident you’ll pass with us first time. If you don’t, we’ll train you again for free.*
  • Choose the method that suits you – we offer classroom, instructor-led online, self-paced online, e-learning and in-house training options.
  • Access your training anywhere – all our course materials are provided as a digital copy, allowing you to access them anywhere and at any time. Documents will be made available to download 20 days before your course.
  • Business solutions to suit you – whether you’re a multinational wanting us to manage all your training needs or a small business wishing to boost your workforce skills, we offer a range of training solutions.

*conditions applicable

Course details

What does this training course cover?

  • Understand business continuity concepts, terms and definitions;
  • Explain the benefits of a BCMS to an organisation;
  • Define the role and structure of a business continuity policy;
  • Determine the scope, policy and objectives of the BCMS;
  • Deliver the ISO 22301 project using change management techniques;
  • Allocate roles and responsibilities in the ISO 22301 implementation project;
  • Explain how to carry out the business impact assessment and the risk assessment (the core competence of BCM);
  • Explain how to assess the impact of disruption;
  • Recognise the importance of an effective incident response structure;
  • Explain the importance of an effective communication strategy;
  • Write policies and produce other critical documentation;
  • Understand the importance of staff and general awareness training;
  • Define the key elements of a management review;
  • Manage and drive continual improvement;
  • Prepare the organisation for its initial ISO 22301 certification audit and surveillance visits; and
  • Identify key issues in ensuring that the organisation passes the audit first time.

Course agenda:

Course agenda (day 1):

  • Overview of BCM 
  • ISO 22301 Certification 
  • Context 
  • Leadership 
  • Planning 
  • Implementation 
  • BIA & Risk Assessment 
  • Strategy & Plans
  • Assurance 
  • Improvement

Course agenda (day 2-4):

  • Terms and definitions
  • Commitment
  • Business continuity standards overview
  • BCMS context and scope
  • BCMS leadership and planning
  • BCMS programme plan
  • Operation & strategy
  • Performance evaluation
  • Continual improvement
  • Certification audit process

What’s included in this course?

  • A professional training venue with lunch and refreshments;
  • Full course materials (digital copy provided as a PDF file);
  • The ISO 22301 Certified BCMS Foundation Training Course exam;
  • The ISO 22301 Certified BCMS Lead Implementer Training Course exam; and
  • A certificate of attendance.

What equipment should I bring?

The exam is an online exam. You will need to bring a ‘pop-up enabled’ laptop/tablet to the venue. Full details on how to access the exam will be provided by email 1–2 days before sitting the exam.


Course duration and times

  • Day 1: 09:30am – 4:00pm
  • Day 2: 09:30am – 4:30pm
  • Day 3: 09:15am – 4:30pm
  • Day 4: 09:30am – 3:30pm

Prerequisites

Are there any prerequisites for this course?

No prior knowledge or qualifications are required and the course content is suitable for non-technical and technical staff.


Is there any pre-reading?

We strongly recommend you purchase and read the standard prior to attending the course:

We also recommend that you purchase and read the following textbooks:

Exams and qualifications

Certified ISO 22301 BCMS Foundation and Lead Implementer exams

Attendees take the Certified ISO 22301 BCMS Foundation (CBC F) exam at the end of day one:

  • Delivery method: Online
  • Duration: 60 minutes
  • Questions: 40
  • Format: Multiple choice
  • Pass mark: 65%

Attendees take the Certified ISO 22301 BCMS Lead Implementer (CBC LI) exam at the end of the course:

  • Delivery method: Online
  • Duration: 90 minutes
  • Questions: 40
  • Format: Multiple choice
  • Pass mark: 65%

Both the ISO 27001 Lead Implementer and Lead Auditor exams are set by IBITGQ (International Board for IT Governance Qualifications). There are no extra charge for these exams.

This course is equivalent to:

28

CPD points


What qualifications will I receive?

Certified ISO 22301 BCMS Foundation (CBC F) and Certified ISO 22301 BCMS Lead Implementer (CBC LI) qualifications.


Accreditation

All courses hold accreditations from IBITGQ (International Board for IT Governance Qualifications) a renowned authority in personnel certification within the field of IT governance.

As a premier personnel certification body, IBITGQ specialises in certifying individuals who demonstrate exceptional proficiency in IT governance practices.

IBITGQ maintains accreditation to the ISO/IEC 17024:2012 standard, a globally recognised benchmark for conformity assessment. Accreditation by the International Accreditation Service (IAS) further underscores the course's commitment to meeting stringent certification requirements.

ISO 17024 certification is esteemed within the industry and universally acknowledged by employers worldwide. By aligning with this standard, our course ensures that your qualifications are not only recognised but also highly valued by employers across diverse sectors.

Upon successful completion of the course, you have the opportunity to validate your professional expertise by registering your qualification on the esteemed IBITGQ/GASQ successful candidate register. This platform serves as a testament to your commitment to excellence in IT governance, setting you apart as a distinguished professional in the field.


How will I receive my exam results and certificates?

  • Provisional exam results will be available immediately on completion of the exam. Confirmed exam results will be issued within ten working days from the date of the exam.
  • Certificates for those who have achieved a passing grade will be issued within ten working days from the date of the exam.
  • Results notifications and certificates are sent directly to candidates by the relevant exam board in electronic format; please note that hard copy exam certificates are not issued.

Can exams be retaken?

Exams can be resat without retaking the entire course but delegates will need to pay the exam fee again.

Ways to learn

Learn your way with our flexible delivery methods

We want you to learn, qualify and progress, and we are committed to providing learning options for all scenarios: deadline-driven, career-orientated, company-wide or interest-led.

Instructor-led public courses

Structured learning, with clear direction and guidance from expert practitioners:

  • Focused learning
  • Delivered by expert practitioners
  • Peer support
  • In-the-moment insights

Learn more

Self-paced online learning

Learn and absorb material in a way that works for you:

  • Study at your own pace
  • Cost-effective
  • Bite-sized learning
  • Fits around you

Learn more

Unique blended learning courses

The most effective learning method for professionals:

  • Work around lifestyle challenges
  • A more manageable programme
  • Tailored, mastery-based learning
  • Better learning outcomes

Learn more

In-house and corporate training

Learning as a team and building a culture of awareness:

  • Unique to you
  • Peace of mind
  • Improve teamwork
  • Maximise your budget

Learn more

IT Governance - An International Guide to Data Security and ISO27001/ISO27002, 7th Edition
Overview

Expert information security management and governance guidance based on international best practice

As global threats to information security increase in frequency and severity, and organisations of all sizes, types and sectors face increased exposure to fast-evolving cyber threats, there has never been a greater need to implement a robust information security management system (ISMS) that complies with the international standard, ISO 27001.

IT Governance: An International Guide to Data Security and ISO27001/ISO27002 provides best-practice guidance from ISO 27001 experts, Alan Calder and Steve Watkins, to help you successfully implement an ISO 27001-compliant ISMS.


Defend your organisation against cyber threats

Now in its seventh edition, this bestselling guide is ideal for information security professionals and organisations that are looking to enhance their ISMS and protect against information security threats.

IT Governance: An International Guide to Data Security and ISO27001/ISO27002 is the definitive compliance guide, covering all aspects of data protection and information security, including viruses, criminal hackers, online fraud, privacy regulations, computer misuse and investigatory powers.

Take a look inside this book


This book will help you understand:

  • How information technology decisions should be made and monitored, and how to deal with risks;
  • The issues and responsibilities associated with risk;
  • The importance of information-related legislation and regulation;
  • How an organisation’s commercial viability and profitability increasingly depends on the security, confidentiality and integrity of information and information assets;
  • The new, global threats and vulnerabilities, particularly in cyberspace; and
  • How ISO 27001 compliance should enable organisations to demonstrate a proper response to all the challenges listed above.

IT Governance: An International Guide to Data Security and ISO27001/ISO27002 is the recommended textbook for the Open University’s postgraduate information security course and the recommended text for all IBITGQ ISO 27001 courses.

About the author

Alan Calder

Alan Calder knows ISO 27001 inside out. He led the implementation of the first management system to achieve accredited certification to BS 7799 – the forerunner to ISO 27001 – and has been working with the Standard and its successors ever since. He is the founder and executive chairman of IT Governance.

Steve Watkins

Steve Watkins is an executive director at IT Governance and holds high-profile roles in the world of cyber security standards and certification, including Chair of the UK ISO 27001 User Group and Chair of the ISO/IEC JTC 1/SC 27, the international technical committee responsible for the ISO 27k family of standards. He is also involved with UK standard technical committees.

IT Governance - Implementing Frameworks and Standards for the Corporate Governance of IT
Overview

An Introduction for Directors and IT professionals

The modern organisation is increasingly working within the context of corporate governance. The subject dictates their day-to-day and strategic activities, especially corporate information asset risk management and investment, and the ICT infrastructure within which those information assets are collected, manipulated, stored and deployed.

But what is corporate governance, and why is it important to the IT professional? Why is IT governance important to the company director, and what do directors of companies - both quoted and unquoted - need to know?


The Calder-Moir Framework

The book also explains how to integrate each standard and framework using The Calder-Moir Framework which was developed specifically to help organisations manage and govern their IT operations more effectively, and to coordinate the sometimes wide range of overlapping and competing frameworks and standards.

It also specifically supports implementation of ISO/IEC 38500, the international standard for best practice IT governance.


Practical IT Governance guidance

Board executives and IT professionals can learn to maximise their use of the numerous IT management and IT governance frameworks and standards - particularly ISO/IEC 38500 - to best corporate and commercial advantage.


Build an IT Governance Framework

Within a 'super framework', or 'meta -framework', you can integrate each of these standards and frameworks whilst making sure that each can deliver what it was designed to do. Developing an overarching framework will enable your organisation to design IT governance to meet your own needs.

About the author

Alan Calder

Alan Calder, the founder and executive chairman of IT Governance Ltd, is an internationally acknowledged cyber security expert, and a leading author on information security and IT governance issues.

He co-wrote the definitive compliance guide IT Governance: An International Guide to Data Security and ISO 27001/ISO 27002, which is the basis for the Open University’s postgraduate course on information security, and has been involved in the development of a wide range of information security management training courses that have been accredited by the International Board for IT Governance Qualifications (IBITGQ).

Alan has consulted on data security for numerous clients in the UK and abroad, and is a regular media commentator and speaker.

This website uses cookies. View our cookie policy
SAVE 25% ON
FOUNDATION TRAINING
Loading...