UPSKILLING WITH BEVAN LANE TRAINER AT PECB
Alliance - A union formed for mutual benefit
As part of the Alliances Projects: Community Development initiative and mission, we are consolidating what is good in terms of core certifications, academia and eventually experience based mentorships to raise awareness of when these opportunities will arise.
A partnership with PECB Training Leader and award winner Bevan Lane, Director – Infosec Advisory Group means we are able to create and plan an annual training session on the PECB courses as highlighted below:
ISO/IEC 27005 Risk Manager – 3 day course (Intermediate course)
ISO/IEC 27701 Privacy Information Management Systems (PIMS) 4 day course
ISO/IEC 27005 Risk Manager
Resources
ISO/IEC 27005 Risk Manager
The ISO/IEC 27005 Risk Manager training course enables participants to understand the process of developing, establishing, maintaining, and improving an information security risk management framework based on the guidelines of ISO/IEC 27005.
Why should you attend?
The ISO/IEC 27005 Risk Manager training course provides valuable information on risk management concepts and principles outlined by ISO/IEC 27005 and also ISO 31000. The training course provides participants with the necessary knowledge and skills to identify, evaluate, analyze, treat, and communicate information security risks based on ISO/IEC 27005. Furthermore, the training course provides an overview of other best risk assessment methods, such as OCTAVE, MEHARI, EBIOS, NIST, CRAMM, and Harmonized TRA.
The PECB ISO/IEC 27005 Risk Manager certification demonstrates that you comprehend the concepts and principles of information security risk management.
The training course is followed by an exam. After passing the exam, you can apply for the “PECB Certified ISO/IEC 27005 Risk Manager” credential.
Who should attend?
This training course is intended for:
Managers or consultants involved in or responsible for information security in an organization
Individuals responsible for managing information security risks
Members of information security teams, IT professionals, and privacy officers
Individuals responsible for maintaining conformity with the information security requirements of ISO/IEC 27001 in an organization
Project managers, consultants, or expert advisers seeking to master the management of information security risks
ISO/IEC 27001 Lead Implementer
Resources
Training Course Overview
ISO/IEC 27001 Lead Implementer training course enables participants to acquire the knowledge necessary to support an organization in effectively planning, implementing, managing, monitoring, and maintaining an information security management system (ISMS).
Why Should You Attend?
Information security threats and attacks increase and improve constantly. The best form of defense against them is the proper implementation and management of information security controls and best practices. Information security is also a key expectation and requirement of customers, legislators, and other interested parties.
This training course is designed to prepare participants in implementing an information security management system (ISMS) based on ISO/IEC 27001. It aims to provide a comprehensive understanding of the best practices of an ISMS and a framework for its continual management and improvement.
After attending the training course, you can take the exam. If you successfully pass it, you can apply for a “PECB Certified ISO/IEC 27001 Lead Implementer” credential, which demonstrates your ability and practical knowledge to implement an ISMS based on the requirements of ISO/IEC 27001.
Who Can Attend?
Project managers and consultants involved in and concerned with the implementation of an ISMS
Expert advisors seeking to master the implementation of an ISMS
Individuals responsible for ensuring conformity to information security requirements within an organization
Members of an ISMS implementation team
ISO/IEC 27701 Privacy Information Management System
Resources
What is ISO/IEC 27701?
ISO/IEC 27701 standard is published in August 2019, and it is the first international standard that deals with privacy information management. The standard will assist organizations to establish, maintain and continually improve a Privacy Information Management System (PIMS) by enhancing the existing ISMS, based on the requirements of the ISO/IEC 27001 and guidance of ISO/IEC 27002. It can be used by all types of organizations irrespective of their size, complexity or the country they operate.
Why is ISO/IEC 27701 important for you?
The exponential growth of the collection of personal information and the increasing of data processing has led to privacy concerns. Hence, implementing a Privacy Information Management System (PIMS) in compliance with the requirements and guidance of the ISO/IEC 27701 will enable organizations to assess, treat, and reduce risks associate with the collection, maintenance and processing of personal information.
This standard is essential for every organization that is responsible and accountable for Personally Identifiable Information (PII) as it provides requirements on how to manage and process data and safeguard privacy. It enriches an already implemented ISMS to address privacy concerns properly by assisting the organizations to understand the practical approaches involved in the implementation of an effective management of PII.
Part 2 – The Changes since 2022
Within this vodcast, Bevan Lane, CEO at Infosec Advisory Group, runs through the history of ISO27001 as we run a 2 part series on the updates from ISO27001:2013 to ISO27001:2022.
Timeframe for vodcast:
00:00 – 02:22 – Introduction
02:23 – 04:09 – Changes – 1. Information Security, Cyber Security and Privacy Protection
04:10 – 14:48 – Changes – 2. The Clause, they are “Critical”
14:49 – 18:24 – Changes – 3. The Controls
18:25 – 20:32 – Changes – 4. Merging
20:33 – 29:50 – Changes – 5. New Controls
29:51 – 31:34 – Changes – 6. Transition to ISO/IEC 27001:2022 from 2013
31:35 – 37:40 – InfoSec Advisory Group Practical Approach
37:41 – 39:53 – Reasons to get certified
39:54 – 43:07 – Community Questions Consolidated
43:08 – End – Training available from the Alliances x PECB partnership
Alliances Podcast Channel on Spotify: https://open.spotify.com/show/1yuA8icuilTp4T5q6oaiCN
Part 1 – The History of the standard
Within this vodcast, Bevan Lane, CEO at Infosec Advisory Group, runs through the history of ISO27001 as we run a 2 part series on the updates from ISO27001:2013 to ISO27001:2022.
Timeframe for vodcast:
00:00 – 03:05 – Introduction to the Chapter
03:06 – 05:45 – Contents overview of the Chapter
05:46 – 06:52 – What is ISO 27001
06:53 – 12:32 – Don’t mistake controls for ISMS
12:33 – 13:49 – Things you might not know
13:50 – 20:32 – 27000 standard broken down and each area with high level overview
20:33 – 25:57 – 1990 – BS 7799 – 27000:2022 Timeline
25:58 – 32:30 – Changes Overview in readiness for Chapter 2
32:31 – 36:23 – Questions from the audience
36:24 – Finish – Next Steps
Alliances Podcast Channel on Spotify: https://open.spotify.com/show/1yuA8icuilTp4T5q6oaiCN
Presentation Slides
Additional Article and overview of updates to ISO27001
Bevan Lane
Director - Infosec Advisory Group
AlliancesPROFILE
I specialise in Information Security consulting. Implementation projects. Technical Assessments, Auditing, and Training. I have over two decades of experience with multinational clients.
EDUCATION
Nelson Mandela Metropolitan University
Bachelor of Commerce
PORTFOLIO
Major conferences globally as a presenter (ISACA, COSAC, PECB, ITWeb). PECB training provider and Best Trainer awards with our partner. Extensive training on all aspects of Information Security including:
- Information Security
- Cyber Security
- Cybercrime, forensics and fraud
- Risk Management
- Technical Security testing
- Incident Management and Response
- IT Governance/Audit training
- Privacy
CERTIFICATION
- CISSP, CCSP
- CISA. CISM, CGEIT
- PECB Certified ISO 27001 Master and ISO27005 RISK Manager ISO 27032 Cybersecurity, 27032 Incident Management ,
- ISO 27701 Privacy InformationManagement System
(PIMS) and ChiefData Privacy Officer (CDPO) - SABSA Certified
- ISO 37001 Anti Bribery Certified
UPCOMING CHAPTER
TRAINING SCHEDULE RELEASED 20TH SEPTEMBER 2023
Interviewer: Leigh Thomas, Regional Director – Alliances
Interviewee: Bevan Lane, Director – Infosec Advisory Group
Podcast Theme: Why join this course?
Alliances Partners
