Alliance - A union formed for mutual benefit

UPSKILLING WITH BEVAN LANE TRAINER AT PECB

WHY?

As part of the Alliances Projects: Community Development initiative and mission, we are consolidating what is good in terms of core certifications, academia and eventually experience based mentorships to raise awareness of when these opportunities will arise.

A partnership with PECB Training Leader and award winner Bevan Lane, Director – Infosec Advisory Group means we are able  to create and plan an annual training session on the PECB courses as highlighted below:

ISO/IEC 27001 Lead Implementer – 4 day course

ISO/IEC 27005 Risk Manager – 3 day course (Intermediate course)

ISO/IEC 27701 Privacy Information Management Systems (PIMS)  4 day course

Training Courses 2023

ISO/IEC 27005 Risk Manager

Dates: 23rd of October 2023 – 25th of October 2023 (3 days)

Hosted virtually

Cost: ZAR 14 500.00

ISO/IEC 27001 Lead Implementer

Dates: 13th of November 2023 – 16th of November 2023 (4 days)

Hosted Virtually

Cost: ZAR 18 000.00

ISO/IEC 27701 Privacy Information Management System

Dates: 27th of November 2023 – 30th of November 2023 (4 days)

Hosted Virtually

Cost: ZAR 18 000.00

ISO/IEC 27005 Risk Manager

ISO/IEC 27005 Risk Manager

Resources

ISO/IEC 27005 Risk Manager

The ISO/IEC 27005 Risk Manager training course enables participants to understand the process of developing, establishing, maintaining, and improving an information security risk management framework based on the guidelines of ISO/IEC 27005.

Why should you attend?

The ISO/IEC 27005 Risk Manager training course provides valuable information on risk management concepts and principles outlined by ISO/IEC 27005 and also ISO 31000. The training course provides participants with the necessary knowledge and skills to identify, evaluate, analyze, treat, and communicate information security risks based on ISO/IEC 27005. Furthermore, the training course provides an overview of other best risk assessment methods, such as OCTAVE, MEHARI, EBIOS, NIST, CRAMM, and Harmonized TRA.

The PECB ISO/IEC 27005 Risk Manager certification demonstrates that you comprehend the concepts and principles of information security risk management.

The training course is followed by an exam. After passing the exam, you can apply for the “PECB Certified ISO/IEC 27005 Risk Manager” credential.

Who should attend?

This training course is intended for:

Managers or consultants involved in or responsible for information security in an organization
Individuals responsible for managing information security risks

Members of information security teams, IT professionals, and privacy officers

Individuals responsible for maintaining conformity with the information security requirements of ISO/IEC 27001 in an organization

Project managers, consultants, or expert advisers seeking to master the management of information security risks

ISO/IEC 27001 Lead Implementer

ISO/IEC 27001 Lead Implementer

Resources

Training Course Overview

ISO/IEC 27001 Lead Implementer training course enables participants to acquire the knowledge necessary to support an organization in effectively planning, implementing, managing, monitoring, and maintaining an information security management system (ISMS).

Why Should You Attend?

Information security threats and attacks increase and improve constantly. The best form of defense against them is the proper implementation and management of information security controls and best practices. Information security is also a key expectation and requirement of customers, legislators, and other interested parties.

This training course is designed to prepare participants in implementing an information security management system (ISMS) based on ISO/IEC 27001. It aims to provide a comprehensive understanding of the best practices of an ISMS and a framework for its continual management and improvement.

After attending the training course, you can take the exam. If you successfully pass it, you can apply for a “PECB Certified ISO/IEC 27001 Lead Implementer” credential, which demonstrates your ability and practical knowledge to implement an ISMS based on the requirements of ISO/IEC 27001.

Who Can Attend?

Project managers and consultants involved in and concerned with the implementation of an ISMS
Expert advisors seeking to master the implementation of an ISMS
Individuals responsible for ensuring conformity to information security requirements within an organization
Members of an ISMS implementation team

ISO/IEC 27701 Privacy Information Management System

ISO/IEC 27701 Privacy Information Management System

Resources

What is ISO/IEC 27701?

ISO/IEC 27701 standard is published in August 2019, and it is the first international standard that deals with privacy information management. The standard will assist organizations to establish, maintain and continually improve a Privacy Information Management System (PIMS) by enhancing the existing ISMS, based on the requirements of the ISO/IEC 27001 and guidance of ISO/IEC 27002. It can be used by all types of organizations irrespective of their size, complexity or the country they operate.

Why is ISO/IEC 27701 important for you?

The exponential growth of the collection of personal information and the increasing of data processing has led to privacy concerns. Hence, implementing a Privacy Information Management System (PIMS) in compliance with the requirements and guidance of the ISO/IEC 27701 will enable organizations to assess, treat, and reduce risks associate with the collection, maintenance and processing of personal information.

This standard is essential for every organization that is responsible and accountable for Personally Identifiable Information (PII) as it provides requirements on how to manage and process data and safeguard privacy. It enriches an already implemented ISMS to address privacy concerns properly by assisting the organizations to understand the practical approaches involved in the implementation of an effective management of PII.

Part 2 – The Changes since 2022

Within this vodcast, Bevan Lane, CEO at Infosec Advisory Group, runs through the history of ISO27001 as we run a 2 part series on the updates from ISO27001:2013 to ISO27001:2022.

Timeframe for vodcast:

00:00 – 02:22 – Introduction

02:23 – 04:09 – Changes – 1. Information Security, Cyber Security and Privacy Protection

04:10 – 14:48 – Changes – 2. The Clause, they are “Critical”

14:49 – 18:24 – Changes – 3. The Controls

18:25 – 20:32 – Changes – 4. Merging

20:33 – 29:50 – Changes – 5. New Controls

29:51 – 31:34 – Changes – 6. Transition to ISO/IEC 27001:2022 from 2013

31:35 – 37:40 – InfoSec Advisory Group Practical Approach

37:41 – 39:53 – Reasons to get certified

39:54 – 43:07 – Community Questions Consolidated

43:08 – End – Training available from the Alliances x PECB partnership

Alliances Podcast Channel on Spotify: https://open.spotify.com/show/1yuA8icuilTp4T5q6oaiCN

Part 1 – The History of the standard

Within this vodcast, Bevan Lane, CEO at Infosec Advisory Group, runs through the history of ISO27001 as we run a 2 part series on the updates from ISO27001:2013 to ISO27001:2022.

Timeframe for vodcast:

00:00 – 03:05 – Introduction to the Chapter

03:06 – 05:45 – Contents overview of the Chapter

05:46 – 06:52 – What is ISO 27001

06:53 – 12:32 – Don’t mistake controls for ISMS

12:33 – 13:49 – Things you might not know

13:50 – 20:32 – 27000 standard broken down and each area with high level overview

20:33 – 25:57 – 1990 – BS 7799 – 27000:2022 Timeline

25:58 – 32:30 – Changes Overview in readiness for Chapter 2

32:31 – 36:23 – Questions from the audience

36:24 – Finish – Next Steps

Alliances Podcast Channel on Spotify: https://open.spotify.com/show/1yuA8icuilTp4T5q6oaiCN

Presentation Slides

Additional Article and overview of updates to ISO27001

Bevan Lane

Bevan Lane

Director - Infosec Advisory Group

PROFILE
I specialise in Information Security consulting. Implementation projects.  Technical Assessments, Auditing, and Training. I have over two decades of experience with multinational clients.

EDUCATION

Nelson Mandela Metropolitan University

Bachelor of Commerce

PORTFOLIO
Major conferences globally as a presenter (ISACA, COSAC, PECB, ITWeb).  PECB training provider and Best Trainer awards with our partner.  Extensive training on all aspects of Information Security including:

  • Information Security
  • Cyber Security
  • Cybercrime, forensics and fraud
  • Risk Management
  • Technical Security testing
  • Incident Management and Response
  • IT Governance/Audit training
  • Privacy

CERTIFICATION

  • CISSP, CCSP
  • CISA. CISM, CGEIT
  • PECB Certified ISO 27001 Master and ISO27005 RISK Manager ISO 27032 Cybersecurity, 27032 Incident Management ,
  • ISO 27701 Privacy InformationManagement System
    (PIMS) and ChiefData Privacy Officer (CDPO)
  • SABSA Certified
  • ISO 37001 Anti Bribery Certified

UPCOMING CHAPTER

TRAINING SCHEDULE RELEASED 20TH SEPTEMBER 2023

Interviewer: Leigh Thomas, Regional Director – Alliances

Interviewee: Bevan Lane, Director – Infosec Advisory Group

Podcast Theme: Why join this course?

Alliances Partners