Governance, Risk, And Compliance

Governance, risk, and compliance (GRC) refers to a strategy for managing an organization’s overall governance, enterprise risk management and compliance with regulations. Think of GRC as a structured approach to aligning IT with business objectives, while effectively managing risk and meeting compliance requirements.

Courses we offer

Click a tab below to explore our Governance, risk, and compliance training courses in detail.

ISO 31000 – Risk Management

ISO 31000 is an international standard that provides guidelines on managing any type of risk in any business activity. The standard provides guidelines on principles, risk management framework, and application of the risk management process.

ISO 31000 considers the risk management process as an integral part of overall management and decision-making. The risk management process can be applied on a strategic level and organization-wide, but it can also be applied on projects, products, and processes. ISO 31000 provides guidelines on risk communication and consultation, defining of the scope, context, and criteria, risk assessment, risk treatment, monitoring, and review, and lastly, recording and reporting of risks.

ISO 31000 Foundation

The ISO 31000 Foundation training course presents the basic principles and approaches of managing risks and opportunities based on the guidelines of ISO 31000. This training course focuses on the main components of ISO 31000 basic terms and definitions, principles of risk management, risk management framework, and risk management process. In addition, each step of the risk management process is analyzed and elaborated individually.

Duration – 2 Days
CPD Certification (Credits) – 14
Certification Body: PECB, Canada
Exam Duration – 1 Hour
Retake Exam – Yes

ISO 31000 Risk Manager

The ISO 31000 Risk Manager training course helps participants acquire the knowledge necessary and ability to integrate the risk management guidelines of ISO 31000 in an organization. It provides information regarding the risk management principles and their application, as well as the core elements of the risk management framework and steps for a risk management process. In addition, it provides the basic approaches, methods, and practices for assessing risk in a wide range of situations.

Duration – 3 Days
CPD Certification (Credits) – 21
Certification Body: PECB, Canada
Exam Duration – 2 Hours
Retake Exam – Yes

ISO 31000 Lead Risk Manager

The ISO 31000 Lead Risk Manager training course helps participants develop their competences to support an organization create and protect value by managing risks, making decisions, and improving performance using the ISO 31000 guidelines. It provides information regarding the core elements and the effective implementation of a risk management framework, the application of the risk management process, and the actions necessary for the successful integration of these elements to meet organizational objectives. Furthermore, it provides guidance on the selection and application of techniques for assessing risks in a wide range of situations.

Duration – 4 Days
CPD Certification (Credits) – 31
Certification Body: PECB, Canada
Exam Duration – 3 Hours
Retake Exam – Yes

ISO 31000 Transition

ISO 31000 Transition Course enables to gain a thorough understanding of the differences between ISO 31000:2009 and ISO 31000:2018. Additionally, it will help to get acquainted with some of the main changes of ISO 31000:2018, including the reviewed principles of Risk Management, a simpler and more concise text of ISO 31000, and the emphasis on the importance of leadership by top management.

Duration – 2 Days
CPD Certification (Credits) – 14
Certification Body: PECB, Canada
Exam Duration – 1 Hour
Retake Exam – Yes

ISO 37001 – Anti-Bribery Management

Published in 2016 as a Type A management system standard (MSS), ISO 37001 specifies the requirements and provides guidance for the establishment, implementation, monitoring, maintenance, and continual improvement of an ABMS.

An ABMS based on ISO 37001 is intended to help organizations effectively prevent, detect, and respond to bribery. Other forms of corruption, such as fraud, are not covered by the standard. The requirements of the standard are generic and applicable to all organizations, regardless of their type, size, and sector (public, private, or not-for-profit). Furthermore, ISO 37001 can be used to tackle bribery by or of the organization as well as direct and indirect bribery.

ISO 37001 follows the High-Level Structure (HLS) and shares the common terminology with other management system standards developed by ISO. This means that an ABMS can either be established as a stand-alone management system, be part of an overall compliance management system based on ISO 37301 or be integrated with other management systems based on standards such as ISO 37002, ISO 9001, and ISO 45001.

ISO 37001 Foundation

This training course is designed to help participants understand the fundamental concepts and principles of an anti-bribery management system (ABMS) based on ISO 37001. By attending this training course, participants will learn more about the structure and requirements of the standard for an ABMS, including the anti-bribery policy, the top management’s leadership and commitment, processes related to specific controls such as due diligence, financial and non-financial controls, gifts, hospitality, and donations, as well as performance evaluation and continual improvement processes.

Duration – 2 Days
CPD Certification (Credits) – 14
Certification Body: PECB, Canada
Exam Duration – 1 Hour
Retake Exam – Yes

ISO 37001 Lead Implementer

The benefits of implementing an anti-bribery management system (ABMS) based on ISO 37001 are manifold: helping the organization avoid or mitigate the costs, risks, and damage of involvement in bribery, promoting trust and confidence, encouraging due diligence and ethically sound business dealings, etc. To gain such benefits for your organization, you must be equipped with the knowledge and skills required to establish, implement, manage, maintain, and continually improve an ABMS. ISO 37001 Lead Implementer training course is the right place to be. The training course aims to provide in-depth understanding of ISO 37001 requirements, as well as the best practices and approaches used for the implementation and subsequent maintenance of the management system.

By attending the training course, you can help organizations comply with anti-bribery laws, as well as establish controls within the organization that proactively contribute to combating bribery and contribute to the creation of a culture of integrity, transparency, openness, and compliance.

Duration – 4 Days
CPD Certification (Credits) – 31
Certification Body: PECB, Canada
Exam Duration – 3 Hours
Retake Exam – Yes

ISO 37001 Lead Auditor

The Certified ISO 37001 Lead Auditor training course provides the necessary knowledge and skills that enable you to perform anti-bribery management system (ABMS) audits by applying widely recognized audit principles, procedures, and techniques.

Many organizations seek competent auditors to determine whether the policies and anti-bribery controls, implemented as part of an ISO 37001-based ABMS, are effective. This training course aims to help you complete these tasks successfully and intends to reflect the importance of effective ABMS audits. Additionally, it aims to strengthen your knowledge and skills to plan and carry out ABMS audits in compliance with the guidelines for auditing management systems provided in ISO 19011 and the certification process described in ISO/IEC 17021-1.

The exercises, quizzes, and case studies provided are designed to help you practice the most important aspects of an ABMS audit: ISO 37001 requirements, auditing principles, tools and techniques used to obtain evidence, leading a team of auditors, conducting interviews with auditee, reviewing documented information, drafting nonconformity reports, and preparing the final audit report.

Duration – 4 Days
CPD Certification (Credits) – 31
Certification Body: PECB, Canada
Exam Duration – 3 Hours
Retake Exam – Yes

ISO 37301 – Compliance Management

ISO 37301 is a Type A management system standard which sets out the requirements and provides guidelines for establishing, developing, implementing, evaluating, maintaining, and continually improving a compliance management system (CMS). A CMS provides organizations a structured approach to meet all compliance obligations, i.e., requirements that they mandatorily must comply with such as laws, regulations, court rulings, permits, licenses, as well as those that they voluntarily choose to comply with such as internal policies and procedures, codes of conduct, standards, and agreements with communities or NGOs.

ISO 37301 can be applied to all organizations, regardless of their size, nature, or complexity of activity. CMS is based upon the principles of integrity, good governance, proportionality, transparency, accountability, and sustainability.

ISO 37301 Foundation

The Certified ISO 37301 Foundation training course presents the basic concepts of compliance and the requirements of ISO 37301 for a compliance management system (CMS). In this training course, participants will learn about the various aspects of a CMS, including the compliance policy, compliance culture, compliance risk assessment, operational controls, performance measurements, leadership and commitment, internal audit, management review, and continual improvement.

Duration – 2 Days
CPD Certification (Credits) – 14
Certification Body: PECB, Canada
Exam Duration – 1 Hour
Retake Exam – Yes

ISO 37301 Lead Implementer

The benefits of implementing a compliance management system (CMS) based on ISO 37301 are manifold: helping the organization avoid or mitigate the costs, risks, and damage of noncompliance, ensuring the long-term sustainability of the organization, promoting trust and confidence, encouraging good governance practices, due diligence, and ethically sound business dealings, etc.

The ISO 37301 Lead Implementer training course provides the knowledge needed to establish, implement, manage, maintain, and continually improve a CMS. It aims to provide an in-depth understanding of ISO 37301 requirements, as well as the best practices and approaches used for the implementation and subsequent maintenance of the compliance management system.

The training course enable organizations establish processes needed to adhere to all compliance obligations and establish controls that proactively prevent noncompliance and contribute to the creation of a culture of integrity, transparency, and openness.

Duration – 4 Days
CPD Certification (Credits) – 31
Certification Body: PECB, Canada
Exam Duration – 3 Hours
Retake Exam – Yes

ISO 37301 Lead Auditor

The Certified 37301 Lead Auditor training course enables to develop the necessary competence to perform compliance management system (CMS) audits by applying widely recognized audit principles, procedures, and techniques.

Many organizations seek competent auditors to determine whether their policies, procedures, and controls adhere to ISO 37301 requirements. This training course aims to complete these tasks successfully and intends to reflect the importance of effective CMS audits. In addition, this training course aims to strengthen the knowledge and skills to plan and carry out CMS audits based on the guidelines for auditing management systems provided in ISO 19011 and the certification process described in ISO/IEC 17021-1.

This training course can potentially qualify to conduct audits on behalf of conformity assessment bodies.

Duration – 4 Days
CPD Certification (Credits) – 31
Certification Body: PECB, Canada
Exam Duration – 3 Hours
Retake Exam – Yes

ISO 37301 Transition

The ISO 37301 Transition training course enables to obtain a detailed understanding of the differences between ISO 37301 and ISO 19600 by making clause-by-clause comparisons to showcase the changes, updates, and new requirements of ISO 37301. As such, one should be able to support an organization in transitioning their CMS from ISO 19600 recommendations to ISO 37301 requirements.

Duration – 2 Days
CPD Certification (Credits) – 31
Certification Body: PECB, Canada
Exam Duration – 1 Hour
Retake Exam – Yes

ISO/IEC 38500 – IT Governance

ISO/IEC 38500 provides principles, definitions, and a model to help the governing bodies understand the importance of Information Technology (IT). This standard is intended to help all types of organizations in evaluating, directing, and monitoring the use of Information Technology (IT), regardless of the degree of IT usage. It consists of management practices and decisions associated with the current and future use of IT. The purpose of this standard is to promote an effective, efficient, and acceptable use of IT in all organizations by informing and guiding governing bodies in governing the IT use and establishing an IT governance vocabulary.

ISO/IEC 38500 assists governing bodies to ensure that the use of IT contributes positively to the performance of the organization. Therefore, by fulfilling ISO/IEC 38500 requirements, the organizations can monitor IT usage, ensure business continuity and sustainability, align IT with business needs and ensure appropriate implementation and operation of IT assets.

Moreover, this standard will help to obtain the necessary expertise and knowledge to support organizations in establishing, implementing, and continually improving a framework that complies with the principles and the model for good IT governance set by ISO/IEC 38500. It also enables you to gain the necessary skills to manage risks, encourage the exploitation of opportunities arising from the use of IT, and avoid inadequate application of ISO/IEC 38500 principles and IT systems. This standard allows you to understand the business strategy and align it with the technology strategy and advise the company on best practices of IT Governance.

ISO/IEC 38500 IT Corporate Governance Manager

ISO/IEC 38500 IT Governance Manager training enables you to gain a thorough understanding of the core principles for good governance of IT based on ISO/IEC 38500. During this training course, you will also acquire the necessary knowledge to support an organization to apply and manage the ISO/IEC 38500 Evaluate-Direct-Monitor model.

Duration – 3 Days
CPD Certification (Credits) – 31
Certification Body: PECB, Canada
Exam Duration – 3 Hours
Retake Exam – Yes

ISO/IEC 38500 Lead IT Corporate Governance Manager

ISO/IEC 38500 Lead IT Corporate Governance Manager training enables you to acquire the expertise to support and lead an organization to successfully evaluate, direct and monitor an IT Governance model based on ISO/IEC 38500. During this training course, you will also gain comprehensive knowledge of the best practices and core principles of IT Governance and be able to effectively apply them in an organization to ensure good governance of IT.

Duration – 4 Days
CPD Certification (Credits) – 31
Certification Body: PECB, Canada
Exam Duration – 3 Hours
Retake Exam – Yes

CGEIT

ISACA’s Certified in the Governance of Enterprise IT (CGEIT) certification is framework agnostic and the only IT governance certification for the individual. CGEIT can put you in the role of a trusted advisor to your enterprise!

ISACA’s Certified in the Governance of Enterprise IT (CGEIT) certification is for those aspiring for executive positions. CGEIT empowers you to handle the governance of an entire organization and consider a move to the C-suite if you are not already there.

ISACA’s Certified in the Governance of Enterprise IT (CGEIT) certified professionals can enhance the strategic value they bring to organizations.

CGEIT holders bring the knowledge and experience needed to align IT with business strategies and goals, manage IT investments to maximize return on investment, and strive for excellence in IT operations and governance while minimizing risk.

Duration – 4 Days
Exam Duration – 4 Hours
Exam Format – MCQ (150 Questions)
Certification Body – ISACA, USA

COBIT 2019

The COBIT Foundation Certificate Exam ensures that you understand:

How To Align IT Goals With Strategic Business Objectives Using Tools Designed To Give Governance A Wider Perspective, And Practitioners More Flexibility.
The Value Derived From IT, Necessary Resources, And Potential Risks In The Process Of Building A Mature Relationship Between The Business And IT.
The Different Types Of IT Governance Frameworks Such As ITIL, NIST Etc., Including The Benefits Of Each And How They Work.

COBIT® provides the guidance and means to build and sustain a best-fit governance system that aligns with major related standards, frameworks, and regulations. The COBIT framework is also very relevant to the modern enterprise—bringing structure to decision making and assisting in the creation of a more agile governance system. COBIT provides the latest thinking in Enterprise Governance of Information & Technology (EGIT) and is a comprehensive repository of guidance, tools, models, and resources to help business leaders achieve their objectives for effective I&T governance.

Duration – 3 Days
Of Questions – 75
Exam Length – 2 Hours
Passing Score – 65%
Certification Body – ISACA, USA

IT Risk Fundamentals

Every enterprise experience risk. Risk is the result of uncertainties that an enterprise is exposed to that threaten its ability to achieve its business goals and objectives. ISACA®’s IT Risk Fundamentals Certificate and related training is ideal for professionals who wish to learn about risk and information and technology (I&T)-related risk, who currently interact with risk professionals, or are new to risk and interested in working as a risk or IT Risk profession. Affirm your foundational knowledge of risk that is related to I&T.

The IT Risk Fundamentals Certificate Exam will teach you:

Risk Terminology And Types Of Risk
Risk-Related Business Functions
Risk Management Process
Governance And Management Of Risk
Identifying Risk
Assessing And Analyzing Risk
Responding To Risk
Monitoring, Reporting, And Communicating Risk
Duration – 3 Days
Of Questions – 75
Exam Length – 2 Hours
Passing Score – 65%
Certification Body – ISACA, USA

ITIL

ITIL 4 Foundation introduces delegates to the Service Value System (SVS) which describes how all the components and activities of the organization work together as a system to enable value creation. The ITIL SVS supports many work approaches, such as Agile, DevOps and Lean as well as traditional process and project management, with a flexible value-oriented operating model.

At the end of the course, the delegates will gain competencies in

Key Concepts In The ITIL 4 Framework That Build Upon Lean, Agile, DevOps, And Other Practices, And How These Enable Business Value To Be Co-Created
The Seven Guiding Principles Of ITIL 4
ITIL Service Value System
The Four Dimensions Of Service Management
The ITIL Practices, With A Focus On 18 Of These, Of Which 7 Will Be Covered In Detail
Duration – 2 Days
Of Questions – 40
Exam Length – 1 Hour
Passing Score – 65%
Certification Body – Axelos