Acquire the skills to design a system of governance to enforce compliance with laws, regulations, and company policies.

In an ever-changing political and criminal landscape, there is an increasing need for people with specialized and up-to-date knowledge of current cybersecurity laws, regulations, and best practices. The skills gap this need creates in an organization exposes the organization to liability.

Cybersecurity Specialization: Governance, Risk, and Compliance will give you an understanding of the current laws and regulations that drive the creation of a governance system of rules, practices, and processes by which a company is directed and controlled. Understanding the fundamentals of the implementation of a risk management strategy will help your organization achieve compliance through policy management, control creation, and assessment of the effectiveness of controls. In this course, you will learn to set up processes to enforce compliant behaviors in your organization, including the enforcement of a systemic culture of documentation, verification, audits, remediation, follow-through, responsibility, and authority.

The course uses a challenge-based design focusing on what a learner should be able to do at the end of the course and back on the job. The practice opportunities and challenge activities resemble—as much as possible—tasks the learner would be asked to perform in a real-life situation.

Who Should Attend?

Mid-career professionals who are interested in a career in risk analysis and management of cybersecurity processes, tools, and people.
Students should have at least two years of experience in cybersecurity but can come to this course from a variety of backgrounds, including but not limited to auditing, project management, DevOps, and engineering.

What You Will Learn

Develop a strategy to mitigate compliance risk based on laws governing Information Technology and reporting requirements to various regulatory bodies
Contribute to a risk management strategy that will frame an organization’s risk tolerance along with defining and enabling managers to understand the levels of risk they are allowed to take
Create policies supported by controls that utilize frameworks and standards to minimize risk to an acceptable level
Determine the mechanisms to raise the organization’s risk maturity level
Support both top-down and bottom-up approaches to enterprise security by acquiring management buy-in and improving employee attitudes to security
Contribute to a business continuity plan that prioritizes business processes
Select an eGRC tool to help manage risk based on requirements and capabilities

Outline

Why Does GRC Matter?

Terms and definitions
Assets, value
Increasing importance of Governance, Risk, and Compliance

Industry Compliance

Essence of compliance
Industry Standards: Payment Card Industry (PCI)
Industry Standards: Sarbanes-Oxley (SOX) Act
Industry Standards: Financial Industry Regulatory Authority (FINRA)
Industry Standards: General Data Protection Regulation (GDPR)
Compliance and company policy

Privacy Compliance

Impact of privacy
Personally identifiable information (PII), protected health information (PHI)
Data architecture
Data handling
Encryption
Health Insurance Portability and Accountability Act (HIPAA)
Health Information Technology for Economic and Clinical Health (HITECH) Act
Gramm-Leach-Bliley Act (GLBA)
Privacy best practices

Risk Assessment

CIA triad
Threat modeling
Risk assessment
Quantitative vs. qualitative risk assessment
Risk assessment models
Risk likelihood and impact
Risk tolerance
Risk appetite
Business impact analysis (BIA)
Risk mitigation strategies

Risk Management

Risk management strategies: Mitigation, avoidance, transference, acceptance
Risk Management Framework (RMF)
RMF vs. CAP
Risk maturity level
Residual risk
Continuous monitoring and incident response
Patch management and the Common Vulnerability Scoring System (CVSS)

Corporate Culture

Enterprise-wide attitudes to security and risk
FUD: Fear, uncertainty, and doubt
Governance failures in the real world
Buy-in
NICE, best practices, role-based training
Aligning risk management with business goals
Authorized use policies
Tools: Training, rewards and consequences, hiring practices
Ongoing monitoring and tracking

Governance and Policy

Business continuity plan (BCP)
Disaster recovery plan (DRP)
Business impact analysis (BIA)
Single point of failure
Redundancy
BCP dependency chain
Rapid information sharing
RACI chart
Discussion: Fast vs. good vs. cheap

Course Look Around

eGRC: Archer and OpenPages
Real-time access to information
Reporting
Relevance
Interoperability
Savings through reduced complexity

Read more +

Why have you chosen us?

I have attended a training from Bilginc IT Academy before and I was satisfied.

I have attended a training from a different provider and it was not helpful.

Other

How many employees do you have in your IT department?

0 – 50

50 – 250

250 – 1000

1000+

Cybersecurity Specialization: Governance, Risk, and Compliance Training Course in Finland

Finland is a country located in northern Europe. Helsinki is the capital and largest city of the country. The majority of the people are Finns but there is also a small Lapp population in Lapland, where the country is famous for the Northern Lights. Finland's national languages are Finnish and Swedish.

Known for its vast forests, lakes, and natural beauty, Finland is one of the world's largest producers of forest products, such as paper, pulp, and lumber. One of the world's largest sea fortresses Suomenlinna, Rovaniemi with the "White Nights", dogsled safaris and of course the Northern Lights are what makes Finland so popular for tourists. Finland is one of the best places in the world to see the Northern Lights and attracts millions of tourists during its seasons.

Finland is home to a thriving technology industry and is widely recognized as one of the world's leading technology hubs. Companies such as Nokia and Rovio (creator of the popular game Angry Birds) are based in Finland. Some of the key factors that have contributed to Finland's success in technology include; strong investment in research and development, a highly educated workforce and fundings.

Finland has a strong educational system, and is widely regarded as one of the world's most literate countries. In fact, Finland's literacy rate is one of the highest in the world, and its students consistently perform well in international tests of math and reading ability.

Also, as a pioneer in environmental sustainability, Finland is known for its efforts to reduce its carbon footprint and promote clean energy. This Nordic country is also famous for its unique and distinctive cultural heritage, including its traditional folk music and its elaborate traditional costumes.

Helsinki, Finland's capital city, is the country's business center. Helsinki is Finland's largest city, and it is home to many of the country's major corporations and organizations, including many of the country's leading technology firms. The city is also a commercial, trade, and financial center, as well as one of the busiest ports in the Nordic region.

Take advantage of our diverse IT course offerings, spanning programming, software development, business skills, data science, cybersecurity, cloud computing and virtualization. Our knowledgeable instructors will provide you with practical training and industry insights, delivered directly to your chosen venue in Finland.

Cybersecurity Specialization: Governance, Risk, and Compliance Training in Finland

Who Should Attend?

What You Will Learn

Outline

Avaible Training Dates