Search Results

17 Products Found:

Our Price: $1,995.00

SKU: 29100-CLPI-LI-V |

MASTERING THE IMPLEMENTATION AND MANAGEMENT OF A PRIVACY FRAMEWORK (5 DAY COURSE FOR VIRTUAL PARTICIPANTS ONLY)

SUMMARY
This five-day intensive course enables Virtual Participants to develop the necessary expertise to support an organization in implementing and managing a Privacy Framework based on ISO 29100, the Generally Accepted Privacy principles and guidance from international information commissioners. Participants will gain a thorough understanding of how to design, build and lead organizations privacy programs covering business processes, ICT systems and services, through the use of best practices. The training provides a privacy framework which specifies a common privacy terminology, defines the actors and their roles in processing personally identifiable information (PII), describes privacy safeguarding considerations and provides references to known privacy principles for information technology. Based on this knowledge delegates will have the skills to build privacy frameworks that allow their organisation to maintain compliance to the many privacy directives and laws worldwide.

Who Should Attend?
▶▶ Project managers or consultants wanting to prepare and to support organizations on implementing and managing a Privacy Framework
▶▶ Security auditors who wish to fully understand the Privacy Framework implementation process
▶▶ Experienced IT security management professionals
▶▶ IT security professionals interested in earning Privacy Management Framework certification
▶▶ Privacy Officers, Data Protection Officers, and Compliance professionals with an interest in privacy legislation and risk
▶▶ Security professionals with front-line experience
▶▶ Information security staff
▶▶ Expert advisors in information technology
▶▶ Persons and organizations involved in tasks where privacy controls are required for the processing of PII
▶▶ Legal practitioners who wish to understand the practical aspects of privacy frameworks

Learning Objectives

▶▶ To understand the core competences on Privacy Framework
▶▶ To gain a comprehensive understanding of the concepts, approaches, standards, methods and techniques required for the effective protection of personally identifiable information (PII)
▶▶ To define privacy safeguarding requirements related to PII within an ICT environment
▶▶ To understand the relationship between the components of Privacy Framework with existing security standards and various applicable laws
▶▶ To acquire necessary expertise in privacy governance, specifically in personally identifiable information governance
▶▶ To acquire necessary expertise in privacy risk management compliance connected with personally identifiable information
▶▶ To develop knowledge and skills required to advise for improve organizations’ privacy programs through the use of best practices
▶▶ To improve the capacity for analysis of privacy incident management
▶▶ To understand the relationship between the components of Privacy Framework with existing security standards and various applicable laws and directives


Course Agenda

Day 1 - Introduction to Privacy Framework concepts as recommended by ISO 29100

▶▶ Introduction to Privacy Framework concepts as recommended by ISO 29100
▶▶ Privacy Framework based on ISO 29100 and regulatory framework
▶▶ Fundamental Principles of Privacy
▶▶ Privacy Legislation US & Europe including the existing and new EU directives
▶▶ Writing a business case and a project plan for the implementation of a Privacy Framework
▶▶ Initiating the Privacy Framework implementation

Day 2 - Planning the implementation of the Privacy Framework

▶▶ Preliminary analysis of Existing Controls
▶▶ Leadership and approval of the Privacy Framework project
▶▶ Defining the scope of a Privacy Framework
▶▶ Development of a Privacy policy
▶▶ Selection of the approach and methodology for risk assessment
▶▶ Control Statement and management decision to implement the Privacy Framework
▶▶ Definition of the organizational structure of Privacy

Day 3 - Implementing a Privacy Framework

▶▶ Implementation of a document management framework
▶▶ Design of controls and writing procedures and specific policies
▶▶ Implementation of privacy controls
▶▶ Development of a training and awareness program and communicating about the privacy to Development of a training and awareness program and communicating about privacy
▶▶ Incident management
▶▶ Operations Management

Day 4 - Privacy Framework measurement and continuous improvement
▶▶ Monitoring, Measurement, Analysis and Evaluation
▶▶ Internal Audit
▶▶ Management Review
▶▶ Treatment of problems and points of concern
▶▶ Continual improvement
▶▶ Competence and evaluation of implementers

Day 5 - Certification Exam

A certificate will be issued to participants who successfully pass the exam and comply with all the other requirements related to the selected credential. Please see the course flyer or brochure for details on the "other requirements".


General Information:

▶Certification fees are included in the exam price


▶▶Participant manuals contains over 450 pages of information and practical examples


▶▶A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued to participants


▶▶In case of failure of the exam, participants are allowed to retake the exam for free under certain conditions


WHY CHOOSE GRCme University and PECB?
The GRC Sphere, working in conjunction with PECB, is a certification body for persons, management systems, and products on a wide range of international standards. As a global provider of training, examination, audit, and certification services, we offer our expertise across multiple fields. We help organizations to show commitment and competence with internationally recognized standards by providing this assurance through the education, evaluation and certification against rigorous, internationally recognized competence requirements. With a global coverage across 150 countries worldwide, our mission is to provide our clients comprehensive services that inspire trust, continual improvement, demonstrate recognition, and benefit society as a whole.

PLEASE MAKE SURE TO VISIT OUR GRCme UNIVERSITY LOCATION ON THE WEB TO DOWNLOAD ANY OF OUR CURRICULA OR COURSE DESCRIPTIONS IN .PDF FORMAT.
THERE ARE NO MEMBER FEES TO ACCESS THIS FREE INFORMATION.
http://www.grcsphere.org/

Our Price: $2,795.00

SKU: 29100-CLPI-LI |

MASTERING THE IMPLEMENTATION AND MANAGEMENT OF A PRIVACY FRAMEWORK

SUMMARY
This five-day intensive course enables participants to develop the necessary expertise to support an organization in implementing and managing a Privacy Framework based on ISO 29100, the Generally Accepted Privacy principles and guidance from international information commissioners. Participants will gain a thorough understanding of how to design, build and lead organizations privacy programs covering business processes, ICT systems and services, through the use of best practices. The training provides a privacy framework which specifies a common privacy terminology, defines the actors and their roles in processing personally identifiable information (PII), describes privacy safeguarding considerations and provides references to known privacy principles for information technology. Based on this knowledge delegates will have the skills to build privacy frameworks that allow their organisation to maintain compliance to the many privacy directives and laws worldwide.

Who Should Attend?
▶▶ Project managers or consultants wanting to prepare and to support organizations on implementing and managing a Privacy Framework
▶▶ Security auditors who wish to fully understand the Privacy Framework implementation process
▶▶ Experienced IT security management professionals
▶▶ IT security professionals interested in earning Privacy Management Framework certification
▶▶ Privacy Officers, Data Protection Officers, and Compliance professionals with an interest in privacy legislation and risk
▶▶ Security professionals with front-line experience
▶▶ Information security staff
▶▶ Expert advisors in information technology
▶▶ Persons and organizations involved in tasks where privacy controls are required for the processing of PII
▶▶ Legal practitioners who wish to understand the practical aspects of privacy frameworks

Learning Objectives

▶▶ To understand the core competences on Privacy Framework
▶▶ To gain a comprehensive understanding of the concepts, approaches, standards, methods and techniques required for the effective protection of personally identifiable information (PII)
▶▶ To define privacy safeguarding requirements related to PII within an ICT environment
▶▶ To understand the relationship between the components of Privacy Framework with existing security standards and various applicable laws
▶▶ To acquire necessary expertise in privacy governance, specifically in personally identifiable information governance
▶▶ To acquire necessary expertise in privacy risk management compliance connected with personally identifiable information
▶▶ To develop knowledge and skills required to advise for improve organizations’ privacy programs through the use of best practices
▶▶ To improve the capacity for analysis of privacy incident management
▶▶ To understand the relationship between the components of Privacy Framework with existing security standards and various applicable laws and directives


Course Agenda

Day 1 - Introduction to Privacy Framework concepts as recommended by ISO 29100

▶▶ Introduction to Privacy Framework concepts as recommended by ISO 29100
▶▶ Privacy Framework based on ISO 29100 and regulatory framework
▶▶ Fundamental Principles of Privacy
▶▶ Privacy Legislation US & Europe including the existing and new EU directives
▶▶ Writing a business case and a project plan for the implementation of a Privacy Framework
▶▶ Initiating the Privacy Framework implementation

Day 2 - Planning the implementation of the Privacy Framework

▶▶ Preliminary analysis of Existing Controls
▶▶ Leadership and approval of the Privacy Framework project
▶▶ Defining the scope of a Privacy Framework
▶▶ Development of a Privacy policy
▶▶ Selection of the approach and methodology for risk assessment
▶▶ Control Statement and management decision to implement the Privacy Framework
▶▶ Definition of the organizational structure of Privacy

Day 3 - Implementing a Privacy Framework

▶▶ Implementation of a document management framework
▶▶ Design of controls and writing procedures and specific policies
▶▶ Implementation of privacy controls
▶▶ Development of a training and awareness program and communicating about the privacy to Development of a training and awareness program and communicating about privacy
▶▶ Incident management
▶▶ Operations Management

Day 4 - Privacy Framework measurement and continuous improvement
▶▶ Monitoring, Measurement, Analysis and Evaluation
▶▶ Internal Audit
▶▶ Management Review
▶▶ Treatment of problems and points of concern
▶▶ Continual improvement
▶▶ Competence and evaluation of implementers

Day 5 - Certification Exam

A certificate will be issued to participants who successfully pass the exam and comply with all the other requirements related to the selected credential. Please see the course flyer or brochure for details on the "other requirements".

General Information:

▶Certification fees are included in the exam price


▶▶Participant manuals contains over 450 pages of information and practical examples


▶▶A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued to participants


▶▶In case of failure of the exam, participants are allowed to retake the exam for free under certain conditions


WHY CHOOSE GRCme University and PECB?
The GRC Sphere, working in conjunction with PECB, is a certification body for persons, management systems, and products on a wide range of international standards. As a global provider of training, examination, audit, and certification services, we offer our expertise across multiple fields. We help organizations to show commitment and competence with internationally recognized standards by providing this assurance through the education, evaluation and certification against rigorous, internationally recognized competence requirements. With a global coverage across 150 countries worldwide, our mission is to provide our clients comprehensive services that inspire trust, continual improvement, demonstrate recognition, and benefit society as a whole.

PLEASE MAKE SURE TO VISIT OUR GRCme UNIVERSITY LOCATION ON THE WEB TO DOWNLOAD ANY OF OUR CURRICULA OR COURSE DESCRIPTIONS IN .PDF FORMAT.
THERE ARE NO MEMBER FEES TO ACCESS THIS FREE INFORMATION.
http://www.grcsphere.org/

Our Price: $1,200.00

SKU: 27005-RM-V |

PECB CERTIFIED ISO / IEC 27005 RISK MANAGER (3 DAY COURSE FOR VIRTUAL PARTICIPANTS ONLY)

MASTERING RISK ASSESSMENT AND OPTIMAL RISK MANAGEMENT IN INFORMATION SECURITY BASED ON ISO/IEC 27005

SUMMARY
In this three-day intensive course Virtual Participants develop the competence to master the basic risk management elements related to all assets of relevance for information security using the ISO/IEC 27005:2011 standard as a reference framework. Based on practical exercises and case studies, participants acquire the necessary knowledge and skills to perform an optimal information security risk assessment and manage risks in time by being familiar with their life cycle. During this training, we will also present other risk assessment methods such as OCTAVE, EBIOS, MEHARI and Harmonized TRA. This training fits perfectly with the implementation process of the ISMS framework in ISO/IEC 27001:2013 standard.

Course Agenda

Day 1 - Introduction, risk management program according to ISO/IEC 27005

Day 2 - Risk identification and assessment, risk evaluation, treatment, acceptance, communication and surveillance according to ISO/IEC 27005

Day 3 - Overview of other information security risk assessment methods and Exam

PECB Certified ISO/IEC 27005 Risk Manager exam is available in different languages. The candidates who do not pass the exam will be able to retake it for free within 12 months from the initial exam date.

After successfully completing the exam, participants can apply for the credentials of PECB Certified ISO/IEC 27005 Risk Manager.

General Information:

▶ Certification fees are included in the exam price


▶▶ Participant manual contains more than 350 pages of information and practical examples


▶▶ A participation certificate of 21 CPD (Continuing Professional Development) credits will be issued to the participants


▶▶ ISO/IEC 27005 provides guidance on information security risk management to which organizations cannot get certified against


▶▶ In case of failure of the exam, participants are allowed to retake it for free under certain conditions

WHY CHOOSE GRCme University and PECB?
The GRC Sphere, working in conjunction with PECB, is a certification body for persons, management systems, and products on a wide range of international standards. As a global provider of training, examination, audit, and certification services, we offer our expertise across multiple fields. We help organizations to show commitment and competence with internationally recognized standards by providing this assurance through the education, evaluation and certification against rigorous, internationally recognized competence requirements. With a global coverage across 150 countries worldwide, our mission is to provide our clients comprehensive services that inspire trust, continual improvement, demonstrate recognition, and benefit society as a whole.

PLEASE MAKE SURE TO VISIT OUR GRCme UNIVERSITY LOCATION ON THE WEB TO DOWNLOAD ANY OF OUR CURRICULA OR COURSE DESCRIPTIONS IN .PDF FORMAT.
THERE ARE NO MEMBER FEES TO ACCESS THIS FREE INFORMATION.
http://www.grcsphere.org/

Our Price: $1,679.00

SKU: 27005-RM |

PECB CERTIFIED ISO / IEC 27005 RISK MANAGER

MASTERING RISK ASSESSMENT AND OPTIMAL RISK MANAGEMENT IN INFORMATION SECURITY BASED ON ISO/IEC 27005

SUMMARY
In this three-day intensive course participants develop the competence to master the basic risk management elements related to all assets of relevance for information security using the ISO/IEC 27005:2011 standard as a reference framework. Based on practical exercises and case studies, participants acquire the necessary knowledge and skills to perform an optimal information security risk assessment and manage risks in time by being familiar with their life cycle. During this training, we will also present other risk assessment methods such as OCTAVE, EBIOS, MEHARI and Harmonized TRA. This training fits perfectly with the implementation process of the ISMS framework in ISO/IEC 27001:2013 standard.

Course Agenda

Day 1 - Introduction, risk management program according to ISO/IEC 27005

Day 2 - Risk identification and assessment, risk evaluation, treatment, acceptance, communication and surveillance according to ISO/IEC 27005

Day 3 - Overview of other information security risk assessment methods and Exam

PECB Certified ISO/IEC 27005 Risk Manager exam is available in different languages. The candidates who do not pass the exam will be able to retake it for free within 12 months from the initial exam date.

After successfully completing the exam, participants can apply for the credentials of PECB Certified ISO/IEC 27005 Risk Manager.

General Information:

▶Certification fees are included in the exam price


▶▶Participant manual contains more than 350 pages of information and practical examples


▶▶A participation certificate of 21 CPD (Continuing Professional Development) credits will be issued to the participants


▶▶ISO/IEC 27005 provides guidance on information security risk management to which organizations cannot get certified against


▶▶In case of failure of the exam, participants are allowed to retake it for free under certain conditions

WHY CHOOSE GRCme University and PECB?
The GRC Sphere, working in conjunction with PECB, is a certification body for persons, management systems, and products on a wide range of international standards. As a global provider of training, examination, audit, and certification services, we offer our expertise across multiple fields. We help organizations to show commitment and competence with internationally recognized standards by providing this assurance through the education, evaluation and certification against rigorous, internationally recognized competence requirements. With a global coverage across 150 countries worldwide, our mission is to provide our clients comprehensive services that inspire trust, continual improvement, demonstrate recognition, and benefit society as a whole.

PLEASE MAKE SURE TO VISIT OUR GRCme UNIVERSITY LOCATION ON THE WEB TO DOWNLOAD ANY OF OUR CURRICULA OR COURSE DESCRIPTIONS IN .PDF FORMAT.
THERE ARE NO MEMBER FEES TO ACCESS THIS FREE INFORMATION.
http://www.grcsphere.org/

Our Price: $559.00

SKU: 27005-IN |
PECB CERTIFIED ISO / IEC 27005 INTRODUCTION COURSE

LEARN THE BEST PRACTICES AND IMPLEMENTATION OF RISK MANAGEMENT BASED ON ISO / IEC 27005

SUMMARY
This one day course allows the participants to familiarize themselves with the fundamentals of risk management related to information security using the standard ISO/IEC 27005:2011 as a reference framework. Participants will see different parts of a risk management program and the implementation stages of an optimal risk assessment. It should be noted that this course fits perfectly into the framework of a process of implementation of ISO/IEC 27001.

PREREQUISITES: None

EXAMINATION AND CERTIFICATION: None

Who Should Attend:

▶▶ IT professionals wishing to obtain a comprehensive understanding of risk management within an organization
▶▶ Staff implementing or seeking to comply with ISO/IEC 27001 or involved in a risk management program
▶▶ Member of the information security team
▶▶ Professionals wanting to gain a comprehensive knowledge of ISO/IEC 27005

Learning Objectives:

▶ To understand the basics of the implementation, management and maintenance of an ongoing risk management program
▶▶To introduce the concepts, approaches, standards, methods and techniques allowing an effective management of risk
▶▶ To interpret the requirements of ISO/IEC 27001 on information security risk management
▶▶ To understand the relationship between the information security risk management, the security controls and the compliance with the requirements of different stakeholders of an organization

Course Agenda:

▶ Concepts and definitions related to risk management
▶▶ Standards, frameworks and methodologies in risk management
▶▶ Implement a risk management program
▶▶ Risk identification and risk analysis
▶▶ Risk evaluation and risk treatment
▶▶ Acceptance of risk and management of residual risks
▶▶ Communicating, monitoring and controlling risk


General Information
▶ A student manual containing over 100 pages of information and practical examples are given to the participants
▶▶ A participation certificate of 7 CPD (Continuing Professional Development) credits is awarded to the participants

WHY CHOOSE GRCme University and PECB?
The GRC Sphere, working in conjunction with PECB, is a certification body for persons, management systems, and products on a wide range of international standards. As a global provider of training, examination, audit, and certification services, we offer our expertise across multiple fields. We help organizations to show commitment and competence with internationally recognized standards by providing this assurance through the education, evaluation and certification against rigorous, internationally recognized competence requirements. With a global coverage across 150 countries worldwide, our mission is to provide our clients comprehensive services that inspire trust, continual improvement, demonstrate recognition, and benefit society as a whole.

PLEASE MAKE SURE TO VISIT OUR GRCme UNIVERSITY LOCATION ON THE WEB TO DOWNLOAD ANY OF OUR CURRICULA OR COURSE DESCRIPTIONS IN .PDF FORMAT.
THERE ARE NO MEMBER FEES TO ACCESS THIS FREE INFORMATION.
http://www.grcsphere.org/

Our Price: $395.00

SKU: 27005-IN-V |
PECB CERTIFIED ISO / IEC 27005 INTRODUCTION COURSE (1 DAY COURSE FOR VIRTUAL PARTICIPANTS ONLY)

LEARN THE BEST PRACTICES AND IMPLEMENTATION OF RISK MANAGEMENT BASED ON ISO / IEC 27005

SUMMARY
This one day course allows the Virtual Participants to familiarize themselves with the fundamentals of risk management related to information security using the standard ISO/IEC 27005:2011 as a reference framework. Participants will see different parts of a risk management program and the implementation stages of an optimal risk assessment. It should be noted that this course fits perfectly into the framework of a process of implementation of ISO/IEC 27001.

PREREQUISITES: None

EXAMINATION AND CERTIFICATION: None

Who Should Attend:

▶▶ IT professionals wishing to obtain a comprehensive understanding of risk management within an organization
▶▶ Staff implementing or seeking to comply with ISO/IEC 27001 or involved in a risk management program
▶▶ Member of the information security team
▶▶ Professionals wanting to gain a comprehensive knowledge of ISO/IEC 27005

Learning Objectives:

▶ To understand the basics of the implementation, management and maintenance of an ongoing risk management program
▶▶To introduce the concepts, approaches, standards, methods and techniques allowing an effective management of risk
▶▶ To interpret the requirements of ISO/IEC 27001 on information security risk management
▶▶ To understand the relationship between the information security risk management, the security controls and the compliance with the requirements of different stakeholders of an organization

Course Agenda:

▶ Concepts and definitions related to risk management
▶▶ Standards, frameworks and methodologies in risk management
▶▶ Implement a risk management program
▶▶ Risk identification and risk analysis
▶▶ Risk evaluation and risk treatment
▶▶ Acceptance of risk and management of residual risks
▶▶ Communicating, monitoring and controlling risk


General Information
▶ A student manual containing over 100 pages of information and practical examples are given to the participants
▶▶ A participation certificate of 7 CPD (Continuing Professional Development) credits is awarded to the participants

WHY CHOOSE GRCme University and PECB?
The GRC Sphere, working in conjunction with PECB, is a certification body for persons, management systems, and products on a wide range of international standards. As a global provider of training, examination, audit, and certification services, we offer our expertise across multiple fields. We help organizations to show commitment and competence with internationally recognized standards by providing this assurance through the education, evaluation and certification against rigorous, internationally recognized competence requirements. With a global coverage across 150 countries worldwide, our mission is to provide our clients comprehensive services that inspire trust, continual improvement, demonstrate recognition, and benefit society as a whole.

PLEASE MAKE SURE TO VISIT OUR GRCme UNIVERSITY LOCATION ON THE WEB TO DOWNLOAD ANY OF OUR CURRICULA OR COURSE DESCRIPTIONS IN .PDF FORMAT.
THERE ARE NO MEMBER FEES TO ACCESS THIS FREE INFORMATION.
http://www.grcsphere.org/

Our Price: $795.00

SKU: 27005-FD-V |
PECB CERTIFIED ISO / IEC 27005 FOUNDATION COURSE (2 DAY COURSE FOR VIRTUAL PARTICIPANTS ONLY)

BECOME ACQUAINTED WITH THE BEST PRACTICES IN INFORMATION SECURITY RISK MANAGEMENT BASED ON ISO / IEC 27005

SUMMARY
This 2 day Foundation course enables participants to learn about the best practices in risk management based on ISO/IEC 27005, as well as understanding how different parts of a risk management program and the implementation stages of an optimal risk assessment are conducted.

Course Agenda

Day 1 - Introduction to Risk Management concepts as required by ISO/IEC 27005

Day 2 - Identification and assessment of risk management in information security according to ISO/IEC 27005. Certification Exam

PECB Certified ISO/IEC 27005 Foundation exam is available in different languages. The candidates who do not pass the exam will be able to retake it for free within 12 months from the initial exam date.

A certificate of PECB Certified ISO/IEC 27005 Foundation will be issued to participants who successfully pass the ISO/IEC 27005 Foundation Exam:
▶▶ No experience requirements
▶▶ No annual maintenance fee
▶▶ Certification fee is included in the exam price
▶▶ Certified for life

General Information
▶▶A student manual contains more than 200 pages of information and practical examples
▶▶A participation certificate of 14 CPD (Continuing Professional Development) credits will be issued to the participants

WHY CHOOSE GRCme University and PECB?
The GRC Sphere, working in conjunction with PECB, is a certification body for persons, management systems, and products on a wide range of international standards. As a global provider of training, examination, audit, and certification services, we offer our expertise across multiple fields. We help organizations to show commitment and competence with internationally recognized standards by providing this assurance through the education, evaluation and certification against rigorous, internationally recognized competence requirements. With a global coverage across 150 countries worldwide, our mission is to provide our clients comprehensive services that inspire trust, continual improvement, demonstrate recognition, and benefit society as a whole.

PLEASE MAKE SURE TO VISIT OUR GRCme UNIVERSITY LOCATION ON THE WEB TO DOWNLOAD ANY OF OUR CURRICULA OR COURSE DESCRIPTIONS IN .PDF FORMAT.
THERE ARE NO MEMBER FEES TO ACCESS THIS FREE INFORMATION.
http://www.grcsphere.org/

Our Price: $1,125.00

SKU: 27005-FD |
PECB CERTIFIED ISO / IEC 27005 FOUNDATION COURSE

BECOME ACQUAINTED WITH THE BEST PRACTICES IN INFORMATION SECURITY RISK MANAGEMENT BASED ON ISO / IEC 27005

SUMMARY
This 2 day Foundation course enables participants to learn about the best practices in risk management based on ISO/IEC 27005, as well as understanding how different parts of a risk management program and the implementation stages of an optimal risk assessment are conducted.

Course Agenda

Day 1 - Introduction to Risk Management concepts as required by ISO/IEC 27005

Day 2 - Identification and assessment of risk management in information security according to ISO/IEC 27005. Certification Exam

PECB Certified ISO/IEC 27005 Foundation exam is available in different languages. The candidates who do not pass the exam will be able to retake it for free within 12 months from the initial exam date.

A certificate of PECB Certified ISO/IEC 27005 Foundation will be issued to participants who successfully pass the ISO/IEC 27005 Foundation Exam:
▶▶ No experience requirements
▶▶ No annual maintenance fee
▶▶ Certification fee is included in the exam price
▶▶ Certified for life

General Information
▶▶A student manual contains more than 200 pages of information and practical examples
▶▶A participation certificate of 14 CPD (Continuing Professional Development) credits will be issued to the participants

WHY CHOOSE GRCme University and PECB?
The GRC Sphere, working in conjunction with PECB, is a certification body for persons, management systems, and products on a wide range of international standards. As a global provider of training, examination, audit, and certification services, we offer our expertise across multiple fields. We help organizations to show commitment and competence with internationally recognized standards by providing this assurance through the education, evaluation and certification against rigorous, internationally recognized competence requirements. With a global coverage across 150 countries worldwide, our mission is to provide our clients comprehensive services that inspire trust, continual improvement, demonstrate recognition, and benefit society as a whole.

PLEASE MAKE SURE TO VISIT OUR GRCme UNIVERSITY LOCATION ON THE WEB TO DOWNLOAD ANY OF OUR CURRICULA OR COURSE DESCRIPTIONS IN .PDF FORMAT.
THERE ARE NO MEMBER FEES TO ACCESS THIS FREE INFORMATION.
http://www.grcsphere.org/

Our Price: $2,795.00

SKU: 27001-ISE-MS |
ISO / IEC 27001 Information Security Essentials (ISE) Certification

Increase your company value with cost efficiency under ISE Certification by showing compliance to major Information Security requirements.

Summary
Certification under ISE is granted to the companies that show their conformance towards the implementation of the ISO/IEC 27001. Importantly, PECB is willing to give this certification to companies that are in the process of meeting the entire criteria of the ISO/IEC 27001 in the near future. With this certification, companies will show compliance to the key clauses and controls implemented in their management system, such as:

  • Knowing the context of the organization
  • Building communication channels
  • Ensuring management’s support for the implementation
  • Operational planning for the information security risk assessment and treatment
  • Asset management
  • Access control approach
  • Physical and environmental security
  • Operations security
  • Incident management and information security business continuity


What is the ISE About?
ISE comprises the controls from ISO/IEC 27001 which allow various departments of your company to implement essential information security controls with less guidance from management – without jeopardizing the fundamental ideas behind the ISO/IEC 27001 framework. Implementing the PECB ISE framework and obtaining the certification for your organization are the right steps towards demonstrating that you are serious about practicing information security and can address the challenges involved in an efficient way.

The design objectives for this new certification scheme:
  • Easy to implement
  • Reduced management involvement
  • Leverage existing ISO/IEC 27001 skills of your staff
  • Certifiable


BENEFITS OF THE ISE CERTIFICATION
  • Reduced implementation efforts through reduced number of controls
  • Less than half of the costs compared to the ISO/IEC 27001 implementation and certification
  • No extra training necessary for already certified ISO/IEC 27001 implementers and auditors through 100% compatibility with ISO/IEC 27001
  • Reduced training costs for staff not familiar with ISO/IEC 27001
  • No voided implementation efforts when moving to full blown ISO/IEC 27001
  • Marketing advantage through international recognition of the certificate
  • Very feasible step stone to achieve full ISO/IEC 27001 certification



CERTIFICATION PROCESS
ISE certification (also known as “registration”) is granted by a third-party, such as PECB, upon verifying through an audit that the organization has fulfilled the considered essential clauses. This certification is then maintained through scheduled annual surveillance audits by the registrar, with re-certification of the Information Security performed on a triannual basis.

Step 1. Pre-Audit (Optional) – It must be done at least 3 months before Certification Audit


Step 2. Audit Plan – Plan for audit has to be mutually agreed


Step 3. Audit Stage 1 & 2 – Non-conformities must be closed at least 3 months after audit conclusions


Step 4. Initial Certification – Certificate will be issued within 2 weeks after successful audit closing

Once certification has been obtained, the organization will be subjected to two surveillance audits within 24 months from the initial certification:

- Surveillance Audit Stage 1 – No longer than 12 months from the initial certification audit

- Surveillance Audit Stage 2 – No longer than 12 months from the 1st surveillance audit

WHY CHOOSE GRCme University and PECB?
The GRC Sphere, working in conjunction with PECB, is a certification body for persons, management systems, and products on a wide range of international standards. As a global provider of training, examination, audit, and certification services, we offer our expertise across multiple fields. We help organizations to show commitment and competence with internationally recognized standards by providing this assurance through the education, evaluation and certification against rigorous, internationally recognized competence requirements. With a global coverage across 150 countries worldwide, our mission is to provide our clients comprehensive services that inspire trust, continual improvement, demonstrate recognition, and benefit society as a whole. 


PLEASE MAKE SURE TO VISIT OUR GRCme UNIVERSITY LOCATION ON THE WEB TO DOWNLOAD ANY OF OUR CURRICULA OR COURSE DESCRIPTIONS IN .PDF FORMAT. THERE ARE NO MEMBER FEES TO ACCESS THIS FREE INFORMATION.
http://www.grcsphere.org/ 

Our Price: $2,795.00

SKU: 27001-MS |

ISO / IEC 27001 INFORMATION SECURITY MANAGEMENT SYSTEM CERTIFICATION

BUILD A REPUTATION AS A COMPANY THAT KEEPS ITS INFORMATION SAFE WITH THE ISO/IEC 27001 CERTIFICATION

SUMMARY
The ISO/IEC 27001 Information Security Management standard helps organizations to keep their information assets secure, by building an information infrastructure against the risks of loss, damage or any other threat.

Companies that certify their management system against ISO/IEC 27001 validate that the security of financial information, intellectual property, employee details, or information entrusted from third parties is being successfully managed and continually improved in accordance with widely accepted best practices and the standard’s framework.

BENEFITS OF ISO/IEC 27001 CERTIFICATION TO YOUR ORGANIZATION:
• Provides senior management involved in information security with an efficient management process
• Provides you with a competitive advantage due to customer trust and market share
• Reduces costs due to incident and threat minimization
• Demonstrated compliance with customer, regulatory and/or other requirements
• Sets out areas of responsibility across the organization
• Communicates a positive message to staff, customers, suppliers and stakeholders
• Integration between business operations and information security
• Alignment of information security with the organization’s objectives
• Seizing opportunities to put forward true value through enhancement of marketing

BENEFITS OF ISO/IEC 27001 CERTIFICATION TO YOUR CUSTOMERS:
• Keeps intellectual property and valuable information secure
• Provides customers and stakeholders with confidence in how you manage risk related to information security
• Secures exchange of information
• Ensures that you are meeting your legal obligations
• Manages and minimizes risk exposure
• Cost savings for rework, damages and waste

UNDERSTANDING THE CERTIFICATION PROCESS
ISO/IEC 27001 certification (also known as “registration”) is granted by a third-party, such as PECB, upon verifying through an audit that the organization is in compliance with the requirements of the ISO/IEC 27001 standard. This certification is then maintained through scheduled annual surveillance audits by the registrar, with re-certification of the Information Security performed on a triannual basis.


Step 1. Pre-Audit (Optional)- It must be done at least 3 months before Certification Audit


Step 2. Audit Plan - Plan for audit has to be mutually agreed


Step 3. Audit Stage 1 & 2 - Non-conformities must be closed at least 3 months after audit conclusions


Step 4. Initial Certification - Certificate will be issued within 2 weeks after successful audit closing
Once certification has been obtained, the organization will be subjected to two surveillance audits within 24 months from the initial certification:

• Surveillance Audit Stage 1 - No longer than 12 months from the initial certification audit
• Surveillance Audit Stage 2 - No longer than 12 months from the 1st surveillance audit

WHY CHOOSE GRCme University and PECB?
The GRC Sphere, working in conjunction with PECB, is a certification body for persons, management systems, and products on a wide range of international standards. As a global provider of training, examination, audit, and certification services, we offer our expertise across multiple fields. We help organizations to show commitment and competence with internationally recognized standards by providing this assurance through the education, evaluation and certification against rigorous, internationally recognized competence requirements. With a global coverage across 150 countries worldwide, our mission is to provide our clients comprehensive services that inspire trust, continual improvement, demonstrate recognition, and benefit society as a whole. 


PLEASE MAKE SURE TO VISIT OUR GRCme UNIVERSITY LOCATION ON THE WEB TO DOWNLOAD ANY OF OUR CURRICULA OR COURSE DESCRIPTIONS IN .PDF FORMAT. THERE ARE NO MEMBER FEES TO ACCESS THIS FREE INFORMATION.
http://www.grcsphere.org/ 

Our Price: $1,995.00

SKU: 27002-Lead Mgr-V |

MASTERING THE FUNDAMENTAL PRINCIPLES, CONCEPTS AND IMPLEMENTATION OF THE BEST PRACTICES OF INFORMATION SECURITY CONTROLS WITHIN THE PROCESS OF IMPLEMENTING AN INFORMATION SECURITY MANAGEMENT SYSTEM (ISMS) BASED ON ISO/IEC 27002. (5 DAY COURSE FOR VIRTUAL PARTICIPANTS ONLY)

SUMMARY
This five day intensive course enables the participants to develop the expertise needed to support an organization in implementing and managing the information security controls of an Information Security Management System (ISMS) based on ISO/IEC 27001. Participants will also be given a thorough grounding in the best practices used to implement information security controls from all the areas of ISO/IEC 27002. This training is consistent with the project management practices established in ISO 10006 (Quality Management Systems - Guidelines for Quality Management in Projects). It is also fully compatible with ISO 27003 (Guidelines for the Implementation of an ISMS), ISO 27004 (Measurement of Information Security) and ISO/IEC 27005 (Risk Management in Information Security).

Who Should Attend?
▶Managers or consultants wanting to implement an Information Security Management System (ISMS)
▶▶Project managers or consultants wanting to master the Information Security Management System implementation process
▶▶Persons responsible for the information security or conformity in an organization
▶▶Members of information security teams
▶▶Expert advisors in information technology
▶▶Technical experts wanting to prepare for an Information Security Audit function
▶▶Persons responsible to develop their own information security management guidelines


Learning Objectives
▶To gain a comprehensive understanding of the concepts, approaches, standards, methods and techniques related to an ISMS and the required information security controls
▶▶To understand the initiation, implementation, maintenance and improvement of the ISMS within an organization
▶▶To acquire the necessary expertise to manage a team implementing ISO/IEC 27002
▶▶To develop the knowledge and skills required to advise organizations on best practices in the management of information security controls
▶▶To improve the capacity for analysis and decision making in the context of information security controls


Course Agenda

Day 1
- Introduction to Information Security controls and ISO/IEC 27002


▶▶Course objective and structure
▶▶Standard and regulatory framework
▶▶Fundamental Principles of Information Security
▶▶Information Security Management System
▶▶Information security policies
▶▶Organization of information security

Day 2
- Human resources, Asset Management and Access Control


▶▶Human resources security
▶▶Asset Management
▶▶Access Control

Day 3
- Operations and communications security as required by ISO/IEC 27001


▶▶Cryptography
▶▶Physical and Environmental Security
▶▶Operations Security
▶▶Communications security
▶▶Incident Management
▶▶Information Security Aspects of Business Continuity Management
▶▶Compliance
▶▶Golden Rules and Conclusion
▶▶Applying for certification and closing of the training
▶▶Certification Exam


Day 4
- Continuous improvement and preparation for certification


▶▶System acquisition, development and maintenance
▶▶Supplier Relationships
▶▶Information security Incident Management
▶▶Information security aspects of business continuity management
▶▶Compliance
▶▶Golden Rules and Conclusion
▶▶Lead Manager Certification Scheme
▶▶Closing the Training

Day 5 - Certification Exam


WHY CHOOSE GRCme University and PECB?

The GRC Sphere, working in conjunction with PECB, is a certification body for persons, management systems, and products on a wide range of international standards. As a global provider of training, examination, audit, and certification services, we offer our expertise across multiple fields. We help organizations to show commitment and competence with internationally recognized standards by providing this assurance through the education, evaluation and certification against rigorous, internationally recognized competence requirements. With a global coverage across 150 countries worldwide, our mission is to provide our clients comprehensive services that inspire trust, continual improvement, demonstrate recognition, and benefit society as a whole.

PLEASE MAKE SURE TO VISIT OUR GRCme UNIVERSITY LOCATION ON THE WEB TO DOWNLOAD ANY OF OUR CURRICULA OR COURSE DESCRIPTIONS IN .PDF FORMAT.
THERE ARE NO MEMBER FEES TO ACCESS THIS FREE INFORMATION.
http://www.grcsphere.org/

Our Price: $2,795.00

SKU: 27002-Lead Mgr |

MASTERING THE FUNDAMENTAL PRINCIPLES, CONCEPTS AND IMPLEMENTATION OF THE BEST PRACTICES OF INFORMATION SECURITY CONTROLS WITHIN THE PROCESS OF IMPLEMENTING AN INFORMATION SECURITY MANAGEMENT SYSTEM (ISMS) BASED ON ISO/IEC 27002.

SUMMARY
This five day intensive course enables the participants to develop the expertise needed to support an organization in implementing and managing the information security controls of an Information Security Management System (ISMS) based on ISO/IEC 27001. Participants will also be given a thorough grounding in the best practices used to implement information security controls from all the areas of ISO/IEC 27002. This training is consistent with the project management practices established in ISO 10006 (Quality Management Systems - Guidelines for Quality Management in Projects). It is also fully compatible with ISO 27003 (Guidelines for the Implementation of an ISMS), ISO 27004 (Measurement of Information Security) and ISO/IEC 27005 (Risk Management in Information Security).

Who Should Attend?
▶Managers or consultants wanting to implement an Information Security Management System (ISMS)
▶▶Project managers or consultants wanting to master the Information Security Management System implementation process
▶▶Persons responsible for the information security or conformity in an organization
▶▶Members of information security teams
▶▶Expert advisors in information technology
▶▶Technical experts wanting to prepare for an Information Security Audit function
▶▶Persons responsible to develop their own information security management guidelines


Learning Objectives
▶To gain a comprehensive understanding of the concepts, approaches, standards, methods and techniques related to an ISMS and the required information security controls
▶▶To understand the initiation, implementation, maintenance and improvement of the ISMS within an organization
▶▶To acquire the necessary expertise to manage a team implementing ISO/IEC 27002
▶▶To develop the knowledge and skills required to advise organizations on best practices in the management of information security controls
▶▶To improve the capacity for analysis and decision making in the context of information security controls


Course Agenda

Day 1
- Introduction to Information Security controls and ISO/IEC 27002


▶▶Course objective and structure
▶▶Standard and regulatory framework
▶▶Fundamental Principles of Information Security
▶▶Information Security Management System
▶▶Information security policies
▶▶Organization of information security

Day 2
- Human resources, Asset Management and Access Control


▶▶Human resources security
▶▶Asset Management
▶▶Access Control

Day 3
- Operations and communications security as required by ISO/IEC 27001


▶▶Cryptography
▶▶Physical and Environmental Security
▶▶Operations Security
▶▶Communications security
▶▶Incident Management
▶▶Information Security Aspects of Business Continuity Management
▶▶Compliance
▶▶Golden Rules and Conclusion
▶▶Applying for certification and closing of the training
▶▶Certification Exam


Day 4
- Continuous improvement and preparation for certification


▶▶System acquisition, development and maintenance
▶▶Supplier Relationships
▶▶Information security Incident Management
▶▶Information security aspects of business continuity management
▶▶Compliance
▶▶Golden Rules and Conclusion
▶▶Lead Manager Certification Scheme
▶▶Closing the Training

Day 5 - Certification Exam


WHY CHOOSE GRCme University and PECB?

The GRC Sphere, working in conjunction with PECB, is a certification body for persons, management systems, and products on a wide range of international standards. As a global provider of training, examination, audit, and certification services, we offer our expertise across multiple fields. We help organizations to show commitment and competence with internationally recognized standards by providing this assurance through the education, evaluation and certification against rigorous, internationally recognized competence requirements. With a global coverage across 150 countries worldwide, our mission is to provide our clients comprehensive services that inspire trust, continual improvement, demonstrate recognition, and benefit society as a whole.

PLEASE MAKE SURE TO VISIT OUR GRCme UNIVERSITY LOCATION ON THE WEB TO DOWNLOAD ANY OF OUR CURRICULA OR COURSE DESCRIPTIONS IN .PDF FORMAT.
THERE ARE NO MEMBER FEES TO ACCESS THIS FREE INFORMATION.
http://www.grcsphere.org/

Our Price: $1,995.00

SKU: 27001-LA-V |
MASTERING THE AUDIT OF AN INFORMATION SECURITY MANAGEMENT SYSTEM (ISMS) BASED ON ISO/IEC 27001, IN COMPLIANCE WITH THE REQUIREMENTS OF ISO 19011 AND ISO/IEC 17021 (5 Day Course for Virtual Participants Only)

SUMMARY
This five-day intensive course enables the participants to develop the expertise needed to audit an Information Security Management System (ISMS) and to manage a team of auditors by applying widely recognized audit principles, procedures and techniques.

Learning Objectives
▶To acquire expertise of performing an ISO/IEC 27001 internal audit, following the ISO 19011 guidelines
▶▶To acquire expertise of performing an ISO 27001 certification audit, following the ISO 19011 guidelines and the specifications of ISO 17021 and ISO 27006
▶▶To acquire necessary expertise for managing an ISMS audit team
▶▶To understand the operation of an ISO/IEC 27001

Day 1 
- Introduction to Information Security Management System (ISMS) concepts as required by ISO/IEC 27001

▶▶ Normative, regulatory and legal framework related to Information Security
▶▶ Fundamental principles of Information Security
▶▶ The ISO/IEC 27001 certification process
▶▶ Detailed presentation of the clauses of ISO/IEC 27001

Day 2 
- Planning and initiating an ISO/IEC 27001 audit

▶▶Fundamental audit concepts and principles
▶▶Audit the approach based on evidence and on risk
▶▶Preparation of an ISO/IEC 27001 certification audit
▶▶Documenting of an ISMS audit

Day 3
- Conducting an ISO/IEC 27001 audit

▶▶Communication during the audit
▶▶Audit procedures: observation, document review, interview, sampling techniques, technical verification, corroboration and evaluation
▶▶Drafting test plans
▶▶Formulation of audit findings, drafting of nonconformity reports

Day 4
- Concluding and ensuring the follow-up of an ISO/IEC 27001 audit

▶▶Audit documentation
▶▶Conducting a closing meeting and conclusion of an ISO/IEC 27001 audit
▶▶Evaluation of corrective action plans
▶▶ISO/IEC 27001 surveillance audit and audit management program

Day 5 - Certification Exam


PECB Certified ISO/IEC 27001 Lead Auditor exam is available in different languages. The candidates who do not pass the exam will be able to retake it for free within 12 months from the initial exam date.

After successfully completing the exam, participants can apply for the credentials of PECB Certified ISO/IEC 27001 Lead Auditor.

▶▶ Certification fees are included in the exam price

▶▶ Participant manual contains more than 450 pages of information and practical examples

▶▶ A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued to the participants

WHY CHOOSE GRCme University and PECB?
The GRC Sphere, working in conjunction with PECB, is a certification body for persons, management systems, and products on a wide range of international standards. As a global provider of training, examination, audit, and certification services, we offer our expertise across multiple fields. We help organizations to show commitment and competence with internationally recognized standards by providing this assurance through the education, evaluation and certification against rigorous, internationally recognized competence requirements. With a global coverage across 150 countries worldwide, our mission is to provide our clients comprehensive services that inspire trust, continual improvement, demonstrate recognition, and benefit society as a whole.

PLEASE MAKE SURE TO VISIT OUR GRCme UNIVERSITY LOCATION ON THE WEB TO DOWNLOAD ANY OF OUR CURRICULA OR COURSE DESCRIPTIONS IN .PDF FORMAT. 
THERE ARE NO MEMBER FEES TO ACCESS THIS FREE INFORMATION.
 
http://www.grcsphere.org/ 

Our Price: $2,795.00

SKU: 27001-LA |
MASTERING THE AUDIT OF AN INFORMATION SECURITY MANAGEMENT SYSTEM (ISMS) BASED ON ISO/IEC 27001, IN COMPLIANCE WITH THE REQUIREMENTS OF ISO 19011 AND ISO/IEC 17021

SUMMARY
This five-day intensive course enables the participants to develop the expertise needed to audit an Information Security Management System (ISMS) and to manage a team of auditors by applying widely recognized audit principles, procedures and techniques.

Learning Objectives
▶To acquire expertise of performing an ISO/IEC 27001 internal audit, following the ISO 19011 guidelines
▶▶To acquire expertise of performing an ISO 27001 certification audit, following the ISO 19011 guidelines and the specifications of ISO 17021 and ISO 27006
▶▶To acquire necessary expertise for managing an ISMS audit team
▶▶To understand the operation of an ISO/IEC 27001

Day 1
- Introduction to Information Security Management System (ISMS) concepts as required by ISO/IEC 27001

▶▶ Normative, regulatory and legal framework related to Information Security
▶▶ Fundamental principles of Information Security
▶▶ The ISO/IEC 27001 certification process
▶▶ Detailed presentation of the clauses of ISO/IEC 27001

Day 2
- Planning and initiating an ISO/IEC 27001 audit

▶▶Fundamental audit concepts and principles
▶▶Audit the approach based on evidence and on risk
▶▶Preparation of an ISO/IEC 27001 certification audit
▶▶Documenting of an ISMS audit

Day 3 -
Conducting an ISO/IEC 27001 audit

▶▶Communication during the audit
▶▶Audit procedures: observation, document review, interview, sampling techniques, technical verification, corroboration and evaluation
▶▶Drafting test plans
▶▶Formulation of audit findings, drafting of nonconformity reports

Day 4 - Concluding and ensuring the follow-up of an ISO/IEC 27001 audit

▶▶Audit documentation
▶▶Conducting a closing meeting and conclusion of an ISO/IEC 27001 audit
▶▶Evaluation of corrective action plans
▶▶ISO/IEC 27001 surveillance audit and audit management program

Day 5 - Certification Exam

PECB Certified ISO/IEC 27001 Lead Auditor exam is available in different languages. The candidates who do not pass the exam will be able to retake it for free within 12 months from the initial exam date.

After successfully completing the exam, participants can apply for the credentials of PECB Certified ISO/IEC 27001 Lead Auditor.

▶▶ Certification fees are included in the exam price

▶▶ Participant manual contains more than 450 pages of information and practical examples

▶▶ A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued to the participants

WHY CHOOSE GRCme University and PECB?
The GRC Sphere, working in conjunction with PECB, is a certification body for persons, management systems, and products on a wide range of international standards. As a global provider of training, examination, audit, and certification services, we offer our expertise across multiple fields. We help organizations to show commitment and competence with internationally recognized standards by providing this assurance through the education, evaluation and certification against rigorous, internationally recognized competence requirements. With a global coverage across 150 countries worldwide, our mission is to provide our clients comprehensive services that inspire trust, continual improvement, demonstrate recognition, and benefit society as a whole.

PLEASE MAKE SURE TO VISIT OUR GRCme UNIVERSITY LOCATION ON THE WEB TO DOWNLOAD ANY OF OUR CURRICULA OR COURSE DESCRIPTIONS IN .PDF FORMAT. 
THERE ARE NO MEMBER FEES TO ACCESS THIS FREE INFORMATION.
 
http://www.grcsphere.org/ 

Our Price: $24.95

SKU: CI-600 |

GET THIS PRODUCT FOR FREE WHEN YOU REGISTER AS A LEVEL I MEMBER !!!

This document is a primer on the core foundational practices of requirements management and traceability and we infer (at a high level) how these practices support the Governance Risk Compliance (GRC) areas of application.


The Control Self-Assessment (CSA) consists of fourteen (14) basic questions which are not GRC oriented. The CSA then is followed by two key practice descriptions. One covers requirements management and traceability and the other provides an introduction to a GRC Sphere practice discipline known as the “business rule approach to GRC”. This practice treats all business rules as corporate assets, no matter what level of abstraction they may take. We also introduce the Business Rule Motivation Model and tie this into requirements management and traceability.


Our Price: $4.95

SKU: CI-100 |

GET THIS PRODUCT FOR FREE WHEN YOU REGISTER AS A LEVEL I MEMBER !!!

"Understanding the Basics of Analytical Model Crowdsourcing" is a quick read guide that provides a strong foundation for understanding the tenants of scalar measurement for those individuals who have no prior background with the subject. If you are not familiar with the measurement issues associated risk assessment, surveys or Control Self-Assessments (CSA's), then this is the primer that you need to read before any of our other crowdsourcing and benchmarking guides.

Our Price: $39.95

SKU: CI-500 |
GET THIS PRODUCT FOR FREE WHEN YOU REGISTER AS A LEVEL I MEMBER !!!

GRC Sphere's New Era GRC Program Control Self-Assessment (CSA) is now available! It's ideal for designing a cross-enterprise GRC program initiative that addresses human, business and technology integration. It is based on leading-edge approaches and methods that are designed to overcome the single largest risk for initiatives of this type; i.e. engaging a resistant workforce and mitigating the risks and challenges associated with human change. But that's not all. You will find a number of other strategies within the CSA for ensuring that your organization is moving towards a holistic approach for GRC which incorporates important new way's-of-thinking and way's-of-working.

The New Era GRC Program CSA encompasses 48 questions across 6 categories and you will be inspired to add your own set of CSA questions for tailoring it to your own circumstances. Note that many of the control categories are also useful for re-engineering existing GRC programs.

1. GRC Awareness and Understanding
2. GRC Costing
3. GRC Knowledge Management
4. GRC Program Goals

5. GRC Program Design
6. GRC Program Management

The digital download is a Zip file with a .pdf document file within it. 

The bottom line is that you will quickly see why this CSA is characterized as "new era". We address many of the common challenges that we run into with large-scale programs of this type. Plus, we want you to consider positioning your GRC program strategically, so that the investment can return significant shareholder value financially as well as operationally.