HiTrust Common Security Framework Compliance Training Course

Description:

Basel III is a global regulatory standard governing bank capital adequacy, stress testing and market liquidity risk. Initially agreed upon by the Basel Committee on Banking Supervision in 2010–11, amendments to The Accord have extended implementation until 31 March 2019. Basel III strengthens bank capital requirements by increasing liquidity buffers and reducing leverage.
Unlike Basel I and II, Basel III mandates different reserve levels for various deposit types and borrowing arrangements; rather than replacing its predecessors, it operates alongside them.
Navigating this complex and ever-evolving landscape can be challenging. Our course and training programme are designed to help you manage anticipated changes and their impact on your institution. As an accredited training partner of the Basel Certification Institute, we guarantee that our training materials and delivery are current, effective and of the highest quality.

Objectives:

• Prepare candidates for the Certified Basel Professional Examination.
• Define practical strategies and techniques for the definition, measurement, analysis, improvement and control of operational risk within a banking organisation.

Target Audience:

• Board members with risk responsibilities
• CROs and Heads of Risk Management
• Members of the Risk Management team
• Compliance, legal and IT support staff
• Equity and Credit Analysts
• Portfolio Managers
• Rating Agency Analysts

Overview:

• Introduction to Basel norms and amendments to the Basel Accord (III)
• Regulations covering market, credit, counterparty and liquidity risk
• Stress testing for various risk measures, including guidance on formulating and delivering stress tests
• The likely effects of Basel III on the international banking industry, including demonstrations of practical application
• Need for the new Basel norms
• The Basel III norms
• Objectives of the Basel III norms
• Basel III – Timeline

This instructor-led, live training in New Zealand (delivered either online or on-site) is designed for advanced-level professionals seeking a comprehensive understanding of fraud examination concepts and preparation for the Certified Fraud Examiner (CFE) exam.

By the end of this training, participants will be able to:

• Develop a thorough understanding of fraud examination principles and the fraud examination process.
• Learn to identify, investigate, and prevent a range of financial fraud schemes.
• Understand the legal framework surrounding fraud, including the legal elements of fraud, relevant legislation, and regulations.
• Acquire practical skills in conducting fraud investigations, including evidence collection, interview techniques, and data analysis.
• Learn how to design and implement effective fraud prevention and deterrence programmes within organisations.
• Build the confidence and knowledge required to successfully pass the Certified Fraud Examiner (CFE) exam.

Description:

This four-day event (CGEIT training) is the ultimate preparation for the exam and is designed to ensure you pass the challenging CGEIT exam on your first attempt.
The CGEIT qualification is an internationally recognised symbol of excellence in IT governance, awarded by ISACA. It is intended for professionals responsible for managing IT governance or who hold significant advisory or assurance responsibilities in this area.
Attaining CGEIT status will broaden your recognition in the marketplace and enhance your influence at the executive level.

Objectives:

This seminar has been designed to prepare delegates for the CGEIT examination by enabling them to build upon their existing knowledge and understanding, thereby better equipping them to pass the exam as defined by ISACA.

Target Audience:

Our training course is aimed at IT and business professionals with substantial IT governance experience who are preparing to sit the CGEIT exam.

This instructor-led, live training in New Zealand (available online or on-site) is designed for beginner to intermediate-level system administrators and security professionals who want to learn how to implement Cloudflare for content delivery and cloud security, as well as how to mitigate DDoS attacks.

By the end of this training, participants will be able to:

• Configure Cloudflare for their websites.
• Set up DNS records and SSL certificates.
• Implement Cloudflare for content delivery and caching.
• Protect their websites from DDoS attacks.
• Implement firewall rules to restrict traffic to their websites.

This instructor-led, live training in New Zealand (available online or on-site) is designed for payment services compliance professionals who aim to establish, implement, and enforce a robust compliance program within their organisation.

By the end of this training, participants will be able to:

• Understand the regulations established by government authorities for payment service providers.
• Develop the internal policies and procedures required to meet government regulatory requirements.
• Implement a compliance programme that aligns with relevant laws.
• Ensure all corporate processes and procedures adhere to the compliance programme.
• Protect the business's reputation while safeguarding it against legal action.

This instructor-led, live training in New Zealand (online or on-site) is designed for intermediate-level cybersecurity professionals seeking to deepen their understanding of GRC frameworks and apply them to secure, compliant business operations.

By the end of this training, participants will be able to:

• Understand the key components of cybersecurity governance, risk, and compliance.
• Conduct risk assessments and develop effective risk mitigation strategies.
• Implement compliance measures and manage regulatory requirements.
• Develop and enforce security policies and procedures.

This instructor-led, live training in New Zealand (online or onsite) is designed for supply chain professionals seeking to establish robust control and oversight of their supply chain, particularly in relation to cybersecurity.

By the conclusion of this training, participants will be able to:

• Identify security oversights that could cause significant damage and disruption to a supply chain.
• Break down complex security challenges into manageable and actionable components.
• Address common supply chain vulnerabilities by analysing high-risk areas and engaging effectively with stakeholders.
• Adopt best practices for securing a supply chain.
• Significantly reduce or eliminate the most critical risks to an organisation's supply chain.

This instructor-led, live training in New Zealand (online or on-site) is designed for intermediate to advanced-level IT professionals and business leaders who wish to develop a structured approach to handling data breaches.

By the end of this training, participants will be able to:

• Understand the causes and consequences of data breaches.
• Develop and implement data breach prevention strategies.
• Establish an incident response plan to contain and mitigate breaches.
• Conduct forensic investigations and assess the impact of breaches.
• Comply with legal and regulatory requirements for breach notification.
• Recover from data breaches and strengthen security postures.

This course offers an expert-level introduction to the newly enacted Accessibility Law, equipping developers with the practical skills needed to design, develop, and maintain fully accessible applications. Beginning with a contextual discussion on the law's significance and implications, the course swiftly transitions into hands-on coding practices, tools, and testing techniques to ensure compliance and inclusivity for users with disabilities.

Course goal:

To ensure individuals have a solid understanding of GRC processes and capabilities, along with the skills needed to integrate governance, performance management, risk management, internal control, and compliance activities.

Overview:

• Basic GRC terms and definitions
• GRC principles
• Core components, practices and activities
• How GRC relates to other disciplines

Audience

This course is designed for all staff who need a practical grasp of Compliance and effective Risk Management.

Course Format

Training is delivered through a blended approach that includes:

• Facilitated discussions
• Slide-based presentations
• Case studies
• Real-world examples

Course Objectives

By the end of the course, participants will be able to:

Develop a solid understanding of the key aspects of Compliance, as well as national and international initiatives aimed at managing associated risks.

Explain how organisations and their teams can establish an effective Compliance Risk Management Framework.

Describe the responsibilities of the Compliance Officer and the Money Laundering Reporting Officer, and understand how these roles integrate within a business structure.

Identify critical risk areas in Financial Crime, particularly in the context of international operations, offshore centres, and high-net-worth clients.

Open Source Software (OSS) Management is the practice of overseeing the lifecycle of open-source components within an organisation, ensuring their secure, compliant and efficient use.

This instructor-led, live training (delivered online or on-site) is designed for intermediate-level IT professionals who wish to implement best practices for managing open-source software in enterprise and government environments.

By the end of this training, participants will be able to:

• Establish effective OSS policies and governance frameworks.
• Use SBOM and SCA tools to identify, track and manage open-source dependencies.
• Mitigate risks associated with licensing and security vulnerabilities.
• Streamline OSS adoption while maximising innovation and cost savings.

Format of the Course

• Interactive lecture and discussion.
• Case studies and scenario-based exercises.
• Hands-on demonstrations with OSS management tools.

Course Customisation Options

• This course can be tailored to specific organisational OSS policies and toolchains. Please contact us to arrange.

Description:

This is a 'Practitioner' course, heavily reliant on practical exercises designed to reinforce the concepts being taught and to build delegates' confidence in implementing business continuity management. The course also encourages debate and the sharing of knowledge and experience among participants.
Delegates will benefit from the practical and extensive experience of our trainers, who are active practitioners in business continuity management and specialists in ISO 22301:2019.

Delegates will learn how to:

• Explain the need for business continuity management (BCM) across all organisations
• Define the business continuity lifecycle
• Conduct business continuity programme management
• Understand their organisation well enough to identify mission-critical impact areas
• Determine their organisation's business continuity strategy
• Establish a business continuity response
• Exercise, maintain and review plans
• Embed business continuity within an organisation
• Define terms and definitions appropriate to business continuity

By the end of the course, delegates will have a detailed understanding of all key components of business continuity management and be able to return to their workplaces, making a significant contribution to the business continuity management process.

This instructor-led, live Payment Card Industry Professional training in New Zealand (online or on-site) provides an individual qualification for industry practitioners who wish to demonstrate their professional expertise and understanding of the Payment Card Industry Data Security Standard (PCI DSS).

By the end of this training, participants will be able to:

• Understand the payment process and the PCI standards designed to safeguard it.
• Grasp the roles and responsibilities of entities involved in the payments industry.
• Gain deep insight into, and a thorough understanding of, the 12 PCI DSS requirements.
• Demonstrate knowledge of PCI DSS and how it applies to organisations involved in the transaction process.

This instructor-led, live training in New Zealand (online or on-site) is designed for developers who want to integrate Snyk into their development workflows to identify and fix security issues in their code.

By the end of this training, participants will be able to:

• Understand the features and structure of Snyk.
• Use Snyk to detect and resolve code security vulnerabilities.
• Integrate Snyk into the software development lifecycle.