38 Certified Information Security Manager (CISM) courses delivered Live Online

Duration 3 Days 18 CPD hours This course is intended for The intended audience for this course is information security and IT professionals, such as network administrators and engineers, IT managers, and IT auditors, and other individuals who want to learn more about information security, who are interested in learning in-depth information about information security management, who are looking for career advancement in IT security, or who are interested in earning the CISM certification. Overview Establish and maintain a framework to provide assurance that information security strategies are aligned with business objectives and consistent with applicable laws and regulations. Identify and manage information security risks to achieve business objectives. Create a program to implement the information security strategy. Implement an information security program. Oversee and direct information security activities to execute the information security program. Plan, develop, and manage capabilities to detect, respond to, and recover from information security incidents. In this course, students will establish processes to ensure that information security measures align with established business needs. Prerequisites Information security governance Information risk management Information security program development Information security program management Incident management and response 1 - INFORMATION SECURITY GOVERNANCE * Develop an Information Security Strategy * Align Information Security Strategy with Corporate Governance * Identify Legal and Regulatory Requirements * Justify Investment in Information Security * Identify Drivers Affecting the Organization * Obtain Senior Management Commitment to Information Security * Define Roles and Responsibilities for Information Security * Establish Reporting and Communication Channels 2 - INFORMATION RISK MANAGEMENT * Implement an Information Risk Assessment Process * Determine Information Asset Classification and Ownership * Conduct Ongoing Threat and Vulnerability Evaluations * Conduct Periodic BIAs * Identify and Evaluate Risk Mitigation Strategies * Integrate Risk Management into Business Life Cycle Processes * Report Changes in Information Risk 3 - INFORMATION SECURITY PROGRAM DEVELOPMENT * Develop Plans to Implement an Information Security Strategy * Security Technologies and Controls * Specify Information Security Program Activities * Coordinate Information Security Programs with Business Assurance Functions * Identify Resources Needed for Information Security Program Implementation * Develop Information Security Architectures * Develop Information Security Policies * Develop Information Security Awareness, Training, and Education Programs * Develop Supporting Documentation for Information Security Policies 4 - INFORMATION SECURITY PROGRAM IMPLEMENTATION * Integrate Information Security Requirements into Organizational Processes * Integrate Information Security Controls into Contracts * Create Information Security Program Evaluation Metrics 5 - INFORMATION SECURITY PROGRAM MANAGEMENT * Manage Information Security Program Resources * Enforce Policy and Standards Compliance * Enforce Contractual Information Security Controls * Enforce Information Security During Systems Development * Maintain Information Security Within an Organization * Provide Information Security Advice and Guidance * Provide Information Security Awareness and Training * Analyze the Effectiveness of Information Security Controls * Resolve Noncompliance Issues 6 - INCIDENT MANAGEMENT AND RESPONSE * Develop an Information Security Incident Response Plan * Establish an Escalation Process * Develop a Communication Process * Integrate an IRP * Develop IRTs * Test an IRP * Manage Responses to Information Security Incidents * Perform an Information Security Incident Investigation * Conduct Post-Incident Reviews

Duration 3 Days 18 CPD hours This course is intended for This course is ideal for Professionals preparing to become CRISC certified. Risk practitioners Students or recent graduates Overview At course completions, students will understand the essential concepts in the 4 ISACA CRISC domains: Governance IT Risk Assessment Risk Response and Reporting Information Technology and Security This 3 Day CRISC course is geared towards preparing students to pass the ISACA Certified in Risk and Information Systems Control examination. The course covers all four of the CRISC domains, and each section corresponds directly to the CRISC job practice. CRISC validates your experience in building a well-defined, agile risk-management program, based on best practices to identify, analyze, evaluate, assess, prioritize and respond to risks. This enhances benefits realization and delivers optimal value to stakeholders. GOVERNANCE - A. ORGANIZATIONAL GOVERNANCE * Organizational Strategy, Goals, and Objectives * Organizational Structure, Roles, and Responsibilities * Organizational Culture * Policies and Standards * Business Processes * Organizational Assets GOVERNANCE - B. RISK GOVERNANCE * Enterprise Risk Management and Risk Management Framework * Three Lines of Defense * Risk Profile * Risk Appetite and Risk Tolerance * Legal, Regulatory, and Contractual Requirements * Professional Ethics of Risk Management IT RISK ASSESSMENT - A. IT RISK IDENTIFICATION * Risk Events (e.g., contributing conditions, loss result) * Threat Modelling and Threat Landscape * Vulnerability and Control Deficiency Analysis (e.g., root cause analysis) * Risk Scenario Development IT RISK ASSESSMENT - B. IT RISK ANALYSIS AND EVALUATION * Risk Assessment Concepts, Standards, and Frameworks * Risk Register * Risk Analysis Methodologies * Business Impact Analysis * Inherent and Residual Risk RISK RESPONSE AND REPORTING - A. RISK RESPONSE * Risk Treatment / Risk Response Options * Risk and Control Ownership * Third-Party Risk Management * Issue, Finding, and Exception Management * Management of Emerging Risk RISK RESPONSE AND REPORTING - B. CONTROL DESIGN AND IMPLEMENTATION * Control Types, Standards, and Frameworks * Control Design, Selection, and Analysis * Control Implementation * Control Testing and Effectiveness Evaluation RISK RESPONSE AND REPORTING - C. RISK MONITORING AND REPORTING * Risk Treatment Plans * Data Collection, Aggregation, Analysis, and Validation * Risk and Control Monitoring Techniques * Risk and Control Reporting Techniques (heatmap, scorecards, dashboards) * Key Performance Indicators * Key Risk Indicators (KRIs) * Key Control Indicators (KCIs) INFORMATION TECHNOLOGY AND SECURITY - A. INFORMATION TECHNOLOGY PRINCIPLES * Enterprise Architecture * IT Operations Management (e.g., change management, IT assets, problems, incidents) * Project Management * Disaster Recovery Management (DRM) * Data Lifecycle Management * System Development Life Cycle (SDLC) * Emerging Technologies INFORMATION TECHNOLOGY AND SECURITY - B. INFORMATION SECURITY PRINCIPLES * Information Security Concepts, Frameworks, and Standards * Information Security Awareness Training * Business Continuity Management * Data Privacy and Data Protection Principles

Duration 5 Days 30 CPD hours This course is intended for This course is intended for experienced IT security-related practitioners, auditors, consultants, investigators, or instructors, including network or security analysts and engineers, network administrators, information security specialists, and risk management professionals, who are pursuing CISSP training and certification to acquire the credibility and mobility to advance within their current computer security careers or to migrate to a related career. Through the study of all eight CISSP Common Body of Knowledge (CBK) domains, students will validate their knowledge by meeting the necessary preparation requirements to qualify to sit for the CISSP certification exam. Additional CISSP certification requirements include a minimum of five years of direct professional work experience in two or more fields related to the eight CBK security domains, or a college degree and four years of experience. Overview #NAME? In this course, students will expand upon their knowledge by addressing the essential elements of the 8 domains that comprise a Common Body of Knowledge (CBK)© for information systems security professionals. Prerequisites * CompTIA Network+ Certification 1 - SECURITY AND RISK MANAGEMENT * Security Governance Principles * Compliance * Professional Ethics * Security Documentation * Risk Management * Threat Modeling * Business Continuity Plan Fundamentals * Acquisition Strategy and Practice * Personnel Security Policies * Security Awareness and Training 2 - ASSET SECURITY * Asset Classification * Privacy Protection * Asset Retention * Data Security Controls * Secure Data Handling 3 - SECURITY ENGINEERING * Security in the Engineering Lifecycle * System Component Security * Security Models * Controls and Countermeasures in Enterprise Security * Information System Security Capabilities * Design and Architecture Vulnerability Mitigation * Vulnerability Mitigation in Embedded, Mobile, and Web-Based Systems * Cryptography Concepts * Cryptography Techniques * Site and Facility Design for Physical Security * Physical Security Implementation in Sites and Facilities 4 - INFORMATION SECURITY MANAGEMENT GOALS * Organizational Security * The Application of Security Concepts 5 - INFORMATION SECURITY CLASSIFICATION AND PROGRAM DEVELOPMENT * Information Classification * Security Program Development 6 - RISK MANAGEMENT AND ETHICS * Risk Management * Ethics 7 - SOFTWARE DEVELOPMENT SECURITY * Software Configuration Management * Software Controls * Database System Security 8 - CRYPTOGRAPHY * Ciphers and Cryptography * Symmetric-Key Cryptography * Asymmetric-Key Cryptography * Hashing and Message Digests * Email, Internet, and Wireless Security * Cryptographic Weaknesses 9 - PHYSICAL SECURITY * Physical Access Control * Physical Access Monitoring * Physical Security Methods * Facilities Security

Duration 4 Days 24 CPD hours This course is intended for This course is designed for the aspiring or sitting upper-level manager striving to advance his or her career by learning to apply their existing deep technical knowledge to business problems. In this course, students will learn in-depth content in each of the 5 CCISO Domains DOMAIN 01 - GOVERNANCE * Define, Implement, Manage, and Maintain an Information Security Governance Program * Information Security Drivers * Establishing an information security management structure * Laws/Regulations/Standards as drivers of Organizational Policy/Standards/Procedures * Managing an enterprise information security compliance program * Risk Management * Risk mitigation, risk treatment, and acceptable risk * Risk management frameworks * NIST * Other Frameworks and Guidance (ISO 31000, TARA, OCTAVE, FAIR, COBIT, and ITIL) * Risk management plan implementation * Ongoing third-party risk management * Risk management policies and processes * Conclusion DOMAIN 2 - SECURITY RISK MANAGEMENT, CONTROLS, & AUDIT MANAGEMENT * INFORMATION SECURITY CONTROLS * COMPLIANCE MANAGEMENT * GUIDELINES, GOOD AND BEST PRACTICES * AUDIT MANAGEMENT * SUMMARY DOMAIN 03 - SECURITY PROGRAM MANAGEMENT AND OPERATIONS * PROGRAM MANAGEMENT * OPERATIONS MANAGEMENT * Summary DOMAIN 04 - INFORMATION SECURITY CORE CONCEPTS * ACCESS CONTROL * PHYSICAL SECURITY * NETWORK SECURITY * ENDPOINT PROTECTION * APPLICATION SECURITY * ENCRYPTION TECHNOLOGIES * VIRTUALIZATION SECURITY * CLOUD COMPUTING SECURITY * TRANSFORMATIVE TECHNOLOGIES * Summary DOMAIN 05 - STRATEGIC PLANNING, FINANCE, PROCUREMENT AND VENDOR MANAGEMENT * STRATEGIC PLANNING * Designing, Developing, and Maintaining an Enterprise Information Security Program * Understanding the Enterprise Architecture (EA) * FINANCE * PROCUREMENT * VENDOR MANAGEMENT * Summary

Duration 5 Days 30 CPD hours This course is intended for The intended audience for this course is information systems security professionals, internal review auditors, and other individuals who have an interest in aspects of information systems audit, controls, and security. Overview Upon successful completion of this course, students will be able to: - implement information systems audit services in accordance with information systems audit standards, guidelines, and best practices. - evaluate an organizations structure, policies, accountability, mechanisms, and monitoring practices. - evaluate information systems acquisition, development, and implementation. - evaluate the information systems operations, maintenance, and support of an organization; and evaluate the business continuity and disaster recovery processes used to provide assurance that in the event of a disruption, IT services are maintained. - define the protection policies used to promote the confidentiality, integrity, and availability of information assets. In this course, students will evaluate organizational policies, procedures, and processes to ensure that an organizations information systems align with its overall business goals and objectives. 1 - THE PROCESS OF AUDITING INFORMATION SYSTEMS * ISACA Information Systems Auditing Standards and Guidelines * Fundamental Business Processes * Develop and Implement an Information Systems Audit Strategy * Plan an Audit * Conduct an Audit * The Evidence Life Cycle * Communicate Issues, Risks, and Audit Results * Support the Implementation of Risk Management and Control Practices 2 - IT GOVERNANCE AND MANAGEMENT * Evaluate the Effectiveness of IT Governance * Evaluate the IT Organizational Structure and HR Management * Evaluate the IT Strategy and Direction * Evaluate IT Policies, Standards, and Procedures * Evaluate the Effectiveness of Quality Management Systems * Evaluate IT Management and Monitoring of Controls * IT Resource Investment, Use, and Allocation Practices * Evaluate IT Contracting Strategies and Policies * Evaluate Risk Management Practices * Performance Monitoring and Assurance Practices * Evaluate the Organizations Business Continuity Plan 3 - INFORMATION SYSTEMS ACQUISITION, DEVELOPMENT, AND IMPLEMENTATION * Evaluate the Business Case for Change * Evaluate Project Management Frameworks and Governance Practices * Development Life Cycle Management * Perform Periodic Project Reviews * Evaluate Control Mechanisms for Systems * Evaluate Development and Testing Processes * Evaluate Implementation Readiness * Evaluate a System Migration * Perform a Post-Implementation System Review 4 - INFORMATION SYSTEMS OPERATIONS, MAINTENANCE, AND SUPPORT * Perform Periodic System Reviews * Evaluate Service Level Management Practices * Evaluate Third-Party Management Practices * Evaluate Operations and End User Management Practices * Evaluate the Maintenance Process * Evaluate Data Administration Practices * Evaluate the Use of Capacity and Performance Monitoring Methods * Evaluate Change, Configuration, and Release Management Practices * Evaluate Problem and Incident Management Practices * Evaluate the Adequacy of Backup and Restore Provisions 5 - PROTECTION OF INFORMATION ASSETS * Information Security Design * Encryption Basics * Evaluate the Functionality of the IT Infrastructure * Evaluate Network Infrastructure Security * Evaluate the Design, Implementation, and Monitoring of Logical Access Controls * Risks and Controls of Virtualization * Evaluate the Design, Implementation, and Monitoring of Data Classification Process * Evaluate the Design, Implementation, and Monitoring of Physical Access Controls * Evaluate the Design, Implementation, and Monitoring of Environmental Controls

Duration 3 Days 18 CPD hours This course is intended for The ITMLE Certification class is ideal for seasoned IT Managers and IT Directors (Managers of Managers). Overview Developed by an experienced CIO, and then vetted by a board of senior industry executives, ITMLE certifies that those who successfully complete the ITMLE Final Exam bring credible and validated industry knowledge to the organizations they serve appropriate to a senior-level IT executive. This three-day, fast-moving and highly interactive workshop contains topics specifically designed to prepare mid-level IT executives in large IT shops for higher levels of management responsibility and provide CIOs of smaller IT shops (about 40 people or less) with additional tools to help maximize their business impact. KNOWLEDGE, ROLES, METHODOLOGY, AND CHANGE * Thinking Like a CIO * IT?s (and Your) Four Roles in the Organization * Living in a Waterfall, Agile, Wagile World * IT as an Agent of Change PROCESS, PRODUCTIVITY, AND GOVERNANCE * IT Strategic Planning and Thinking * IT and Organizational Productivity * IT and Data Governance INNOVATION, STAFF GROWTH, AND NEGOTIATION * Fostering IT Innovation * Coaching, Mentoring, and Team Development * IT Project and Vendor Negotiating

  The IAPP offers the most encompassing, up-to-date and sought-after global training and certification program for privacy and data protection. The Certified Information Privacy Professional (CIPP) helps organizations around the world bolster compliance and risk mitigation practices, and arms practitioners with the insight needed to add more value to their businesses. Skilled privacy pros are in high demand and IAPP certification is what employers want. When you earn an IAPP credential, you earn the right to be recognized as part of an elite group of knowledgeable, capable and dedicated privacy professionals. With the GDPR effective as of May 2018, among its mandates was the requirement to appoint knowledgeable DPOs (data protection officers) tasked with monitoring compliance, managing internal data protection activities, training data processing staff, conducting internal audits and more. There's a lot to know, there's a lot at stake and there's a lot of opportunity for privacy professionals with the right training and education. Achieving a CIPP/E credential shows you have the comprehensive GDPR knowledge, perspective and understanding to ensure compliance and data protection success in Europe-and to take advantage of the career opportunity this sweeping legislation represents. ABOUT THIS COURSE   Delivered in a Modular format, the course includes; * Module 1: Data Protection Laws Introduces key European data protection laws and regulatory bodies, describing the evolution toward a Harmonised European Legislative Framework. * Module 2: Personal Data Defines and differentiates between types of data-including personal, anonymous, pseudo-anonymous and special categories. * Module 3: Controllers and Processors Describes the roles and relationships of controllers and processors. * Module 4: Processing Personal Data Defines data processing and GDPR processing principles, Explains the application of the GDPR and outlines the legitimate bases for processing personal data. * Module 5: Information provision Explains controller obligations for providing information about data processing activities to data subjects and Supervisory Authorities. * Module 6: Data Subjects 'Rights Describes data subjects' rights, applications of rights and obligations controller and processor. * Module 7: Security or Processing Discusses considerations and duties of controllers and processors for Ensuring security of personal data and providing notification of data breaches. * Module 8: Accountability Investigates accountability requirements, data protection management systems, data protection impact assessments, privacy policies and the role of the data protection officer. * Module 9: International Data Transfers Outlines options and obligations for transferring data outside the European Economic Area, Decisions adequacy and appropriateness safeguards and derogations. * Module 10: Supervision and Enforcement Describes the role, powers and procedures or Supervisory Authorities; the composition and tasks of the European Data Protection Board; the role of the European Data Protection Supervisor; and remedies, liabilities and penalties for non-compliance. * Module 11: Compliance Discusses the applications of European data protection law, legal bases and compliance requirements for processing personal data in practice, employers-including processing employee data, surveillance, direct marketing, Internet technology and communications and outsourcing. PREREQUISITES   There are no prerequisites for this course but candidates would benefit from reading the freely available materials found on the IAPP website. WHAT'S INCLUDED?   1 years membership of the IAPP  Breakfast, Lunch and refreshments (Classroom courses only) Official Study Guide (European Data Protection, Law & Practice)* Participant Guide* Official Exam Q&A* Official Practice Exam Official Practice Exam* The Exam Fees * In electronic format for Live Online and hard copy for Classroom delegates     WHO SHOULD ATTEND?   The CIPP/E is ideal for IT and information security leaders responsible for applying best practices to cloud security architecture, design, operations and service orchestration, including those in the following positions: Cybersecurity Analysts Data Analysts Security Administrators Aspiring Data Protection Officers ACCREDITATION OUR GUARANTEE   * We are an approved IAPP Training Partner. * You can learn wherever and whenever you want with our robust classroom and interactive online training courses. * Our courses are taught by qualified practitioners with a minimum of 25 years commercial experience. * We strive to give our delegates the hands-on experience. * Our courses are all-inclusive with no hidden extras.  The one-off cost covers the training, all course materials, and exam voucher. * Our aim: To achieve a 100% first time pass rate on all our instructor-led courses. * Our Promise: Pass first time or 'train' again for FREE. *FREE training offered for retakes - come back within a year and only pay for the exam.

Our unique 5 day workshop prepares you for a first time pass of your CISSP exam. Covering each of the famous 8 CBK's, cram the theory before testing your knowledge during exam simulations. Led by a multi-award winning InfoSec consultant, this workshop delivers everything you need to pass,

  European Data Protection   Principles of Data Protection in Europe covers the essential pan-European and national data protection laws, as well as industry-standard best practices for corporate compliance with these laws. Those taking this course will gain an understanding of the European model for privacy enforcement, key privacy terminology and practical concepts concerning the protection of personal data and trans-border data flows.   The training is based on the body of knowledge for the IAPP's ANSI-accredited Certified Information Privacy Professional/Europe (CIPP/E) certification program. Privacy Programme Management   Principles of Privacy Management is the how-to training on implementing a privacy program framework, managing the privacy program operational lifecycle and structuring a knowledgeable, high-performing privacy team. Those taking this course will learn the skills to manage privacy in an organisation through process and technology-regardless of jurisdiction or industry.   The Principles of Privacy Program Management training is based on the body of knowledge for the IAPP's ANSI-accredited Certified Information Privacy Manager (CIPM) certification programme. Make a difference in your organization and in your career. The CIPM designation says that you're a leader in privacy program administration and that you've got the goods to establish, maintain and manage a privacy program across all stages of its lifecycle.  ABOUT THIS COURSE   Delivered in a modular format, this four day course covers   Days 1 & 2   * Module 1: Data Protection Laws Introduces key European data protection laws and regulatory bodies, describing the evolution toward a Harmonised European Legislative Framework.  * Module 2: Personal Data Defines and differentiates between types of data-including personal, anonymous, pseudo-anonymous and special categories.  * Module 3: Controllers and Processors Describes the roles and relationships of controllers and processors.  * Module 4: Processing Personal Data Defines data processing and GDPR processing principles, Explains the application of the GDPR and outlines the legitimate bases for processing personal data. *  Module 5: Information provision Explains controller obligations for providing information about data processing activities to data subjects and Supervisory Authorities.  * Module 6: Data Subjects 'Rights Describes data subjects' rights, applications of rights and obligations controller and processor.  * Module 7: Security or Processing Discusses considerations and duties of controllers and processors for Ensuring security of personal data and providing notification of data breaches.  * Module 8: Accountability Investigates accountability requirements, data protection management systems, data protection impact assessments, privacy policies and the role of the data protection officer.  * Module 9: International Data Transfers Outlines options and obligations for transferring data outside the European Economic Area, Decisions adequacy and appropriateness safeguards and derogations.  * Module 10: Supervision and Enforcement Describes the role, powers and procedures or Supervisory Authorities; the composition and tasks of the European Data Protection Board; the role of the European Data Protection Supervisor; and remedies, liabilities and penalties for non-compliance.  * Module 11: Compliance Discusses the applications of European data protection law, legal bases and compliance requirements for processing personal data in practice, employers-including processing employee data, surveillance, direct marketing, Internet technology and communications and outsourcing.    Days 3 & 4   * Module 1: Introduction to privacy program management Identifies privacy program management responsibilities, and describes the role of accountability in privacy program management.  * Module 2: Privacy governance Examines considerations for developing and implementing a privacy program, including the position of the privacy function within the organization, role of the DPO, program scope and charter, privacy strategy, support and ongoing involvement of key functions and privacy frameworks.  * Module 3: Applicable laws and regulations Discusses the regulatory environment, common elements across jurisdictions and strategies for aligning compliance with organizational strategy.  * Module 4: Data assessments Relates practical processes for creating and using data inventories/maps, gap analyses, privacy assessments, privacy impact assessments/data protection impact assessments and vendor assessments.  * Module 5: Policies Describes common types of privacy-related policies, outlines components and offers strategies for implementation.  * Module 6: Data subject rights Discusses operational considerations for communicating and ensuring data subject rights, including privacy notice, choice and consent, access and rectification, data portability, and erasure and the right to be forgotten.  * Module 7: Training and awareness Outlines strategies for developing and implementing privacy training and awareness programs.  * Module 8: Protecting personal information Examines a holistic approach to protecting personal information through privacy by design.  * Module 9: Data breach incident plans Provides guidance on planning for and responding to a data security incident or breach.  * Module 10: Measuring, monitoring and auditing program performance Relates common practices for monitoring, measuring, analyzing and auditing privacy program performance PREREQUISITES   There are no prerequisites for this course but attendees would benefit from a review of the materials on the IAPP SITE [https://iapp.org/] WHAT'S INCLUDED?   1 years membership of the IAPP Breakfast, Lunch, mid-morning and afternoon snacks, teas, coffees Official Study Guides* Official Participant Guides* Official Exam Q&A's* Both exam fees * In electronic format for Live Online and hard copy for Classroom delegates     WHO SHOULD ATTEND?   This course is suitable for aspiring Data Protection Officers, as well as Information Security Managers, Lawyers, Data Managers, Analysts and Risk Teams. PROVIDED BY OUR GUARANTEE   * We are an approved IAPP Training Partner. * You can learn wherever and whenever you want with our robust classroom and interactive online training courses. * Our courses are taught by qualified practitioners with a minimum of 25 years commercial experience. * We strive to give our delegates the hands-on experience. * Our courses are all-inclusive with no hidden extras.  The one-off cost covers the training, all course materials, and exam voucher. * Our aim: To achieve a 100% first time pass rate on all our instructor-led courses. * Our Promise: Pass first time or 'train' again for FREE. *FREE training offered for retakes - come back within a year and only pay for the exam.

  Make a difference in your organization and in your career. The CIPM designation says that you're a leader in privacy program administration and that you've got the goods to establish, maintain and manage a privacy program across all stages of its lifecycle. The CIPM is the world's first and only certification in privacy program management. When you earn a CIPM, it shows that you don't just know privacy regulations-you know how to make it work for your organization. In other words, you're the go-to person for day-to-day operations when it comes to privacy. Developed in collaboration with the law firms, Bird and Bird, Field Fisher, Wilson/Sonsini and Covington and Burling, the CIPM encompasses pan-European and national data protection laws, key privacy terminology and practical concepts concerning the determination of control measures designed to protect personal data and trans-border data flows. ABOUT THIS COURSE   Delivered in a modular format, the course covers;   * Module 1: Introduction to privacy program management Identifies privacy program management responsibilities, and describes the role of accountability in privacy program management. * Module 2: Privacy governance Examines considerations for developing and implementing a privacy program, including the position of the privacy function within the organization, role of the DPO, program scope and charter, privacy strategy, support and ongoing involvement of key functions and privacy frameworks. * Module 3: Applicable laws and regulations Discusses the regulatory environment, common elements across jurisdictions and strategies for aligning compliance with organizational strategy. * Module 4: Data assessments Relates practical processes for creating and using data inventories/maps, gap analyses, privacy assessments, privacy impact assessments/data protection impact assessments and vendor assessments. * Module 5: Policies Describes common types of privacy-related policies, outlines components and offers strategies for implementation. * Module 6: Data subject rights Discusses operational considerations for communicating and ensuring data subject rights, including privacy notice, choice and consent, access and rectification, data portability, and erasure and the right to be forgotten. * Module 7: Training and awareness Outlines strategies for developing and implementing privacy training and awareness programs. * Module 8: Protecting personal information Examines a holistic approach to protecting personal information through privacy by design. * Module 9: Data breach incident plans Provides guidance on planning for and responding to a data security incident or breach. * Module 10: Measuring, monitoring and auditing program performance Relates common practices for monitoring, measuring, analyzing and auditing privacy program performance   The CIPM body of knowledge outlines all the concepts and topics that you need to know to become certified. The exam blueprint gives you an idea of how many questions from each topic area you can expect on the exam.  PREREQUISITES   There are no prerequisites for this course but attendees would benefit from a review of the materials on the IAPP site WHAT'S INCLUDED?   Breakfast, Lunch and refreshments (Classroom based courses only)  The Official Study Guide (Privacy Programme Management - Third Edition)*  Official Exam Q&A's*  Official Practice Exam Participant Guide* 1 years membership of the IAPP  The Exam Fees * In electronic format for Live Online and hard copy for Classroom delegates   WHO SHOULD ATTEND?   The CIPM is ideal for IT and information security leaders responsible for developing Data Protection frameworks and applying best practice, including those in the following positions: Data Analysts Cyber Security Analysts and Managers Aspiring Data Protection Officers IT Managers  ACCREDITATION OUR GUARANTEE   * We are an approved IAPP Training Partner. * You can learn wherever and whenever you want with our robust classroom and interactive online training courses. * Our courses are taught by qualified practitioners with a minimum of 25 years commercial experience. * We strive to give our delegates the hands-on experience. * Our courses are all-inclusive with no hidden extras.  The one-off cost covers the training, all course materials, and exam voucher. * Our aim: To achieve a 100% first time pass rate on all our instructor-led courses. * Our Promise: Pass first time or 'train' again for FREE. *FREE training offered for retakes - come back within a year and only pay for the exam.