Security Management Training in Hong Kong

This instructor-led, live training in Hong Kong (online or onsite) is aimed at intermediate-level IT auditors who wish to effectively incorporate AI tools in their audit practices.

By the end of this training, participants will be able to:

• Grasp the core concepts of artificial intelligence and how it is applied in the context of IT auditing.
• Utilize AI technologies such as machine learning, NLP, and RPA to improve audit efficiency, accuracy, and scope.
• Perform risk assessments using AI tools, enabling continuous monitoring and proactive risk management.
• Integrate AI into audit planning, execution, and reporting, enhancing the overall effectiveness of IT audits.

Encryption Key Management is the discipline of securely creating, storing, distributing, rotating, and retiring cryptographic keys to protect sensitive data and ensure regulatory compliance.

This instructor-led, live training (online or onsite) is aimed at intermediate-level IT and security professionals who wish to implement robust encryption key management practices and systems across enterprise environments.

By the end of this training, participants will be able to:

• Understand the lifecycle of encryption keys and best practices for their protection.
• Set up and manage key management systems (KMS) both on-prem and in the cloud.
• Implement access control and auditing for key usage.
• Comply with regulations and standards related to encryption key security.

Format of the Course

• Interactive lecture and discussion.
• Hands-on use of key management tools in lab environments.
• Guided exercises focused on secure key lifecycle implementation.

Course Customization Options

• To request a customized training for this course based on your infrastructure or compliance requirements, please contact us to arrange.

This instructor-led, live training in Hong Kong (online or onsite) is aimed at advanced-level security analysts who wish to elevate their skills in utilizing advanced Micro Focus ArcSight ESM content to improve an organization's ability to detect, respond, and mitigate cyber threats with greater precision and speed.

By the end of this training, participants will be able to:

• Optimize the use of Micro Focus ArcSight ESM to enhance monitoring and threat detection capabilities.
• Construct and manage advanced ArcSight variables to refine event streams for more precise analysis.
• Develop and implement ArcSight lists and rules for effective event correlation and alerting.
• Apply advanced correlation techniques to identify complex threat patterns and reduce false positives.

This instructor-led, live training in Hong Kong (online or onsite) is aimed at beginner-level law enforcement officers who wish to gain a deeper understanding of human behavior, enhancing their skills in communication, empathy, conflict resolution, and overall effectiveness in their roles.

By the end of this training, participants will be able to:

• Have a deeper understanding of human psychology.
• Develop advanced communication and conflict resolution skills for more effective interaction with the public, colleagues, and in negotiation scenarios.
• Promote awareness and understanding of diverse cultural backgrounds, improving community policing and relations with various demographic groups.

This instructor-led, live training in Hong Kong (online or onsite) is aimed at beginner-level security professionals who wish to gain the knowledge and skills necessary to adapt to the rapidly evolving digital landscape in the security industry.

By the end of this training, participants will be able to:

• Understanding Digital Transformation in security.
• Learn how digital solutions can improve security operations, efficiency, and effectiveness.
• Manage security-related data for informed decision-making.

This instructor-led, live training in Hong Kong (online or onsite) is aimed at beginner-level security managers who wish to effectively embrace and utilize technology in their field.

By the end of this training, participants will be able to:

• Understand the evolution of technology in security.
• Learn how to effectively blend traditional security methods with modern technological solutions.
• Understand the basics of cybersecurity, risks associated with digital systems, and how to protect against cyber threats in the security industry.

This instructor-led, live training in Hong Kong (online or onsite) is aimed at beginner-level security managers and designers who wish to effectively plan, design, and implement security strategies that are integrated, technologically advanced, and compliant with legal and ethical standards.

By the end of this training, participants will be able to:

• Learn how to integrate security considerations into architectural and facility design.
• Assess threats and vulnerabilities to inform security planning.
• Develop comprehensive security plans that address a range of threats.
• Create effective emergency response and crisis management plans.

This instructor-led, live training in Hong Kong (online or onsite) is aimed at beginner-level security administrators who wish to deepen their understanding of security practices within an organization.

By the end of this training, participants will be able to:

• Understand the fundamentals of security operations and administration.
• Identify and mitigate various security threats and vulnerabilities.
• Implement and manage security solutions.
• Understand legal and ethical considerations in security operations.
• Prepare for incident response and disaster recovery.

This instructor-led, live training in Hong Kong (online or onsite) is aimed at advanced-level professionals who wish to gain a comprehensive understanding of fraud examination concepts and prepare for the Certified Fraud Examiner (CFE) exam.

By the end of this training, participants will be able to:

• Gain comprehensive knowledge of fraud examination principles and the fraud examination process.
• Learn to identify, investigate, and prevent various types of financial fraud schemes.
• Understand the legal environment related to fraud, including the legal elements of fraud, relevant laws, and regulations.
• Acquire practical skills in conducting fraud investigations, including evidence collection, interviewing techniques, and data analysis.
• Learn to design and implement effective fraud prevention and deterrence programs within organizations.
• Gain confidence and knowledge to successfully pass the Certified Fraud Examiner (CFE) exam.

This instructor-led, live training in Hong Kong (online or onsite) is aimed at advanced-level security managers who wish to be well-equipped with the knowledge and skills needed to excel in the exam and their roles as security management professionals.

By the end of this training, participants will be able to:

• Understand the five domains of ISSMP.
• Develop skills to manage an information security program.
• Learn to establish and maintain security governance.
• Gain insights into risk management, incident response, and continuity planning.
• Prepare effectively for the ISSMP certification exam.

This instructor-led, live training in Hong Kong (online or onsite) is aimed at beginner-level security professionals who wish to thoroughly understand how to protect physical assets, people, and facilities.

By the end of this training, participants will be able to:

• Understand the fundamentals of physical security.
• Learn about risk assessment and management in physical security.
• Explore various physical security measures and technologies.
• Understand the integration of physical security with other security domains.
• Develop skills in designing and implementing effective physical security plans.

This instructor-led, live training in Hong Kong (online or onsite) is aimed at IT professionals who wish to understand how to use the CipherTrust Solution suite.

By the end of this training, participants will be able to:

• Understand the CipherTrust Solution and its basic functions.
• Evaluate device architecture and usage schemes.
• Manage CipherTrust product suite.

This instructor-led, live training in Hong Kong (online or onsite) is aimed at security managers who wish to learn basic to intermediate-level CCTV security surveillance and management skills.

By the end of this training, participants will be able to:

• Familiarize the types of CCTV systems and know their benefits and features.
• Understand cabling and CCTV systems setup requirements.
• Install, configure, and manage CCTV systems.

Description:

Disclaimer: Please be advised that this updated CISM exam content outline is applicable to exams starting 1 June 2022.

CISM® is the most prestigious and demanding qualification for Information Security Managers around the globe today. This qualification provides you with a platform to become part of an elite peer network who have the ability to constantly learn and relearn the growing opportunities/ challenges in Information Security Management.

Our CISM training methodology provides an in-depth coverage of contents across the Four CISM domains with a clear focus on building concepts and solving ISACA released CISM exam questions. The course is an intense training and hard-core exam preparation for ISACA’s Certified Information Security Manager (CISM®) Examination.

Our instructors encourage all attending delegates to go through the ISACA released CISM QA&E (Questions, Answers and Explanations) as exam preparation. The QA&E is exceptional in helping delegates understand the ISACA style of questions, approach to solving these questions and it helps rapid memory assimilation of the CISM concepts during live classroom sessions.
All our trainers have extensive experience in delivering CISM training. We will thoroughly prepare you for the CISM examination.

Goal:

The ultimate goal is to pass your CISM examination first time.

Objectives:

• Use the knowledge gained in a practical manner beneficial to your organisation
• Establish and maintain an Information security governance framework to achieve your organization goals and objectives
• Manage Information risk to an acceptable level to meet the business and compliance requirements
• Establish and maintain information security architectures (people, process, technology)
• Integrate information security requirements into contracts and activities of third parties/ suppliers
• Plan, establish and manage the capability to detect, investigate, respond to and recover from information security incidents to minimize business impact

Target Audience:

• Security professionals with 3-5 years of front-line experience
• Information security managers or those with management responsibilities
• Information security staff, information security assurance providers who require an in-depth understanding of information security management including: CISO’s, CIO’s, CSO’s, privacy officers, risk managers, security auditors and compliance personnel, BCP / DR personnel, executive and operational managers responsible for assurance functions

This instructor-led, live training in Hong Kong (online or onsite) is aimed at security professionals who wish to learn and improve how to handle security threats and perform security risk assessments.

By the end of this training, participants will be able to:

• Manage security systems and handle any hostile environment.
• Manage any security risks or threats.
• Learn how to conduct security risk assessments.

This instructor-led, live training in Hong Kong (online or onsite) is aimed at beginner-level professionals who wish to gain an understanding of ISO 27001 and its role in enhancing information security within an organization.

By the end of this training, participants will be able to:

• Understand the purpose and benefits of an ISMS.
• Familiarize themselves with key ISO 27001 concepts, terms, and principles.
• Recognize the role of an auditor in ensuring compliance.
• Gain insight into the audit process and continual improvement within ISO 27001.

This instructor-led, live training in Hong Kong (online or onsite) is aimed at intermediate-level cybersecurity professionals who wish to enhance their understanding of GRC frameworks and apply them to secure and compliant business operations.

By the end of this training, participants will be able to:

• Understand the key components of cybersecurity governance, risk, and compliance.
• Conduct risk assessments and develop risk mitigation strategies.
• Implement compliance measures and manage regulatory requirements.
• Develop and enforce security policies and procedures.

This instructor-led, live training in Hong Kong (online or onsite) is aimed at developers and anyone who wishes to learn and use OAuth to provide applications with secure delegated access.

By the end of this training, participants will be able to:

• Learn the fundamentals of OAuth.
• Understand the native applications and their unique security issues when using OAuth.
• Learn and understand the common extensions to the OAuth protocols.
• Integrate with any OAuth authorization server.

This instructor-led, live training in Hong Kong (online or onsite) is aimed at intermediate to expert-level IT professionals who wish to enhance their skills and qualifications in information security or related fields.

By the end of this training, participants will be able to:

• Understand the differences between ISO/IEC 27001:2013 and ISO/IEC 27001:2022.
• Gain the knowledge and skills to plan and implement the transition from the 2013 to the 2022 version of the standard efficiently.
• Apply the knowledge in real-world scenarios, facilitating a smooth transition in their respective organizations.

This instructor-led, live training in Hong Kong (online or onsite) is aimed at intermediate-level system administrators who wish to learn how to use Siteminder to implement various authentication methods.

By the end of this training, participants will be able to:

• Understand the core concepts of Siteminder and its role in authentication and access management.
• Configure and manage user authentication with Siteminder.
• Implement various authentication methods supported by Siteminder.
• Troubleshoot common issues related to Siteminder authentication.
• Integrate Siteminder with other identity providers for federated authentication.

Description:

Basel III is a global regulatory standard on bank capital adequacy, stress testing and market liquidity risk. Having initially been agreed upon by the Basel Committee on Banking Supervision in 2010–11, changes to The Accord have extended implementation to 31st March 2019. Basel III strengthens bank capital requirements by increasing bank liquidity and decreasing bank leverage.
Basel III differs from Basel I & II in that it requires different levels of reserves for different forms of deposits and other types of borrowings, so it does not supersede them so much as it does work alongside Basel I and Basel II.
This complex and constantly changing landscape can be hard to keep up with, our course and training will help you manage likely changes and their impact on your institution. We are accredited with and a training partner to the Basel Certification Institute and as such the quality and suitability of our training and material is guaranteed to be up to date and effective

Objectives:

• Preparation for the Certified Basel Professional Examination.
• Define hands-on strategies and techniques for the definition, measurement, analysis, improvement, and control of operational risk within a banking organization.

Target Audience:

• Board members with risk responsibilities
• CROs and Heads of Risk Management
• Members of the Risk Management team
• Compliance, legal and IT support staff
• Equity and Credit Analysts
• Portfolio Managers
• Rating Agency Analysts

Overview:

• Introduction to Basel norms and amendments to the Basel Accord (III)
• Regulations for market, credit, counterparty and liquidity risk
• Stress testing for various risk measures including how to formulate and deliver stress tests
• The likely effects of Basel III on the international banking industry, including demonstrations of its practical application
• Need For The New Basel Norms
• The Basel III Norms
• Objectives of The Basel III Norms
• Basel III – Timeline

Description:

This four day event (CGEIT training) is the ultimate preparation for exam time and is designed to ensure that you pass the challenging CGEIT exam on your first attempt.
The CGEIT qualification is an internationally recognised symbol of excellence in IT governance awarded by ISACA. It is designed for professionals responsible for managing IT governance or with significant advisory or assurance responsibility for IT governance.
Achieving CGEIT status will provide you with wider recognition in the marketplace, as well as increased influence at executive level.

Objectives:

This seminar has been designed to prepare Delegates for the CGEIT examination by enabling them to supplement their existing knowledge and understanding to be better prepared to pass the exam, as defined by ISACA.

Target Audience:

Our training course is for IT and business professionals, with significant IT governance experience who are undertaking the CGEIT exam.

A thorough, practical, 3 day course designed to provide the knowledge and skills required to manage information security, information assurance or information risk based processes. The CISMP course is aligned with the latest national information assurance frameworks (IAMM), as well as ISO/IEC 27002 & 27001; the code of practice and standard for information security. This course is a CESG Certified Training (CCT) course.

The course follows the latest BCS syllabus and prepares delegates for the 2 hour multiple choice BCS examination.

This qualification provides delegates with detailed knowledge of the concepts relating to information security; (confidentiality, integrity, availability, vulnerability, threats, risks and countermeasures), along with an understanding of current legislation and regulations which impact information security management. Award holders will be able to apply the practical principles covered throughout the course ensuring normal business processes become robust and more secure.

This instructor-led, live training in Hong Kong (online or onsite) is aimed at payment services compliance professionals who wish to create, implement, and enforce a compliance program within an organization.

By the end of this training, participants will be able to:

• Understand the rules set forth by government regulators for payment service providers.
• Create the internal policies and procedures needed to satisfy government regulations.
• Implement a compliance program that adheres to relevant laws.
• Ensures that all corporate processes and procedures comply with the compliance program.
• Uphold the business's reputation while protecting it from lawsuits.

Network security begins at the physical level. In this instructor-led, live training in Hong Kong, participants will learn the security risks related to computer server rooms and how to tighten security through smart practices, planning and technology implementation.

By the end of this training, participants will be able to:

• Assess their organization's security risk, as it relates to computer server rooms.
• Set up control and monitoring systems to restrict physical access to infrastructure.
• Design access policies for different members.
• Effectively communicate security policies with team members.

Description:

Cybersecurity skills are in high demand, as threats continue to plague enterprises around the world. An overwhelming majority of professionals surveyed by ISACA recognise this and plan to work in a position that requires cybersecurity knowledge.
To fill this gap, ISACA has developed the Cybersecurity Fundamentals Certificate, which provides education and verification of skills in this area.

Objectives:

With cybersecurity threats continuing to rise and the shortage of appropriately-equipped security professionals growing worldwide, ISACA's Cybersecurity Fundamentals Certificate programme is the perfect way to quickly train entry-level employees and ensure they have the skills and knowledge they need to successfully operate in the Cyber arena.

Target Audience:

The certificate program is also one of the best ways to gain foundational knowledge in cybersecurity and begin to build your skills and knowledge in this crucial area.

In this instructor-led, live course in Hong Kong, participants will learn how to formulate the proper security strategy to face the DevOps security challenge.

This course provides an expert introduction to the newly enacted Accessibility Law and equips developers with the practical skills to design, develop, and maintain fully accessible applications. Starting with a contextual discussion on the law's importance and implications, the course quickly shifts to hands-on coding practices, tools, and testing techniques to ensure compliance and inclusivity for users with disabilities.

Course goal:

To ensure that an individual has the core understanding of GRC processes and capabilities, and the skills to integrate governance, performance management, risk management, internal control, and compliance activities.

Overview:

• GRC Basic terms and definitions
• Principles of GRC
• Core components, practices and activities
• Relationship of GRC to other disciplines

HIPAA (Health Insurance Portability and Accountability Act of 1996) is a legislation in the United States that provides provisions for data privacy and security for handling and storing medical information. These guidelines are a good standard to follow in developing health applications, regardless of territory. HIPAA compliant applications are recognized and more trusted globally.

In this instructor-led, live training (remote), participants will learn the fundamentals of HIPAA as they step through a series of hands-on live-lab exercises.

By the end of this training, participants will be able to:

• Understand the basics of HIPAA
• Develop health applications that are compliant with HIPAA
• Use developer tools for HIPAA compliance

Audience

• Developers
• Product Managers
• Data Privacy Officers

Format of the Course

• Part lecture, part discussion, exercises and heavy hands-on practice.

Note

• To request a customized training for this course, please contact us to arrange.

This instructor-led, live training in Hong Kong (online or onsite) is aimed at developers and administrators who wish to produce software and products that are HiTRUST compliant.

By the end of this training, participants will be able to:

• Understand the key concepts of the HiTrust CSF (Common Security Framework).
• Identify the HITRUST CSF administrative and security control domains.
• Learn about the different types of HiTrust assessments and scoring.
• Understand the certification process and requirements for HiTrust compliance.
• Know the best practices and tips for adopting the HiTrust approach.

This course will give you the skills to build up information security according to ISO 27005, which is dedicated to information security risk management based on ISO 27001.

Audiance

All staff who need a working knowledge of Compliance and the Management of Risk

Format of the course

A combination of:

• Facilitated Discussions
• Slide Presentations
• Case Studies
• Examples

Course Objectives

By the end of this course, delegates will be able to:

• Understand the major facets of Compliance and the national and international efforts being made to manage the risk related to it
• Define the ways in which a company and its staff might set up a Compliance Risk Management Framework
• Detail the roles of Compliance Officer and Money Laundering Reporting Officer and how they should be integrated into a business
• Understand some other “hot spots” in Financial Crime – especially as they relate to International Business, Offshore Centres and High-Net-Worth Clients

This instructor-led, live training in Hong Kong (online or onsite) focuses on analyzing the risks of Open Data while reducing vulnerability to disaster or data loss.

By the end of this training, participants will be able to:

• Understand the concepts and benefits of Open Data.
• Identify the different types of data.
• Understand the risks of Open Data and how to mitigate them.
• Learn how to manage Open Data risks and create a contingency plan.
• Implement Open Data risk mitigation strategies to reduce disaster risk.

This instructor-led, live Payment Card Industry Professional training in Hong Kong (online or onsite) provides an individual qualification for industry practitioners who wish to demonstrate their professional expertise and understanding of the PCI Data Security Standard (PCI DSS).

By the end of this training, participants will be able to:

• Understand the payment process and the PCI standards designed to protect it.
• Understand the roles and responsibilities for entities involved in the payment industry.
• Have deep insight into, and understanding of, the 12 PCI DSS requirements.
• Demonstrate knowledge of PCI DSS and how it applies to organizations that are involved in the transaction process.

This instructor-led, live training in Hong Kong (online or onsite) is aimed at IT administrators, security coordinators, and compliance managers who wish to identify, evaluate, and implement security policy management methods for their organization.

By the end of this training, participants will be able to develop, manage, and monitor security policies to protect their organization's information, network, and physical and software assets.