Security Policy Management Training Course

This instructor-led, live training in New Zealand (online or on-site) is designed for beginner-level professionals who wish to gain a clear understanding of ISO 27001 and its role in strengthening information security within an organisation.

By the end of this training, participants will be able to:

• Understand the purpose and benefits of an ISMS.
• Familiarise themselves with key ISO 27001 concepts, terms, and principles.
• Recognise the role of an auditor in ensuring compliance.
• Gain insight into the audit process and continual improvement within ISO 27001.

This instructor-led, live training in New Zealand (online or onsite) is aimed at intermediate-level IT auditors who wish to effectively incorporate AI tools in their audit practices.

By the end of this training, participants will be able to:

• Grasp the core concepts of artificial intelligence and how it is applied in the context of IT auditing.
• Utilise AI technologies such as machine learning, NLP, and RPA to improve audit efficiency, accuracy, and scope.
• Perform risk assessments using AI tools, enabling continuous monitoring and proactive risk management.
• Integrate AI into audit planning, execution, and reporting, enhancing the overall effectiveness of IT audits.

This instructor-led, live training in New Zealand (online or on-site) is tailored for advanced-level security analysts seeking to elevate their skills in leveraging advanced Micro Focus ArcSight ESM content to enhance an organisation's capability to detect, respond to, and mitigate cyber threats with greater precision and speed.

By the conclusion of this training, participants will be able to:

• Optimise the use of Micro Focus ArcSight ESM to strengthen monitoring and threat detection capabilities.
• Construct and manage advanced ArcSight variables to refine event streams for more precise analysis.
• Develop and implement ArcSight lists and rules for effective event correlation and alerting.
• Apply advanced correlation techniques to identify complex threat patterns and reduce false positives.

Description:

Basel III is a global regulatory standard governing bank capital adequacy, stress testing and market liquidity risk. Initially agreed upon by the Basel Committee on Banking Supervision in 2010–11, amendments to The Accord have extended implementation until 31 March 2019. Basel III strengthens bank capital requirements by increasing liquidity buffers and reducing leverage.
Unlike Basel I and II, Basel III mandates different reserve levels for various deposit types and borrowing arrangements; rather than replacing its predecessors, it operates alongside them.
Navigating this complex and ever-evolving landscape can be challenging. Our course and training programme are designed to help you manage anticipated changes and their impact on your institution. As an accredited training partner of the Basel Certification Institute, we guarantee that our training materials and delivery are current, effective and of the highest quality.

Objectives:

• Prepare candidates for the Certified Basel Professional Examination.
• Define practical strategies and techniques for the definition, measurement, analysis, improvement and control of operational risk within a banking organisation.

Target Audience:

• Board members with risk responsibilities
• CROs and Heads of Risk Management
• Members of the Risk Management team
• Compliance, legal and IT support staff
• Equity and Credit Analysts
• Portfolio Managers
• Rating Agency Analysts

Overview:

• Introduction to Basel norms and amendments to the Basel Accord (III)
• Regulations covering market, credit, counterparty and liquidity risk
• Stress testing for various risk measures, including guidance on formulating and delivering stress tests
• The likely effects of Basel III on the international banking industry, including demonstrations of practical application
• Need for the new Basel norms
• The Basel III norms
• Objectives of the Basel III norms
• Basel III – Timeline

This instructor-led, live training in New Zealand (online or on-site) is designed for security managers who wish to develop basic to intermediate-level CCTV security surveillance and management skills.

By the end of this training, participants will be able to:

• Understand the various types of CCTV systems and recognise their benefits and key features.
• Grasp the cabling requirements and setup considerations for CCTV systems.
• Install, configure, and effectively manage CCTV systems.

This instructor-led, live training in New Zealand (delivered either online or on-site) is designed for advanced-level professionals seeking a comprehensive understanding of fraud examination concepts and preparation for the Certified Fraud Examiner (CFE) exam.

By the end of this training, participants will be able to:

• Develop a thorough understanding of fraud examination principles and the fraud examination process.
• Learn to identify, investigate, and prevent a range of financial fraud schemes.
• Understand the legal framework surrounding fraud, including the legal elements of fraud, relevant legislation, and regulations.
• Acquire practical skills in conducting fraud investigations, including evidence collection, interview techniques, and data analysis.
• Learn how to design and implement effective fraud prevention and deterrence programmes within organisations.
• Build the confidence and knowledge required to successfully pass the Certified Fraud Examiner (CFE) exam.

Description:

This four-day event (CGEIT training) is the ultimate preparation for the exam and is designed to ensure you pass the challenging CGEIT exam on your first attempt.
The CGEIT qualification is an internationally recognised symbol of excellence in IT governance, awarded by ISACA. It is intended for professionals responsible for managing IT governance or who hold significant advisory or assurance responsibilities in this area.
Attaining CGEIT status will broaden your recognition in the marketplace and enhance your influence at the executive level.

Objectives:

This seminar has been designed to prepare delegates for the CGEIT examination by enabling them to build upon their existing knowledge and understanding, thereby better equipping them to pass the exam as defined by ISACA.

Target Audience:

Our training course is aimed at IT and business professionals with substantial IT governance experience who are preparing to sit the CGEIT exam.

This instructor-led, live training in New Zealand (available online or on-site) is designed for payment services compliance professionals who aim to establish, implement, and enforce a robust compliance program within their organisation.

By the end of this training, participants will be able to:

• Understand the regulations established by government authorities for payment service providers.
• Develop the internal policies and procedures required to meet government regulatory requirements.
• Implement a compliance programme that aligns with relevant laws.
• Ensure all corporate processes and procedures adhere to the compliance programme.
• Protect the business's reputation while safeguarding it against legal action.

This instructor-led, live training in New Zealand (online or on-site) is designed for intermediate-level cybersecurity professionals seeking to deepen their understanding of GRC frameworks and apply them to secure, compliant business operations.

By the end of this training, participants will be able to:

• Understand the key components of cybersecurity governance, risk, and compliance.
• Conduct risk assessments and develop effective risk mitigation strategies.
• Implement compliance measures and manage regulatory requirements.
• Develop and enforce security policies and procedures.

This course offers an expert-level introduction to the newly enacted Accessibility Law, equipping developers with the practical skills needed to design, develop, and maintain fully accessible applications. Beginning with a contextual discussion on the law's significance and implications, the course swiftly transitions into hands-on coding practices, tools, and testing techniques to ensure compliance and inclusivity for users with disabilities.

Course goal:

To ensure individuals have a solid understanding of GRC processes and capabilities, along with the skills needed to integrate governance, performance management, risk management, internal control, and compliance activities.

Overview:

• Basic GRC terms and definitions
• GRC principles
• Core components, practices and activities
• How GRC relates to other disciplines

This instructor-led, live training in New Zealand (online or onsite) is designed for developers and administrators aiming to develop software and products that comply with HiTrust standards.

Upon completion of this training, participants will be able to:

• Grasp the core concepts of the HiTrust CSF (Common Security Framework).
• Identify the administrative and security control domains within the HITRUST CSF.
• Explore the various types of HiTrust assessments and scoring methods.
• Understand the certification process and requirements for achieving HiTrust compliance.
• Apply best practices and tips for adopting the HiTrust approach.

Audience

This course is designed for all staff who need a practical grasp of Compliance and effective Risk Management.

Course Format

Training is delivered through a blended approach that includes:

• Facilitated discussions
• Slide-based presentations
• Case studies
• Real-world examples

Course Objectives

By the end of the course, participants will be able to:

Develop a solid understanding of the key aspects of Compliance, as well as national and international initiatives aimed at managing associated risks.

Explain how organisations and their teams can establish an effective Compliance Risk Management Framework.

Describe the responsibilities of the Compliance Officer and the Money Laundering Reporting Officer, and understand how these roles integrate within a business structure.

Identify critical risk areas in Financial Crime, particularly in the context of international operations, offshore centres, and high-net-worth clients.

Open Source Software (OSS) Management is the practice of overseeing the lifecycle of open-source components within an organisation, ensuring their secure, compliant and efficient use.

This instructor-led, live training (delivered online or on-site) is designed for intermediate-level IT professionals who wish to implement best practices for managing open-source software in enterprise and government environments.

By the end of this training, participants will be able to:

• Establish effective OSS policies and governance frameworks.
• Use SBOM and SCA tools to identify, track and manage open-source dependencies.
• Mitigate risks associated with licensing and security vulnerabilities.
• Streamline OSS adoption while maximising innovation and cost savings.

Format of the Course

• Interactive lecture and discussion.
• Case studies and scenario-based exercises.
• Hands-on demonstrations with OSS management tools.

Course Customisation Options

• This course can be tailored to specific organisational OSS policies and toolchains. Please contact us to arrange.

This instructor-led, live Payment Card Industry Professional training in New Zealand (online or on-site) provides an individual qualification for industry practitioners who wish to demonstrate their professional expertise and understanding of the Payment Card Industry Data Security Standard (PCI DSS).

By the end of this training, participants will be able to:

• Understand the payment process and the PCI standards designed to safeguard it.
• Grasp the roles and responsibilities of entities involved in the payments industry.
• Gain deep insight into, and a thorough understanding of, the 12 PCI DSS requirements.
• Demonstrate knowledge of PCI DSS and how it applies to organisations involved in the transaction process.