Skip to Main Content
Learn for less: Save 25% on high-quality instructor-led and self-paced foundation training. Find out more

Sorry, the page you're looking for cannot be found

 You may not have been able to visit your page because of:

   1. An out-of-date bookmark/favourite
   2. A search engine that has an out-of-date listing
   3. A mistyped address
   4. You don't have access to this page
   5. The requested resource was not found
   6. An error has occurred whilst processing your request

Are you looking for:

Information Security Staff Awareness

Increase staff awareness of information security issues at your organisation using the expertise at IT Governance.

Assessing Information Security - Strategies, Tactics, Logic and Framework, 2nd Edition
Overview

Build a strategic response to cyber attacks

The activities of the cyber criminal are both deliberate and hostile, and they can be compared to military operations. Many people in business understand that the insights from the classics of military strategy are as relevant to modern commerce as they are to war.

It is clear that organisations need to develop a view of cybersecurity that goes beyond technology: all staff in the organisation have a role to play, and it is the senior managers who must ensure, like generals marshalling their forces, that all staff know the cyber security policies that explain what to do when under attack.


Cyber crime… cyber war?

With this in mind, the authors have drawn on the work of Clausewitz and Sun Tzu, and applied it to the understanding of information security that they have built up through their extensive experience in the field. The result is expert guidance on information security, underpinned by a profound understanding of human conflict.

Building on the success of the first edition, this new edition covers the most recent developments in the threat landscape and the best-practice advice available in the latest version of ISO 27001:2103.


Contents

  1. Information Security Auditing and Strategy
  2. Security Auditing, Governance, Policies and Compliance
  3. Security Assessments Classification
  4. Advanced Pre-Assessment Planning
  5. Security Audit Strategies and Tactics
  6. Synthetic Evaluation of Risks
  7. Presenting the Outcome and Follow-Up Acts
  8. Reviewing Security Assessment Failures and Auditor Management Strategies 

Click here to view a sample of the book

About the author

Dr Andrew Vladimirov

Dr Andrew Vladimirov is a security researcher. His fields of expertise include network security and applied cryptography, and he has extensive experience of performing information security assessments. He and his fellow authors are the founders of Arhont Ltd, a leading information security consultancy.

Konstantin Gavrilenko

Konstantin Gavrilenko has over 15 years of experience in IT and security. As a researcher, information security is his speciality, and he has a particular interest in wireless security. He holds a BSc in management science from De Montfort University and an MSc in management from Lancaster University.

Andriej Michajlowski

Andriej Michajlowski is an expert on network security. His research interests include user and device authentication mechanisms, and wireless networking security. He has extensive experience carrying out internal and external information security assessments. He is a graduate of the University of Kent at Canterbury and he holds an MBA.

Information Security Breaches - Avoidance and Treatment based on ISO27001, Second Edition
Overview

What if you suffer an information security breach?

Many titles explain how to reduce the risk of information security breaches. Nevertheless breaches do occur, even to organisations that have taken all reasonable precautions.

Information Security Breaches - Avoidance and treatment based on ISO 27001:2013 helps you to manage this threat by detailing what to do as soon as you discover a breach.


Be prepared, be prompt, be decisive

When your organisation’s security is compromised, you cannot afford to waste time deciding how to resolve the issue. You must be ready to take prompt and decisive action. Updated to cover ISO 27001:2013, this second edition gives you clear guidance on how to treat an information security breach and tells you the plans and procedures you have to put in place to minimise damage and return to business as usual.


A recovery plan will help you to:

  • Recover, and resume normal operations, more quickly
  • Preserve customer confidence by quickly resolving service disruption
  • Secure evidence to help with any criminal investigation and improve your chances of catching those responsible. 

About the author

Michael Krausz

Michael Krausz is an IT expert and experienced professional investigator. He has investigated over a hundred cases of information security breaches.

Many of these cases have concerned forms of white-collar crime. Michael Krausz studied physics, computer science and law at the University of Technology in Vienna, and at Vienna and Webster universities. He has delivered over 5000 hours of professional and academic training and has provided services in eleven countries to date.

ISO27001 (2013) Assessments Without Tears - A Pocket Guide, Second Edition
Description

Overview

Updated to reflect the changes in ISO27001:2013, this pocket guide is the ideal way to prepare all staff in an organisation for an ISO27001 audit.

The audit process can be a daunting one as an auditor can direct questions at any employee within your organisation. Written in a clear plain style, this pocket guide offers a tried and tested briefing, and should be issued to staff in advance of the audit to help them prepare for the experience and be well equipped to answer questions when asked.

This pocket book explains what an ISO 27001 assessment is, why organisations bother with them, and what individual staff should do and, perhaps as importantly, not do if an auditor chooses to question them.


The book covers:

  • What an assessment is
  • Why information security is important
  • What happens during an assessment
  • What to consider when answering an auditor';s questions
  • What happens when an auditor finds something wrong
  • Your policies and how to prepare
  • Further information: who to ask

This pocket book is the perfect tool to train everybody inside your organisation to play their part in your ISO 27001 assessment.

Certified ISO 22301 BCMS Foundation and Lead Implementer Combination Training Course
Description

Training course outline

Develop your understanding of ISO 22301, the business continuity standard with this combination course.

You will gain the skills to successfully lead the implementation of a business continuity management system (BCMS) in your organisation, as well as exploring the key concepts and benefits of ISO 22301.


ISO 22301 BCMS Foundation

This one-day introductory course explores the key concepts and benefits of ISO 22301. It provides a comprehensive introduction to the ISO/IEC 22301:2019 standard and the requirements of a BCMS.

ISO 22301 BCMS Lead Implementer

This three-day advanced course covers everything you need to plan and implement an ISO 22301 compliance project. Gain the knowledge and skills required to implement an ISO 22301-compliant BCMS.


ISO 22301 BCMS Foundation and Lead Implementer training course benefits

 Hands-on study

Participate in group discussions, practical exercises and case studies throughout the course.

 Fast-track to certification

Achieve two internationally recognised business continuity qualifications in eight days.

 Steps to success

Introduces you to the benefits of ISO 22301 best practice and compliance, and takes you through the nine steps to ISO 22301 success.  

 Delivered by professionals 

Delivered by experienced ISO 22301 practitioners, this combination course is designed to meet the international standards on auditing techniques.

 Achieve compliance for your organisation

Learn how to tackle a BCMS project from start to finish to help your organisation achieve compliance. 

 Lead the implementation project

Gain the knowledge and skills required to lead an efficient and cost-effective implementation project. 


Who should attend this course?

This combination course is ideal for anyone involved in, or responsible for, implementing or maintaining a BCMS, including: 

  • Business continuity managers
  • IT managers
  • Business managers
  • Compliance managers
  • Project managers
  • Risk managers
  • Operations managers
  • Emergency planners
  • ISO 22301 lead auditors
  • Quality managers
  • Emergency planners

Why choose IT Governance?

  • We’re the leading global provider of IT governance, risk management and compliance solutions.
  • We are leaders in ISO 22301 and Business Continuity Management - all our courses are designed by experts and delivered by experienced trainers.
  • Pass first time or train again for free – we have trained more than 17,000 people and we’re confident you’ll pass with us first time. If you don’t, we’ll train you again for free.*
  • Choose the method that suits you – we offer classroom, instructor-led online, self-paced online, e-learning and in-house training options.
  • Access your training anywhere – all our course materials are provided as a digital copy, allowing you to access them anywhere and at any time. Documents will be made available to download 20 days before your course.
  • Business solutions to suit you – whether you’re a multinational wanting us to manage all your training needs or a small business wishing to boost your workforce skills, we offer a range of training solutions.

*conditions applicable

Course details

What does this training course cover?

  • Understand business continuity concepts, terms and definitions;
  • Explain the benefits of a BCMS to an organisation;
  • Define the role and structure of a business continuity policy;
  • Determine the scope, policy and objectives of the BCMS;
  • Deliver the ISO 22301 project using change management techniques;
  • Allocate roles and responsibilities in the ISO 22301 implementation project;
  • Explain how to carry out the business impact assessment and the risk assessment (the core competence of BCM);
  • Explain how to assess the impact of disruption;
  • Recognise the importance of an effective incident response structure;
  • Explain the importance of an effective communication strategy;
  • Write policies and produce other critical documentation;
  • Understand the importance of staff and general awareness training;
  • Define the key elements of a management review;
  • Manage and drive continual improvement;
  • Prepare the organisation for its initial ISO 22301 certification audit and surveillance visits; and
  • Identify key issues in ensuring that the organisation passes the audit first time.

Course agenda:

Course agenda (day 1):

  • Overview of BCM 
  • ISO 22301 Certification 
  • Context 
  • Leadership 
  • Planning 
  • Implementation 
  • BIA & Risk Assessment 
  • Strategy & Plans
  • Assurance 
  • Improvement

Course agenda (day 2-4):

  • Terms and definitions
  • Commitment
  • Business continuity standards overview
  • BCMS context and scope
  • BCMS leadership and planning
  • BCMS programme plan
  • Operation & strategy
  • Performance evaluation
  • Continual improvement
  • Certification audit process

What’s included in this course?

  • A professional training venue with lunch and refreshments;
  • Full course materials (digital copy provided as a PDF file);
  • The ISO 22301 Certified BCMS Foundation Training Course exam;
  • The ISO 22301 Certified BCMS Lead Implementer Training Course exam; and
  • A certificate of attendance.

What equipment should I bring?

The exam is an online exam. You will need to bring a ‘pop-up enabled’ laptop/tablet to the venue. Full details on how to access the exam will be provided by email 1–2 days before sitting the exam.


Course duration and times

  • Day 1: 09:30am – 4:00pm
  • Day 2: 09:30am – 4:30pm
  • Day 3: 09:15am – 4:30pm
  • Day 4: 09:30am – 3:30pm

Prerequisites

Are there any prerequisites for this course?

No prior knowledge or qualifications are required and the course content is suitable for non-technical and technical staff.


Is there any pre-reading?

We strongly recommend you purchase and read the standard prior to attending the course:

We also recommend that you purchase and read the following textbooks:

Exams and qualifications

Certified ISO 22301 BCMS Foundation and Lead Implementer exams

Attendees take the Certified ISO 22301 BCMS Foundation (CBC F) exam at the end of day one:

  • Delivery method: Online
  • Duration: 60 minutes
  • Questions: 40
  • Format: Multiple choice
  • Pass mark: 65%

Attendees take the Certified ISO 22301 BCMS Lead Implementer (CBC LI) exam at the end of the course:

  • Delivery method: Online
  • Duration: 90 minutes
  • Questions: 40
  • Format: Multiple choice
  • Pass mark: 65%

Both the ISO 27001 Lead Implementer and Lead Auditor exams are set by IBITGQ (International Board for IT Governance Qualifications). There are no extra charge for these exams.

This course is equivalent to:

28

CPD points


What qualifications will I receive?

Certified ISO 22301 BCMS Foundation (CBC F) and Certified ISO 22301 BCMS Lead Implementer (CBC LI) qualifications.


Accreditation

All courses hold accreditations from IBITGQ (International Board for IT Governance Qualifications) a renowned authority in personnel certification within the field of IT governance.

As a premier personnel certification body, IBITGQ specialises in certifying individuals who demonstrate exceptional proficiency in IT governance practices.

IBITGQ maintains accreditation to the ISO/IEC 17024:2012 standard, a globally recognised benchmark for conformity assessment. Accreditation by the International Accreditation Service (IAS) further underscores the course's commitment to meeting stringent certification requirements.

ISO 17024 certification is esteemed within the industry and universally acknowledged by employers worldwide. By aligning with this standard, our course ensures that your qualifications are not only recognised but also highly valued by employers across diverse sectors.

Upon successful completion of the course, you have the opportunity to validate your professional expertise by registering your qualification on the esteemed IBITGQ/GASQ successful candidate register. This platform serves as a testament to your commitment to excellence in IT governance, setting you apart as a distinguished professional in the field.


How will I receive my exam results and certificates?

  • Provisional exam results will be available immediately on completion of the exam. Confirmed exam results will be issued within ten working days from the date of the exam.
  • Certificates for those who have achieved a passing grade will be issued within ten working days from the date of the exam.
  • Results notifications and certificates are sent directly to candidates by the relevant exam board in electronic format; please note that hard copy exam certificates are not issued.

Can exams be retaken?

Exams can be resat without retaking the entire course but delegates will need to pay the exam fee again.

Ways to learn

Learn your way with our flexible delivery methods

We want you to learn, qualify and progress, and we are committed to providing learning options for all scenarios: deadline-driven, career-orientated, company-wide or interest-led.

Instructor-led public courses

Structured learning, with clear direction and guidance from expert practitioners:

  • Focused learning
  • Delivered by expert practitioners
  • Peer support
  • In-the-moment insights

Learn more

Self-paced online learning

Learn and absorb material in a way that works for you:

  • Study at your own pace
  • Cost-effective
  • Bite-sized learning
  • Fits around you

Learn more

Unique blended learning courses

The most effective learning method for professionals:

  • Work around lifestyle challenges
  • A more manageable programme
  • Tailored, mastery-based learning
  • Better learning outcomes

Learn more

In-house and corporate training

Learning as a team and building a culture of awareness:

  • Unique to you
  • Peace of mind
  • Improve teamwork
  • Maximise your budget

Learn more

This website uses cookies. View our cookie policy
SAVE 25% ON
FOUNDATION TRAINING
Loading...