The increase of cyberattacks has led to the disruption of business processes; therefore, information security, business continuity, and risk management have become crucial.
Amongst others, the webinar covers:
• Main changes in the ISO 27002:2022
• Business Continuity’s Role in Cybersecurity and Vice Versa
• Cyber Security vs Information Security
• Value of a Business Continuity Management System
• Advantages of Business Continuity
• Principles of Risk Management
Presenters:
Rinske Geerlings
Rinske is an internationally known consultant, speaker and certified Business Continuity, Information Security & Risk Management trainer.
She was awarded Alumnus of the Year 2012 of Delft University, Australian Business Woman of the Year 2010-13 by BPW, Risk Consultant of the Year 2017 (RMIA/Australasia) and Outstanding Security Consultant 2019 Finalist (OSPAs)
Rinske has consulted to the Department of Prime Minister & Cabinet, 15 Central Banks, APEC, BBC, Shell, Fuji Xerox, NIB Health Funds, ASIC, Departments of Defense, Immigration, Health, Industry, Education, Foreign Affairs and 100s of other public and private organizations across 5 continents.
She has been changing the way organizations ‘plan for the unexpected’. Her facilitation skills enable organizations to achieve their own results and simplify their processes. She applies a fresh, energetic, fun, practical, easy-to-apply, innovative approach to BCM, Security, and Risk.
Michael Kamau Kiiru
Michael Kamau Kiiru is an experienced Risk Manager and Trainer specializing in Enterprise risk management and Business Continuity Management. He has a wide knowledge of training, implementation, maintenance, and continual improvement of business management frameworks across various industries in his career of 7 years.
He is currently a senior consultant at Sentinel Africa where he leads projects in risk management and business continuity management across Africa.
He is a certified ISO 31000 Lead Risk Manager, ISO 22301 Business Continuity Lead Implementer, ISO 9001 Quality Management System Lead implementer, and ISO 27032 Provisional Cybersecurity Manager.
Betty A. Kildow, FBCI, CBCP
Betty specializes in Business Continuity and Supply Chain Continuity Consulting for over twenty years, working with a wide-ranging variety of businesses and organizations. She is a PECB ISO-22301 Master, ISO-28000 Lead Implementer and Lead Auditor, and Certified Trainer, as well as a Certified Business Continuity Professional (CBCP) and a Fellow of the Business Continuity Institute (FBCI). Betty is a frequent conference speaker, a skilled trainer, and has written articles that have appeared in professional publications in North America, Europe, and Asia.
Date: April 20, 2022
YouTube video: https://youtu.be/i-Kd6IAB79M
A business continuity challenge - Joseph ThomasBCM Institute
The document discusses business continuity and the importance of business continuity management systems (BCMS). It outlines some key benefits of an effective BCMS, including organizational survival during disruptions, increased stakeholder confidence, and competitive advantages. It also describes some common business drivers for implementing a BCMS, such as legislation, customer requirements, and protecting reputation. Additionally, the document outlines some typical stages in establishing an effective BCMS based on standard 25999, including understanding organizational risks and impacts, developing response strategies and plans, and exercising and reviewing the system.
A quality consultant, just a call away 9810059019
we help you to attain world class certification like
-----------------------------------------
ISO9001:2008- Quality Management System
ISO/TS 16949:2009- QMS for automotive
ISO 14001:2004- Environmental Management System
ISO 27001: 2005 - Information Security
OHSAS 18001:2007- Occupational Health and Safety
SA8000- Social Accountability
ISO 10001- Customer satisfaction Measurement
CMMI for software and Services
--------------------------------------------------
Export management, advisory, coaching, export marketing plan, export audit, international trade fair preparation and participation
---------------------------------------------------
We provide training on -------------------
--------------------------------------------------
Internal Audutors for Quality, EMS, OHSAS
Problem solving techniques
Statistical Process Control
Lean Manufacturing
5S, KANBAN, JIT, TPM, Total quality Management
Customer Satisfaction Measurement
Productvity Improvement
Cost of Quality
Client: Government, Public and Private Sectors, Institutes
SpecialtiesISO System Development and Certification, Coaching, Counselling,Support and Certifications. Export Marketing, Intercultural Communication, Institutional Capacity Building, Trade Promotion to European Union, Sustainable Development, Process Improvement and Chane Management
Continuity & Resilience (CORE) is an ISO 22301 certified company that deals in Training and Consulting services in the niche area of Business Continuity Management (BCM), Crisis Management, IT Disaster Recovery, and Green IT/ Sustainability. In these areas we Consult, Train, Assess, and Audit. Our consultants have worked with professionals from India, UAE, USA, UK, Saudi Arabia, Iran, Bahrain, Oman, Mauritius, Malaysia, Singapore, Hong Kong, Egypt, Qatar etc. Our consultants and instructors have facilitated over 250 workshops/assignments and interacted with over 4000 professionals across the world.
CORE also provides advisory services in BCM/ IT DR Tools and Notification Systems. We provide customized E-learning solution for BCM and related domains.
The document discusses Zurich's Portfolio Management Office (PMO) expanding its services to take on more projects. It notes that Zurich undertakes various types of projects in response to regulatory changes, risks, upgrades, and to drive growth, customer experience, and efficiency. The PMO aims to become more strategic by increasing insights, creating capacity, centralizing processes, and standardizing governance. This will help deliver projects with more confidence by continuously assessing controls and risks. The PMO also wants to adapt its services to support non-IT changes and agile projects to help more areas of the business.
ISO 9001 (Quality Management) is the most widely used QMS standard in the world, with over 1 million certificates issued to organizations in 178 countries.
The key to any successful business is strong quality control. If you want your operation to thrive, your consumer base must be confident that the goods or services you offer meet or exceed standards.
This implementation guide will help you run through the benefits, PDCA Cycle and Annex SL structure in detail for implementing ISO 9001.
To learn more on ISO 9001:2015 visit our page here - https://www.nqa.com/en-gb/certification/standards/iso-9001
ISO 22222 - Achieving A Competitive Edge Presentation 2010Michelle Hoskin
Achieving a competitive edge is the only was to stay ahead. ISO 22222 supports this by allowing professional planners to differentiate and raise the bar for the benefit of themselves and their clients.
ISO 22301 Certification What You Need to Know.pdfOFFICE
ISO 22301, the international standard for business continuity management, provides a systematic approach to identifying potential threats, assessing their impact, and developing strategies to mitigate risks. Certification to ISO 22301 signifies that an organization has met the requirements and best practices outlined in the standard. It serves as a testament to your commitment to resilience, demonstrating to clients, partners, and stakeholders that your business is well-prepared for any adversity.
A business continuity challenge - Joseph ThomasBCM Institute
The document discusses business continuity and the importance of business continuity management systems (BCMS). It outlines some key benefits of an effective BCMS, including organizational survival during disruptions, increased stakeholder confidence, and competitive advantages. It also describes some common business drivers for implementing a BCMS, such as legislation, customer requirements, and protecting reputation. Additionally, the document outlines some typical stages in establishing an effective BCMS based on standard 25999, including understanding organizational risks and impacts, developing response strategies and plans, and exercising and reviewing the system.
A quality consultant, just a call away 9810059019
we help you to attain world class certification like
-----------------------------------------
ISO9001:2008- Quality Management System
ISO/TS 16949:2009- QMS for automotive
ISO 14001:2004- Environmental Management System
ISO 27001: 2005 - Information Security
OHSAS 18001:2007- Occupational Health and Safety
SA8000- Social Accountability
ISO 10001- Customer satisfaction Measurement
CMMI for software and Services
--------------------------------------------------
Export management, advisory, coaching, export marketing plan, export audit, international trade fair preparation and participation
---------------------------------------------------
We provide training on -------------------
--------------------------------------------------
Internal Audutors for Quality, EMS, OHSAS
Problem solving techniques
Statistical Process Control
Lean Manufacturing
5S, KANBAN, JIT, TPM, Total quality Management
Customer Satisfaction Measurement
Productvity Improvement
Cost of Quality
Client: Government, Public and Private Sectors, Institutes
SpecialtiesISO System Development and Certification, Coaching, Counselling,Support and Certifications. Export Marketing, Intercultural Communication, Institutional Capacity Building, Trade Promotion to European Union, Sustainable Development, Process Improvement and Chane Management
Continuity & Resilience (CORE) is an ISO 22301 certified company that deals in Training and Consulting services in the niche area of Business Continuity Management (BCM), Crisis Management, IT Disaster Recovery, and Green IT/ Sustainability. In these areas we Consult, Train, Assess, and Audit. Our consultants have worked with professionals from India, UAE, USA, UK, Saudi Arabia, Iran, Bahrain, Oman, Mauritius, Malaysia, Singapore, Hong Kong, Egypt, Qatar etc. Our consultants and instructors have facilitated over 250 workshops/assignments and interacted with over 4000 professionals across the world.
CORE also provides advisory services in BCM/ IT DR Tools and Notification Systems. We provide customized E-learning solution for BCM and related domains.
The document discusses Zurich's Portfolio Management Office (PMO) expanding its services to take on more projects. It notes that Zurich undertakes various types of projects in response to regulatory changes, risks, upgrades, and to drive growth, customer experience, and efficiency. The PMO aims to become more strategic by increasing insights, creating capacity, centralizing processes, and standardizing governance. This will help deliver projects with more confidence by continuously assessing controls and risks. The PMO also wants to adapt its services to support non-IT changes and agile projects to help more areas of the business.
ISO 9001 (Quality Management) is the most widely used QMS standard in the world, with over 1 million certificates issued to organizations in 178 countries.
The key to any successful business is strong quality control. If you want your operation to thrive, your consumer base must be confident that the goods or services you offer meet or exceed standards.
This implementation guide will help you run through the benefits, PDCA Cycle and Annex SL structure in detail for implementing ISO 9001.
To learn more on ISO 9001:2015 visit our page here - https://www.nqa.com/en-gb/certification/standards/iso-9001
ISO 22222 - Achieving A Competitive Edge Presentation 2010Michelle Hoskin
Achieving a competitive edge is the only was to stay ahead. ISO 22222 supports this by allowing professional planners to differentiate and raise the bar for the benefit of themselves and their clients.
ISO 22301 Certification What You Need to Know.pdfOFFICE
ISO 22301, the international standard for business continuity management, provides a systematic approach to identifying potential threats, assessing their impact, and developing strategies to mitigate risks. Certification to ISO 22301 signifies that an organization has met the requirements and best practices outlined in the standard. It serves as a testament to your commitment to resilience, demonstrating to clients, partners, and stakeholders that your business is well-prepared for any adversity.
[To download this presentation, visit: https://www.oeconsulting.com.sg/training-presentations]
ISO 22301:2019, Security and Resilience - Business Continuity Management System (BCMS), is the latest international standard for implementing and maintaining effective business continuity plans, systems and processes. This new standard replaces the old ISO 22301:2012.
This ISO 22301:2019 (BCMS) awareness PPT training presentation can be used to brief management and staff, new hires and potential auditees so as to create awareness of the ISO 22301:2019 standard. Alternatively, the presentation may be used to supplement your materials for the training of BCMS professionals and internal auditors.
LEARNING OBJECTIVES
1. Provide background knowledge of ISO 22301
2. Gain an overview of ISO 22301 structure and the certification process
3. Gather useful tips on handling an audit session
This document summarizes a presentation by Dhiraj Lal of Continuity and Resilience (CORE), an ISO 22301 certified consulting firm. CORE provides business continuity management, crisis management, IT disaster recovery, and cyber security consulting and training services. The presentation discusses CORE's methodology for business continuity implementation projects and provides case studies from past BCM engagements. It also describes CORE's range of specializations, training programs, tools support, and some of its clients.
Mahalakshmi has over 9 years of experience as an IT and Information Security Audit Manager. She has a Bachelor's degree in Information Technology and holds certifications including CISA, CISSP, Six Sigma Green Belt, and ALMI. Currently she works as an Audit Manager at Westpac Group, where her responsibilities include performing independent reviews and evaluations to assist management in developing and maintaining effective control frameworks. Previously she worked as a Senior IT Auditor at Allianz Australia and held various roles such as Information Security Manager and Audit and Compliance Manager at Tata Consultancy Services.
This document provides an overview and summary of key aspects of ISO 22301, the international standard for Business Continuity Management Systems (BCMS). It discusses the standard's main clauses on context of the organization, leadership, planning, support, operation, performance evaluation and improvement. The standard establishes requirements to help organizations plan for, respond to, and recover from disruptive events through a systematic business continuity management process.
This document provides an overview and guidance for implementing an ISO 9001:2015 quality management system. It discusses the key changes in the ISO 9001:2015 standard including adopting the Annex SL structure and a focus on risk-based thinking. The document covers the benefits of implementation, the PDCA cycle, auditing approaches, process-based thinking and the various sections of the ISO 9001:2015 standard.
LRQA considers whether the introduction of a common language across standards by ISO, a key component of the pending updates to ISO 9001 and ISO 14001 (among others), could be the catalyst for change towards integrated management systems as standard practice.
How to plan and manage a BCM and IT DR projectCORE Consulting
Continuity and Resilience (CORE), ISO 22301 BCM Consulting Firm Presentations by Speakers at the 1st KSA Business & IT Resilience Summit at Riyadh
http://coreconsulting.ae/
This document provides an overview of business continuity planning. It defines business continuity planning as identifying an organization's exposure to threats and developing effective prevention and recovery strategies. The main goal is to resume revenue-generating activity as quickly as possible after a disruption. The document discusses the differences between business continuity planning, emergency planning, and disaster recovery. It also outlines key aspects of developing a business continuity plan such as risk assessment, alternative work locations, essential functions, and supply chain preparedness. The presenter is the president of a local chapter of the Association of Contingency Planners.
Covidien, a global healthcare products company, is seeking an IT Quality Assurance and Compliance Manager in Whiteley, UK. The role will be responsible for establishing and maintaining all IS policies, processes, and standards, as well as conducting compliance audits and identifying areas for improvement. The ideal candidate will have proven experience in project management, service management, audit, and compliance standards, as well as previous management experience in an IT environment.
ISO certification in Dubai refers to the process of obtaining certification from the International Organization for Standardization (ISO) for adhering to specific quality management standards. ISO is a global standard-setting body composed of representatives from various national standards organizations, and it develops and publishes international standards to ensure the quality, safety, efficiency, and interoperability of products, services, and systems.
A Compact guide of ISO certification with quality process manualEstartupindia.com
Get in-depth knowledge of all the fundamental and key aspects of ISO certification along with a detailed manual on the quality process from this comprehensive ISO guide.
To know more go to below link-
https://www.e-startupindia.com/iso-certification.html
We provide professional services in the areas of responsible business, business excellence and risk management through Assessment, Consulting, Training, and Certification & Assurance. Our reputation as an independent body and advisory firm with high integrity and work standards-has been built up since 2008.
We offer our services in the areas like Occupational Health & Safety, Environment Protection, Corporate Social Responsibility, Sustainability, Management Systems, Organizational Development, Food Safety, Renewable Energy, Climate change, Inspection, Conformity Assurance, Training and Human Capital Development.
We are uniquely placed to offer advice and assurance services free from commercial constraints and to finding ways to improve business performances. Our clients range from local businesses to multinational companies. All services are focused towards one single purpose - Improvement in Business Performance.
QMSCAT is a management consulting firm that provides ISO certification consulting, training, and auditing services. They conduct gap analyses to develop customized management systems for clients and train employees on implementation and auditing. QMSCAT aims to help businesses achieve ISO certification to increase competitiveness and profitability through quality and efficient processes.
This document provides an overview of ISO 9001 and the benefits of certification. It discusses what ISO 9001 is, who it is for, why organizations introduce and become certified to ISO 9001, and the evolution of the standard over time. Key benefits mentioned include improved customer satisfaction, operational efficiencies, and competitive advantage in global markets. Common nonconformities and areas for improvement are also outlined.
Leading player in Energy and Sustainability Services
Led more than 500 sustainability service offerings( CSR, EIAs, LCAs, CDM, Environmental Finance etc.)
Sectors( Energy and Infrastructure, Mines and Metals, Manufacturing, Habitats, Forestry, Agriculture) and
Geographies (India, Srilanka, Thailand, Philippines, Indonesia, Nigeria, Kenya, Tanzania)
Clients (Governments, Multilaterals, UN, Business groups, NGOs)
Delivered more than 500 million USD benefits to clients
Operating across India, South East Asia and Africa
The presentation is about the benefits of applying for the International Organization for Standardization(ISO) for Lean.
This standard will help healthcare and allied industries to create Lean capability in their organisations and accelerate process improvements. Ultimately it improves quality of services, improves reputation, reduces costs, avoids future costs and/or improves revenue.
ISO 22301 leadership buy in presentationQualsys Ltd
ISO 22301 Leadership buy-in presentation. Demonstrate your leadership skills with this ISO 22301 business continuity management system leadership buy-in presentation. This explains why business continuity is essential, why follow ISO 22301 and the resources required to get your business continuity management system established.
CAW Certification Services provides ISO certification services for businesses. Their mission is to provide a cost-effective certification solution that is achievable for all businesses regardless of size or sector. Their unique process is designed to help clients meet certification requirements and continually improve. They offer services like gap analyses, stage 1 and 2 audits, and provide certification packages that include reports, improvement plans, and awards upon completion. Their auditors are experienced experts who aim to help clients improve their businesses during the certification process.
ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...PECB
Denis is a dynamic and results-driven Chief Information Officer (CIO) with a distinguished career spanning information systems analysis and technical project management. With a proven track record of spearheading the design and delivery of cutting-edge Information Management solutions, he has consistently elevated business operations, streamlined reporting functions, and maximized process efficiency.
Certified as an ISO/IEC 27001: Information Security Management Systems (ISMS) Lead Implementer, Data Protection Officer, and Cyber Risks Analyst, Denis brings a heightened focus on data security, privacy, and cyber resilience to every endeavor.
His expertise extends across a diverse spectrum of reporting, database, and web development applications, underpinned by an exceptional grasp of data storage and virtualization technologies. His proficiency in application testing, database administration, and data cleansing ensures seamless execution of complex projects.
What sets Denis apart is his comprehensive understanding of Business and Systems Analysis technologies, honed through involvement in all phases of the Software Development Lifecycle (SDLC). From meticulous requirements gathering to precise analysis, innovative design, rigorous development, thorough testing, and successful implementation, he has consistently delivered exceptional results.
Throughout his career, he has taken on multifaceted roles, from leading technical project management teams to owning solutions that drive operational excellence. His conscientious and proactive approach is unwavering, whether he is working independently or collaboratively within a team. His ability to connect with colleagues on a personal level underscores his commitment to fostering a harmonious and productive workplace environment.
Date: May 29, 2024
Tags: Information Security, ISO/IEC 27001, ISO/IEC 42001, Artificial Intelligence, GDPR
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: ISO/IEC 27001 Information Security Management System - EN | PECB
ISO/IEC 42001 Artificial Intelligence Management System - EN | PECB
General Data Protection Regulation (GDPR) - Training Courses - EN | PECB
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
Slideshare: http://www.slideshare.net/PECBCERTIFICATION
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
The global implications of DORA and NIS 2 Directive are significant, extending beyond the European Union.
Amongst others, the webinar covers:
• DORA and its Implications
• Nis 2 Directive and its Implications
• How to leverage directive and regulation as a marketing tool and competitive advantage
• How to use new compliance framework to request additional budget
Presenters:
Christophe Mazzola - Senior Cyber Governance Consultant
Armed with endless Excel files, a meme catalog worthy of the best X'os (formerly twittos), and a risk register to make your favorite risk manager jealous, I swapped my computer scientist cape a few years ago for that of a (cyber) threat hunter with the honorary title of CISO.
Ah, and I am also a quadruple senior certified ISO27001/2/5, Pas mal non ? C'est francais.
Malcolm Xavier
Malcolm Xavier has been working in the Digital Industry for over 18 Years now. He has worked with Global Clients in South Africa, United States and United Kingdom. He has achieved Many Professional Certifications Like CISSP, Google Cloud Practitioner, TOGAF, Azure Cloud, ITIL v3 etc.
His core competencies include IT strategy, cybersecurity, IT infrastructure management, data center migration and consolidation, data protection and compliance, risk management and governance, and IS program development and management.
Date: April 25, 2024
Tags: Information Security, Digital Operational Resilience Act (DORA)
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: Digital Operational Resilience Act (DORA) - EN | PECB
NIS 2 Directive - EN | PECB
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
Whitepaper: https://pecb.com/whitepaper
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
Slideshare: http://www.slideshare.net/PECBCERTIFICATION
More Related Content
Similar to ISO/IEC 27001 vs ISO 22301 vs ISO 31000: What you need to know
[To download this presentation, visit: https://www.oeconsulting.com.sg/training-presentations]
ISO 22301:2019, Security and Resilience - Business Continuity Management System (BCMS), is the latest international standard for implementing and maintaining effective business continuity plans, systems and processes. This new standard replaces the old ISO 22301:2012.
This ISO 22301:2019 (BCMS) awareness PPT training presentation can be used to brief management and staff, new hires and potential auditees so as to create awareness of the ISO 22301:2019 standard. Alternatively, the presentation may be used to supplement your materials for the training of BCMS professionals and internal auditors.
LEARNING OBJECTIVES
1. Provide background knowledge of ISO 22301
2. Gain an overview of ISO 22301 structure and the certification process
3. Gather useful tips on handling an audit session
This document summarizes a presentation by Dhiraj Lal of Continuity and Resilience (CORE), an ISO 22301 certified consulting firm. CORE provides business continuity management, crisis management, IT disaster recovery, and cyber security consulting and training services. The presentation discusses CORE's methodology for business continuity implementation projects and provides case studies from past BCM engagements. It also describes CORE's range of specializations, training programs, tools support, and some of its clients.
Mahalakshmi has over 9 years of experience as an IT and Information Security Audit Manager. She has a Bachelor's degree in Information Technology and holds certifications including CISA, CISSP, Six Sigma Green Belt, and ALMI. Currently she works as an Audit Manager at Westpac Group, where her responsibilities include performing independent reviews and evaluations to assist management in developing and maintaining effective control frameworks. Previously she worked as a Senior IT Auditor at Allianz Australia and held various roles such as Information Security Manager and Audit and Compliance Manager at Tata Consultancy Services.
This document provides an overview and summary of key aspects of ISO 22301, the international standard for Business Continuity Management Systems (BCMS). It discusses the standard's main clauses on context of the organization, leadership, planning, support, operation, performance evaluation and improvement. The standard establishes requirements to help organizations plan for, respond to, and recover from disruptive events through a systematic business continuity management process.
This document provides an overview and guidance for implementing an ISO 9001:2015 quality management system. It discusses the key changes in the ISO 9001:2015 standard including adopting the Annex SL structure and a focus on risk-based thinking. The document covers the benefits of implementation, the PDCA cycle, auditing approaches, process-based thinking and the various sections of the ISO 9001:2015 standard.
LRQA considers whether the introduction of a common language across standards by ISO, a key component of the pending updates to ISO 9001 and ISO 14001 (among others), could be the catalyst for change towards integrated management systems as standard practice.
How to plan and manage a BCM and IT DR projectCORE Consulting
Continuity and Resilience (CORE), ISO 22301 BCM Consulting Firm Presentations by Speakers at the 1st KSA Business & IT Resilience Summit at Riyadh
http://coreconsulting.ae/
This document provides an overview of business continuity planning. It defines business continuity planning as identifying an organization's exposure to threats and developing effective prevention and recovery strategies. The main goal is to resume revenue-generating activity as quickly as possible after a disruption. The document discusses the differences between business continuity planning, emergency planning, and disaster recovery. It also outlines key aspects of developing a business continuity plan such as risk assessment, alternative work locations, essential functions, and supply chain preparedness. The presenter is the president of a local chapter of the Association of Contingency Planners.
Covidien, a global healthcare products company, is seeking an IT Quality Assurance and Compliance Manager in Whiteley, UK. The role will be responsible for establishing and maintaining all IS policies, processes, and standards, as well as conducting compliance audits and identifying areas for improvement. The ideal candidate will have proven experience in project management, service management, audit, and compliance standards, as well as previous management experience in an IT environment.
ISO certification in Dubai refers to the process of obtaining certification from the International Organization for Standardization (ISO) for adhering to specific quality management standards. ISO is a global standard-setting body composed of representatives from various national standards organizations, and it develops and publishes international standards to ensure the quality, safety, efficiency, and interoperability of products, services, and systems.
A Compact guide of ISO certification with quality process manualEstartupindia.com
Get in-depth knowledge of all the fundamental and key aspects of ISO certification along with a detailed manual on the quality process from this comprehensive ISO guide.
To know more go to below link-
https://www.e-startupindia.com/iso-certification.html
We provide professional services in the areas of responsible business, business excellence and risk management through Assessment, Consulting, Training, and Certification & Assurance. Our reputation as an independent body and advisory firm with high integrity and work standards-has been built up since 2008.
We offer our services in the areas like Occupational Health & Safety, Environment Protection, Corporate Social Responsibility, Sustainability, Management Systems, Organizational Development, Food Safety, Renewable Energy, Climate change, Inspection, Conformity Assurance, Training and Human Capital Development.
We are uniquely placed to offer advice and assurance services free from commercial constraints and to finding ways to improve business performances. Our clients range from local businesses to multinational companies. All services are focused towards one single purpose - Improvement in Business Performance.
QMSCAT is a management consulting firm that provides ISO certification consulting, training, and auditing services. They conduct gap analyses to develop customized management systems for clients and train employees on implementation and auditing. QMSCAT aims to help businesses achieve ISO certification to increase competitiveness and profitability through quality and efficient processes.
This document provides an overview of ISO 9001 and the benefits of certification. It discusses what ISO 9001 is, who it is for, why organizations introduce and become certified to ISO 9001, and the evolution of the standard over time. Key benefits mentioned include improved customer satisfaction, operational efficiencies, and competitive advantage in global markets. Common nonconformities and areas for improvement are also outlined.
Leading player in Energy and Sustainability Services
Led more than 500 sustainability service offerings( CSR, EIAs, LCAs, CDM, Environmental Finance etc.)
Sectors( Energy and Infrastructure, Mines and Metals, Manufacturing, Habitats, Forestry, Agriculture) and
Geographies (India, Srilanka, Thailand, Philippines, Indonesia, Nigeria, Kenya, Tanzania)
Clients (Governments, Multilaterals, UN, Business groups, NGOs)
Delivered more than 500 million USD benefits to clients
Operating across India, South East Asia and Africa
The presentation is about the benefits of applying for the International Organization for Standardization(ISO) for Lean.
This standard will help healthcare and allied industries to create Lean capability in their organisations and accelerate process improvements. Ultimately it improves quality of services, improves reputation, reduces costs, avoids future costs and/or improves revenue.
ISO 22301 leadership buy in presentationQualsys Ltd
ISO 22301 Leadership buy-in presentation. Demonstrate your leadership skills with this ISO 22301 business continuity management system leadership buy-in presentation. This explains why business continuity is essential, why follow ISO 22301 and the resources required to get your business continuity management system established.
CAW Certification Services provides ISO certification services for businesses. Their mission is to provide a cost-effective certification solution that is achievable for all businesses regardless of size or sector. Their unique process is designed to help clients meet certification requirements and continually improve. They offer services like gap analyses, stage 1 and 2 audits, and provide certification packages that include reports, improvement plans, and awards upon completion. Their auditors are experienced experts who aim to help clients improve their businesses during the certification process.
Similar to ISO/IEC 27001 vs ISO 22301 vs ISO 31000: What you need to know (20)
ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...PECB
Denis is a dynamic and results-driven Chief Information Officer (CIO) with a distinguished career spanning information systems analysis and technical project management. With a proven track record of spearheading the design and delivery of cutting-edge Information Management solutions, he has consistently elevated business operations, streamlined reporting functions, and maximized process efficiency.
Certified as an ISO/IEC 27001: Information Security Management Systems (ISMS) Lead Implementer, Data Protection Officer, and Cyber Risks Analyst, Denis brings a heightened focus on data security, privacy, and cyber resilience to every endeavor.
His expertise extends across a diverse spectrum of reporting, database, and web development applications, underpinned by an exceptional grasp of data storage and virtualization technologies. His proficiency in application testing, database administration, and data cleansing ensures seamless execution of complex projects.
What sets Denis apart is his comprehensive understanding of Business and Systems Analysis technologies, honed through involvement in all phases of the Software Development Lifecycle (SDLC). From meticulous requirements gathering to precise analysis, innovative design, rigorous development, thorough testing, and successful implementation, he has consistently delivered exceptional results.
Throughout his career, he has taken on multifaceted roles, from leading technical project management teams to owning solutions that drive operational excellence. His conscientious and proactive approach is unwavering, whether he is working independently or collaboratively within a team. His ability to connect with colleagues on a personal level underscores his commitment to fostering a harmonious and productive workplace environment.
Date: May 29, 2024
Tags: Information Security, ISO/IEC 27001, ISO/IEC 42001, Artificial Intelligence, GDPR
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: ISO/IEC 27001 Information Security Management System - EN | PECB
ISO/IEC 42001 Artificial Intelligence Management System - EN | PECB
General Data Protection Regulation (GDPR) - Training Courses - EN | PECB
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
Slideshare: http://www.slideshare.net/PECBCERTIFICATION
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
The global implications of DORA and NIS 2 Directive are significant, extending beyond the European Union.
Amongst others, the webinar covers:
• DORA and its Implications
• Nis 2 Directive and its Implications
• How to leverage directive and regulation as a marketing tool and competitive advantage
• How to use new compliance framework to request additional budget
Presenters:
Christophe Mazzola - Senior Cyber Governance Consultant
Armed with endless Excel files, a meme catalog worthy of the best X'os (formerly twittos), and a risk register to make your favorite risk manager jealous, I swapped my computer scientist cape a few years ago for that of a (cyber) threat hunter with the honorary title of CISO.
Ah, and I am also a quadruple senior certified ISO27001/2/5, Pas mal non ? C'est francais.
Malcolm Xavier
Malcolm Xavier has been working in the Digital Industry for over 18 Years now. He has worked with Global Clients in South Africa, United States and United Kingdom. He has achieved Many Professional Certifications Like CISSP, Google Cloud Practitioner, TOGAF, Azure Cloud, ITIL v3 etc.
His core competencies include IT strategy, cybersecurity, IT infrastructure management, data center migration and consolidation, data protection and compliance, risk management and governance, and IS program development and management.
Date: April 25, 2024
Tags: Information Security, Digital Operational Resilience Act (DORA)
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: Digital Operational Resilience Act (DORA) - EN | PECB
NIS 2 Directive - EN | PECB
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
Whitepaper: https://pecb.com/whitepaper
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
Slideshare: http://www.slideshare.net/PECBCERTIFICATION
DORA, ISO/IEC 27005, and the Rise of AI: Securing the Future of CybersecurityPECB
In an era where digital transformation is inevitable, the landscape of cybersecurity is constantly evolving.
Amongst others, the webinar covers:
• DORA and its Implications
• ISO/IEC 27005: Risk Management in Information Security
• Leveraging Artificial Intelligence for Enhanced Cybersecurity
Presenters:
Geoffrey L. Taylor - Director of Cybersecurity
Geoffrey Taylor brings a wealth of experience from multiple roles within various industries throughout his career. As a Certified ISO 27001 Implementer and Auditor, as well as certified ISO 27005, CISM and CRISC, he brings a unique perspective on cybersecurity strategy, risk management and the implementation of an Information Security Management System, having helped multiple organizations in aligning their strategy based on their threat landscape.
Martin Tully - Senior Cyber Governance Consultant
Martin is a Senior Consultant at CRMG with over twenty years of experience, and has previously been employed at two of the ‘Big Four’ professional services firms. Martin has worked across most industry sectors in the development of the best practice guidance and risk analysis methodologies. Martin is also accomplished at: leading the implementation of an ISMS; delivering a number of information risk assessments; reviewing information security policies; assessing security requirements across the supply chain; and updating a complete framework of supporting standards. Prior to the ISF, Martin’s roles have included delivering operational risk reporting, running research projects and benchmarking information security investments for major clients. Martin holds a Bachelors degree from Royal Holloway University of London.
Date: March 27, 2024
Tags: ISO, ISO/IEC 27005, ISO/IEC 42001, Artificial Intelligence, Information Security, Digital Operational Resilience Act (DORA)
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: ISO/IEC 27005 Information Security Risk Management - EN | PECB
ISO/IEC 42001 Artificial Intelligence Management System - EN | PECB
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
Whitepaper: https://pecb.com/whitepaper
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
Slideshare: http://www.slideshare.net/PECBCERTIFICATION
YouTube video: https://youtu.be/ffX-Xbw7XUk
Securing the Future: ISO/IEC 27001, ISO/IEC 42001, and AI GovernancePECB
In today’s rapidly evolving world, where Artificial Intelligence (AI) not only drives innovation but also presents unique challenges and opportunities, staying ahead means being informed.
Amongst others, the webinar covers:
• ISO/IEC 27001 and ISO/IEC 42001 and their key components
• Latest trends in AI Governance
• Ethical AI practices
• Benefits of Certification
Presenters:
Jeffrey Bankard - Cybersecurity & AI Leader, AI Management Systems: ISO/IEC 42001
Jeffrey provides executive leadership for AI product creation through the product incubation unit (PIU). Ensures the timely delivery of AI consulting engagements through cross-functional teams comprised of senior information and network security leaders to establish strategic goals for improving the security architecture and risk posture for clients. Consults with business leaders to define key performance indicators and service levels. Fosters employee development through mentoring and coaching. Decides how to achieve results within the organization’s strategic plans, policies, and guidelines. Develops new products and secures those products through current AI security guidelines (ISO 42001).
Adrian Resag - Experienced in Risk and Control - ISO/IEC 27001 and ISO/IEC 42001
Adrian believes a stimulating career can span many disciplines and that leading organizations value versatile professionals. He has enjoyed managing teams spanning the globe by working in world-leading organizations as Chief Audit Executive, Head of Risk Management, Information Systems Auditor, Head of Internal Control, as a consultant, a statutory auditor and an accountant. To allow such a diverse career, his approach has been to pursue certifications in many fields (making him one of the most qualified and certified in some of them). He has written books and created professional certifications in audit & assurance and compliance & ethics, and teaches in subjects from information security to risk management. With a passion for education, Adrian founded an educational institution and has taught tens of thousands of students and professionals online, in companies, universities and in governmental organizations.
Date: February 28, 2024
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: ISO/IEC 27001 Information Security Management System - EN | PECB
ISO/IEC 42001 Artificial Intelligence Management System - EN | PECB
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
Whitepaper: https://pecb.com/whitepaper
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
YouTube video: https://youtu.be/DujXaxBhhRk
The importance of a robust cybersecurity strategy cannot be overstated. Learning on the effective measures to be taken and tools needed to navigate the evolving cybersecurity landscape successfully is essential.
Amongst others, the webinar covers:
• ISO/IEC 27002 and ISO/IEC 27032 and their key components
• Key Components of a Resilient Cybersecurity Strategy
• CMMC Frameworks
Presenters:
Dr. Oz Erdem
Governance, Risk and Compliance (GRC) consultant, trainer, auditor, and speaker
Dr. Erdem has over 25 years of experience in information security, trade compliance, data privacy, and risk management. He took leadership roles in governance and compliance at various Fortune 100-500 companies and SMBs, including Siemens Corporation, Siemens Industry, Linqs, Texas Instruments, Rtrust, ICEsoft Technologies, NATO C3A, and BILGEM. In addition, successfully managed software development (i.e., embedded, cloud, and SaaS) and digital product projects involving information security, mobile networks, and IoT networks. Further, Dr. Erdem led several non-profit organizations, such as National Association of District Export Councils (NADEC), Government Contractors Council (GovConCouncil), and Central-North Florida District Export Council as the Chairman of the Board.
Peter Geelen
Peter Geelen is the director and managing consultant at CyberMinute and Owner of Quest for Security, Belgium. Over more than 20 years, Peter has built strong experience in enterprise security & architecture, Identity & Access management, but also privacy, information & data protection, cyber- and cloud security. Last few years, the focus is on ISO/IEC 27001 and other ISO certification mechanisms. Peter is accredited Lead Auditor for ISO/IEC 27001, ISO 9001, PECB Trainer and Fellow in Privacy. Committed to continuous learning, Peter holds renowned security certificates as certified ISO/IEC 27701 lead implementer and lead auditor, ISO/IEC 27001 Master, Sr. Lead Cybersecurity Manager, ISO/IEC 27002 lead manager, ISO/IEC 27701 Lead Implementer, cDPO, Risk management, Lead Incident Mgr., Disaster Recovery, and many more.
George Usi - CEO of Omnistruct
An internet pioneer and award-winning leader in internet governance with over 25 years of experience, George Usi knows that getting hacked is not a matter of ‘if’ but, ‘when’ and the fiscal and reputational effects that has on a business, the executives, and the board. George is the Co-Founder of Omnistruct, a cyber risk company. Omnistruct protects and expands revenue creation, reputation, and customer retention through cyber risk transference, governance, and compliance. We ensure that security and privacy programs work.
Date: January 24, 2024
YouTube Video: https://youtu.be/9i5p5WFExT4
Website: https://bit.ly/3SjovIP
ISO/IEC 27001 and ISO/IEC 27035: Building a Resilient Cybersecurity Strategy ...PECB
As we approach the new year, the importance of a robust cybersecurity strategy cannot be overstated. Learning on the effective measures to be taken and tools needed to navigate the evolving cybersecurity landscape successfully is essential.
Amongst others, the webinar covers:
• ISO/IEC 27001 and ISO/IEC 27035 and their key components
• Key Components of a Resilient Cybersecurity Strategy
• Best practices for building a resilient cybersecurity strategy in 2024
Presenters:
Rinske Geerlings
Rinske is an internationally known consultant, speaker and certified Business Continuity, Information Security & Risk Management trainer.
She was awarded Alumnus of the Year 2012 of Delft University, Australian Business Woman of the Year 2010-13 by BPW, Risk Consultant of the Year 2017 (RMIA/Australasia) and Outstanding Security Consultant 2019 Finalist (OSPAs)
Rinske has consulted to the Department of Prime Minister & Cabinet, 15 Central Banks, APEC, BBC, Shell, Fuji Xerox, NIB Health Funds, ASIC, Departments of Defense, Immigration, Health, Industry, Education, Foreign Affairs and 100s of other public and private organizations across 5 continents.
She has been changing the way organizations ‘plan for the unexpected’. Her facilitation skills enable organizations to achieve their own results and simplify their processes. She applies a fresh, energetic, fun, practical, easy-to-apply, innovative approach to BCM, Security, and Risk.
Her 'alter ego' includes being a lead singer in SophieG Music and contributing to the global charity playing for Change, which provides music education to children in disadvantaged regions.
Loris Mansiamina
A Senior GRC Professional consultant for Small, Medium and large companies. Over 10 years, Loris has been assisting clients in both public and private sectors about various matters relating to Gouvernance, Risk Management and Compliance (GRC), Digital transformation, cyber security program management, ISO 27k & ISO 20k implementation, COBIT & ITIL implementation, etc.
Date: December 19, 2023
Tags: ISO, ISO/IEC 27001, ISO/IEC 27035, Cybersecurity, Information Security
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27001
ISO/IEC 27035 Information Security Incident Management - EN | PECB
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
Whitepaper: https://pecb.com/whitepaper
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
Slideshare: http://www.slideshare.net/PECBCERTIFICATION
YouTube video: https://youtu.be/yT8gxRZD_4c
ISO/IEC 27001 and ISO/IEC 27005: Managing AI Risks EffectivelyPECB
In today's rapidly evolving digital landscape, the integration of artificial intelligence (AI) in business processes is becoming increasingly essential. Hence, it is crucial to stay informed and prepared.
Amongst others, the webinar covers:
• ISO/IEC 27005 and ISO/IEC 27001 and their key components
• The standard’s alignment
• Identifying AI risks and vulnerabilities
• Implementing effective risk management strategies
Presenters:
Sabrina Feddal
With more than 16 years of background in operational security, telco as engineer and project manager for major international companies. I have founded Probe I.T in 2016 to provide my customers (both national and international) with GRC services. Winner of the 2020 award, the CEFCYS – Main French Women in cybersecurity association - jury's favorite, she remains committed on a daily basis to maintaining diversity and gender diversity in her teams.
Passionate about Law, History & Cybersecurity. She has several professional certifications acquired over the course of her career: Prince2, CISSP, Lead Implementer ISO27001, Risk Manager, University degree in Cybercrime and Digital Investigation.
Her values: excellence, discretion, professionalism.
Mike Boutwell
Mike Boutwell is a Senior Information Security Specialist with over 15 years of experience in security and 10 years of risk management experience, primarily focused on financial services. He excels in collaborating with CISOs and other executive leadership to build and implement security frameworks aligned with business objectives and developing enterprise-wide security requirements. Mike has a strong track record of securing assets worth over $1 quadrillion and delivering $100M+ projects.
Mike is a certified CISSP, CISA, CGEIT, ISO 27001 Senior Lead Implementer, ISO 27001 Senior Lead Auditor, ISO 38500 Senior Lead IT Governance Manager, ISO 27032 Senior Lead Cyber Security Manager, and Certified Non-Executive Director.
Date: November 22, 2023
Tags: ISO, ISO/IEC 27001, ISO/IEC 27005, Cybersecurity, Information Security
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27001
ISO/IEC 27005 Information Security Risk Management - EN | PECB
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
Whitepaper: https://pecb.com/whitepaper
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
Slideshare: http://www.slideshare.net/PECBCERTIFICATION
YouTube video: https://youtu.be/TtnY1vzHzns
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...PECB
In today's digital age, cybersecurity is more critical than ever. Hence, it is crucial to stay informed and prepared.
Amongst others, the webinar covers:
• ISO/IEC 27032:2023 and ISO/IEC 27701 and their key components
• The standard’s alignment
• Emerging Cybersecurity Threats
• What is new to the ISO/IEC 27032:2023
Presenters:
Madhu Maganti
Madhu is a goal-oriented cybersecurity/IT advisory leader with more than 20 years of comprehensive experience leading high-performance teams with a proven track record of continuous improvement toward objectives. He is highly knowledgeable in both technical and business principles and processes.
Madhu specializes in cybersecurity risk assessments, enterprise risk management, regulatory compliance, Sarbanes-Oxley (SOX) compliance and system and organization controls (SOC) reporting.
Jeffrey Crump
Mr. Jeffrey Crump is the Principal Consultant at Arizona-based Cyber Security Training and Consulting LLC and a graduate of the Certified NIS 2 Directive Lead Implementer course. He is a Certified CMMC Assessor, Certified CMMC Professional, and Instructor. Mr. Crump is also the author of Cyber Crisis Management Planning: How to reduce cyber risk and increase organizational resilience. His book has been expanded into a triad of certification courses on cyber crisis planning, exercises, and leadership.
Date: October 25, 2023
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27001
https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27032
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
Whitepaper: https://pecb.com/whitepaper
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
Slideshare: http://www.slideshare.net/PECBCERTIFICATION
YouTube video: https://youtu.be/a21uasr8aLs
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital TransformationPECB
Cybersecurity is an ongoing journey. The regular update and improvement of security measures is essential to stay ahead of evolving threats.
Amongst others, the webinar covers:
• Benefits of Compliance
• Digital Transformation: Why
• ISO/IEC 27001 and ISO/IEC 27032
• ISO/IEC 27001: Information Security Management System (ISMS)
• ISO/IEC 27032: Cybersecurity Framework
Presenters:
Douglas Brush
Douglas Brush is a federally court-appointed Special Master, and Court Appointed Neutral expert in high-profile litigation matters involving privacy, security, and eDiscovery.
He is an information security executive with over 30 years of entrepreneurship and professional technology experience. He is a globally recognized expert in cybersecurity, incident response, digital forensics, and information governance. In addition to serving as a CISO and leading enterprise security assessments, he has conducted hundreds of investigations involving hacking, data breaches, trade secret theft, employee malfeasance, and various other legal and compliance issues.
He is the founder and host of Cyber Security Interviews, a popular information security podcast.
Douglas is also committed to raising awareness about mental health, self-care, neurodiversity, diversity, equity, and inclusion, in the information security industry.
Malcolm Xavier
Malcolm Xavier has been working in the Digital Industry for over 18 Years now. He has worked with Global Clients in South Africa, United States and United Kingdom. He has achieved Many Professional Certifications Like CISSP, Google Cloud Practitioner, TOGAF, Azure Cloud, ITIL v3 etc.
His core competencies include IT strategy, cybersecurity, IT infrastructure management, data center migration and consolidation, data protection and compliance, risk management and governance, and IS program development and management.
Carole Njoya
Founder in 2018 of Alcees, a Paris-based management consulting fabric specialized in cybersecurity, data privacy governance and digital trust, Carole Njoya provides independent, tailored and expert advisory to companies doing business in European markets and serving both B2B and B2C customers. With more than 100 cybersecurity projects delivered, she assists entities in preparing, implementing and maintaining the right best practices under the ISO 27001 compliance framework and GDPR article 25 obligation (Privacy by design) for their vendors. Carole Njoya featured in the « Women Know Cybersecurity » 2019 Twitter list edited by Cybercrime Magazine. Carole Njoya is committed in science and engineering since pre-teen period.
Date: September 27, 2023
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27001
https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27032
YouTube video: https://youtu.be/U7tyzUrh8aI
Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulationsPECB
The management of AI systems is a shared responsibility. By implementing the ISO 31000 Framework and complying with emerging regulations like the EU ACT, we can jointly create a more reliable, secure, and trustworthy AI ecosystem.
Amongst others, the webinar covers:
• Understanding AI and the regulatory landscape
• AI and the threat landscape
• A risk driven approach to AI assurance - based on ISO 31000 principles
• Stress testing to evaluate risk exposure
Presenters:
Chris Jefferson
Chris is the Co-Founder and CTO at Advai. As the Co-Founder of Advai, Chris is working on the application of defensive techniques to help protect AI and Machine Learning applications from being exploited. This involves work in DevOps and MLOps to create robust and consistent products that support multiple platforms, such as cloud, local, and edge.
Nick Frost
Nick Frost is Co-founder and Lead Consultant at CRMG. Nick’s career in cyber security spanning nearly 20 years. Most recently Nick has held leadership roles at PwC as Group Head of Information Risk and at the Information Security Forum (ISF) as Principal Consultant. In particular Nick was Group Head of Information Risk for PwC designing and implementing best practice solutions that made good business sense that prioritized key risks to the organisation and helped minimize disruption to ongoing operations. Whilst at the ISF Nick led their information risk projects and delivered many of the consultancy engagements to help organisations implement leading thinking in information risk management.
Nicks combined experience as a cyber risk researcher and practitioner designing and implementing risk based solutions places him as a leading cyber risk expert. Prior to cyber security and after graduating from UCNW and Oxford Brookes Nick was a geophysicist in the Oil and Gas Industry.
Date: August 24, 2023
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: https://pecb.com/en/education-and-certification-for-individuals/iso-31000
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
Whitepaper: https://pecb.com/whitepaper
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
Slideshare: http://www.slideshare.net/PECBCERTIFICATION
YouTube video: https://youtu.be/MXnHC6AvjXc
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?PECB
Generative AI offers great opportunities for innovation in various industries. Hence, by adopting ISO/IEC 27032, you can enhance your cybersecurity resilience and efficiently address the risks associated with generative AI.
Amongst others, the webinar covers:
• AI & Privacy
• Generative AI, Models & Cybersecurity
• AI & ISO/IEC 27032
Presenters:
Christian Grafenauer
Anonymization expert, privacy engineer, data protection officer, LegalTech researcher (GDPR, Blockchain, AI) Christian Grafenauer is an accomplished privacy engineer, anonymization expert, and computer science specialist, currently serving as the project lead for anonymity assessments at techgdpr. With an extensive background as a senior architect in Blockchain for IBM and years of research in the field since 2013, Christian co-founded privacy by Blockchain design to explore the potential of Blockchain technology in revolutionizing privacy and internet infrastructure. As a dedicated advocate for integrating legal and computer science disciplines, Christian’s expertise in anonymization and GDPR compliance enables innovative AI applications, ensuring a seamless fusion of technology and governance, particularly in the realm of smart contracts. In his role at techgdpr, he supports technical compliance, Blockchain, and AI initiatives, along with anonymity assessments. Christian also represents consumer interests as a member of the national Blockchain and DTL standardization committee at din (German standardization institute) in ISO/TC 307.
Akin Johnson
Akin J. Johnson is a renowned Cybersecurity Expert, known for his expertise in protecting digital systems from potential threats. With over a decade of experience in the field, Akin has developed a deep understanding of the ever-evolving cyber landscape.
Akin is an advocate for cybersecurity awareness and frequently shares his knowledge through speaking engagements, workshops, and publications. He firmly believes in the importance of educating individuals and organizations on the best practices for safeguarding their digital assets.
Lucas Falivene
Lucas is a highly experienced cybersecurity professional with a solid base in business, information systems, information security, and cybersecurity policy-making. A former Fulbright scholar with a Master of Science degree in Information Security Policy and Management at Carnegie Mellon University (Highest distinction) and a Master's degree in Information Security at the University of Buenos Aires (Class rank 1st). Lucas has participated in several trainings conducted by the FBI, INTERPOL, OAS, and SEI/CERT as well as in the development of 4 cyber ISO national standards.
Date: July 26, 2023
YouTube Link: https://youtu.be/QPDcROniUcc
GDPR and Data Protection: Ensure compliance and minimize the risk of penaltie...PECB
By embracing the importance of GDPR and leveraging ISO/IEC 27701, you can enhance your data protection practices, achieve compliance, and minimize the risk of penalties.
Amongst others, the webinar covers:
Importance of Data Protection
Understanding Data Collection and Challenges
Introduction to GDPR
Key Principles of GDPR
Who does GDPR Apply to and Its Global Implications
Introduction to ISO/IEC 27701
Implementing ISO/IEC 27701
Privacy by Design
Dealing with IT on a Daily Basis
Building Awareness and Training
Audit, Data Discovery, and Risk Assessments
Presenters:
Mike Boutwell
Mike Boutwell is a Senior Information Security Specialist with over 15 years of experience in security and 10 years of risk management experience, primarily focused on financial services. He excels in collaborating with CISOs and other executive leadership to build and implement security frameworks aligned with business objectives and developing enterprise-wide security requirements. Mike has a strong track record of securing assets worth over $1 quadrillion and delivering $100M+ projects.
Mike is a certified CISSP, CISA, CGEIT, ISO 27001 Senior Lead Implementer, ISO 27001 Senior Lead Auditor, ISO 38500 Senior Lead IT Governance Manager, ISO 27032 Senior Lead Cyber Security Manager, and Certified Non-Executive Director.
Lisa Goldsmith
Lisa Goldsmith is the founder of LJ Digital and Data Consultancy. Lisa has over 23 years’ experience of supporting leadership teams in membership, charity, and wider not-for-profit organisations to simplify their IT and digital strategy that allows them to sleep soundly at night, knowing their systems and processes are fit for purpose, GDPR compliant, secure and that they deliver value to staff, members, and stakeholders.
Prior to starting her own consultancy, Lisa gained extensive experience working for membership organisations and has knowledge and expertise at all levels of operations from working within careers and qualifications teams, as Membership Manager, as Head of Digital & IT for delivering large-scale digital, IT and GDPR compliance projects and serving on several Senior Leadership Teams. Lisa is also currently a Trustee of the BCLA and Groundwork East.
Date: June 27, 2023
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27701
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
Whitepaper: https://pecb.com/whitepaper
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
Slideshare: http://www.slideshare.net/PECBCERTIFICATION
YouTube video: https://youtu.be/lfJrSLaGDtc
Website: https://bit.ly/437GOnG
How Can ISO/IEC 27001 Help Organizations Align With the EU Cybersecurity Regu...PECB
The EU has implemented a range of regulations aimed at strengthening its cybersecurity posture. In this context, the ISO/IEC 27001 standard offers a comprehensive framework for managing and safeguarding sensitive information, such as personal data.
Amongst others, the webinar covers:
• Quick recap on the ISO/IEC 27001:2013 & 2022
• ISO/IEC 27001 vs legislation
• The EU Cyber Legislation landscape
• Some considerations and consequences
• How to stay on top of the ever changing context
Presenters:
Peter Geelen
Peter Geelen is the director and managing consultant at CyberMinute and Owner of Quest for Security, Belgium. Over more than 20 years, Peter has built strong experience in enterprise security & architecture, Identity & Access management, but also privacy, information & data protection, cyber- and cloud security. Last few years, the focus is on ISO/IEC 27001 and other ISO certification mechanisms. Peter is accredited Lead Auditor for ISO/IEC 27001, ISO 9001, PECB Trainer and Fellow in Privacy. Committed to continuous learning, Peter holds renowned security certificates as certified ISO/IEC 27701 lead implementer and lead auditor, ISO/IEC 27001 Master, Sr. Lead Cybersecurity Manager, ISO/IEC 27002 lead manager, ISO/IEC 27701 Lead Implementer, cDPO, Risk management, Lead Incident Mgr., Disaster Recovery, and many more.
Jean-Luc Peters
Jean-Luc Peters brings 25 years of IT technology, information and cybersecurity expertise to boards, executives, and employees. Since the younger age he has held management positions in the private and government sector. He is currently the Head of the Cyber Emergency Response team for the National Cybersecurity Authority in Belgium. In addition to this, he is also a trainer, coach and trusted advisor focusing on enhancing cyber resilience.
Jean-Luc has helped in the technical implementation of the NIS 1 (Network and Information Security) Directive transposition in Belgium, defining the Baseline Security Guidelines governmental ISMS framework and many other projects. He holds several certifications, including ISO/IEC 27001 Lead Implementer, ISO/IEC 27005 Auditor, CISSP, GISP, Prince 2 Practitioner, ITIL etc.
Date: May 31, 2023
Tags: ISO, ISO/IEC 27001, Information Security, Cybersecurity
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27001
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
Whitepaper: https://pecb.com/whitepaper
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
Slideshare: http://www.slideshare.net/PECBCERTIFICATION
YouTube video: https://youtu.be/rsjwwF5zlK8
This document provides information about an informative student session hosted by PECB University and their academic partner Kaizen Training & Management Consultants Limited (KTMC) on May 18, 2023. It introduces Mustafë Bislimi of PECB University and Jacob A. McLean of KTMC. PECB University offers Executive MBA programs in cybersecurity, business continuity management, and governance, risk and compliance. Blocks 1 and 4 are offered by PECB University, while blocks 2 and 3 are offered by KTMC. The session discusses cybersecurity management and KTMC's partnership, training, and consulting services. Studying with KTMC provides advantages of cost, convenience, and expertise.
ISO/IEC 27001 and ISO 22301 - How to ensure business survival against cyber a...PECB
To protect your organization from cyber attacks, you need to implement a robust information security management system (ISMS) and business continuity management system (BCMS) based on international standards, such as ISO/IEC 27001 and ISO 22301.
Amongst others, the webinar covers:
• Why we need a cyber response plan to protect business operations
• Introduction to ISO/IEC 27001 and ISO 22301
• What do we need for a cyber security response plan?
• How do we develop a cyber security response plan?
Presenters:
Nick Frost
Nick Frost is Co-founder and Lead Consultant at CRMG.
Nick’s career in cyber security spanning nearly 20 years. Most recently Nick has held leadership roles at PwC as Group Head of Information Risk and at the Information Security Forum (ISF) as Principal Consultant.
In particular Nick was Group Head of Information Risk for PwC designing and implementing best practice solutions that made good business sense, that prioritise key risks to the organisation and helped minimise disruption to ongoing operations. Whilst at the ISF Nick led their information risk projects and delivered many of the consultancy engagements to help organisations implement leading thinking in information risk management.
Nicks combined experience as a cyber risk researcher and practitioner designing and implementing risk based solutions places him as a leading cyber risk expert. Prior to cyber security and after graduating from UCNW and Oxford Brookes Nick was a geophysicst in the Oil and Gas Industry.
Simon Lacey
Simon is a resourceful, creative Information & Cyber Security professional with a proven track record of instigating change, disrupting the status quo, influencing stakeholders and developing ‘big picture’ vision across business populations. Multiple industry experience; excels in building stakeholder engagement & consensus; and suporting organisations to make sustainable change.
Simon also has considerable experience of risk management, education and awareness, strategy development and consulting to senior management and is a confident and engaging public speaker.
Simon has previously worked within the NHS, Bank of England and BUPA, before setting out as an independent consultan forming Oliver Lacey Limited, supporting clients in multiple business sectors.
When not working, Simon loves to run – currently training for the Berlin Marathon, a Director of Aylesbury United Football Club, records vlogs and is an experienced standup comic.
Date: April 26, 2023
Find out more about ISO training and certification services
Training: https://bit.ly/3AyoyYF
https://bit.ly/3LbBVTx
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
Whitepaper: https://pecb.com/whitepaper
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
YouTube video: https://youtu.be/i4qx5mjEqio
Integrating ISO/IEC 27001 and ISO 31000 for Effective Information Security an...PECB
Integrating ISO/IEC 27001 and ISO 31000 can help organizations align their information security and risk management efforts with their overall business objectives, leading to more effective risk management and better decision-making.
Amongst others, the webinar covers:
• Aligning the ISMS process with ISO/IEC 27001
• Using ISO 31000 within the ISMS
• Aligning the RM process with ISO 31000
• How/where does ISO/IEC 27001 fit?
Presenters:
Nick Riemsdijk
As a highly experienced and multi-skilled leader in Information and Physical Security, Nick is known as a collaborative, focused, driven and highly analytical individual with a broad portfolio of successes in client engagements. His expertise spans devising, implementing, managing and delivering information security, physical security, organizational resilience and facilities management solutions for organizations. He is certified as a Certified Information Security Manager (CISM), Certified Protection Professional (CPP), in Project Management (Prince2), ISO 22301 (Business Continuity), ISO 27001 (Information Security), and ISO 31000 (Risk Management).
Rinske Geerlings
Rinske is an internationally known consultant, speaker and certified Business Continuity, Information Security & Risk Management trainer.
She was awarded Alumnus of the Year 2012 of Delft University, Australian Business Woman of the Year 2010-13 by BPW, Risk Consultant of the Year 2017 (RMIA/Australasia) and Outstanding Security Consultant 2019 Finalist (OSPAs)
Rinske has consulted to the Department of Prime Minister & Cabinet, 15 Central Banks, APEC, BBC, Shell, Fuji Xerox, NIB Health Funds, ASIC, Departments of Defense, Immigration, Health, Industry, Education, Foreign Affairs and 100s of other public and private organizations across 5 continents.
She has been changing the way organizations ‘plan for the unexpected’. Her facilitation skills enable organizations to achieve their own results and simplify their processes. She applies a fresh, energetic, fun, practical, easy-to-apply, innovative approach to BCM, Security, and Risk.
Her 'alter ego' includes being a lead singer in SophieG Music and contributing to the global charity playing for Change, which provides music education to children in disadvantaged regions.
Date: March 23, 2023
Find out more about ISO training and certification services
Training: https://pecb.com/en/education-and-certification-for-individuals/iso-31000
https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27001
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
Whitepaper: https://pecb.com/whitepaper
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
YouTube video: https://youtu.be/Xj0U2mbpZUs
Student Information Session University CREST ADVISORY AFRICA PECB
This document provides information about an informative student session on March 9, 2023 for PECB University's Executive MBA programs. PECB University offers Executive MBA degrees in cybersecurity, business continuity management, and governance, risk and compliance. The session will discuss simulations that place students in realistic business scenarios, as well as core courses in strategic management and leadership. Crest Advisory Africa is introduced as the academic partner that will deliver specialization and elective courses using various modes including on-site, online and self-study, and provide opportunities for South African students. Contact information is provided for representatives from PECB University and Crest Advisory Africa.
IT Governance and Information Security – How do they map?PECB
Effective IT Governance requires proper Information Security practices to ensure that the organization's data is secure. On the other hand, Information Security policies and procedures must be aligned with the organization's overall IT Governance framework to ensure that security measures do not negatively impact business operations.
Amongst others, the webinar covers:
▪ Bring Governance and InfoSec Together
▪ Answering WIIFM
▪ Business Terms
Presenters:
Dr. Edward Marchewka
Dr. Edward Marchewka is a seasoned executive that has come up through the ranks in the IT vertical, expanding into information security, quality management, and strategic planning.
Edward founded and serves as the Principal for 3LC Solutions, enabling YOU to Tell a Better Story in business, with our vCIO, vCISO, quality, and strategy consulting services, through metrics and relating risk to the business with our CHICAGO Metrics® SaaS solution.
He has also held several roles leading information technology, most recently with Gift of Hope Organ and Tissue Donor Network, leading the Information and Technology Services department as the Director of IT, Data, and Security Services. Prior to Gift of Hope, he ran information security for Chicago Public Schools.
Edward has earned a Doctorate of Business Administration from California Southern University and Masters’ degrees in Business Administration and Mathematics from Northern Illinois University. He earned Bachelors’ degrees in Liberal Studies and Nuclear Engineering Technologies from Thomas Edison State College, N.J. Edward maintains several active IT, security, and professional certifications from (ISC)2, ASQ, ITIL, PCI, PMI, ISACA, Microsoft, and CompTIA. He has held legacy IT certifications from Cisco and HP, and a designation from the National Security Agency.
Date: February 22, 2023
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-38500
https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27001
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
Whitepaper: https://pecb.com/whitepaper
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
Slideshare: http://www.slideshare.net/PECBCERTIFICATION
YouTube video: https://youtu.be/2bSbAdL5Idg
This document provides information about an information session held by PECB University and their academic partner EGYBYTE. PECB University offers Executive MBA programs in Cybersecurity, Business Continuity Management, and Governance, Risk and Compliance. The programs consist of 48 credits delivered through a blended model of distance learning and classroom sessions. EGYBYTE will provide support through Arabic-speaking subject matter experts, various delivery models like online and on-site training, and access to specialization and elective courses. The document outlines the program structures and lists available electives. It also discusses PECB University's accreditations and status as an active institution in the District of Columbia.
Student Information Session University Digital Encode.pptxPECB
oin us as our Director for Business Mustafe Bislimi teams up with Dr. Obadare Peter Adewale, our academic partner Digital Encode Limited, to provide valuable information about our programs, admissions process and specialization and elective courses.
Discover the opportunities available to you as a student at PECB University and get a firsthand look at what makes us a top choice for education.
Whether you're a prospective student or simply curious about PECB University, don't miss this informative session! Subscribe to our channel and stay tuned for more videos.
For inquiries regarding admission process contact us: university.studentaffairs@pecb.com
-EMBA in Cybersecurity: https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbHJQUUpjMmY2NmcyeURhTzE5VlRSNjg2Y1hwd3xBQ3Jtc0tuLTZqdmZyWkc2VVNQV21YRTlKZUQ2SEtUenNXbzYyb1ZianV5cldDYTViWjZ1eVhCNWtxWHI3VTNwRS1BOE4wTERkZ3BtcndwM0sxdVoydWZYSXBkV2hYd2lwU0NLSTk5WERWMlhtVk1Ud2tuWTRjTQ&q=https%3A%2F%2Fpecb.university%2Fprograms%2Fmba-programs%2Fcybersecurity&v=3YJbbr708pk
-EMBA in Business Continuity Management: https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqa3JQTGVhd1VfeG1weWNzUzRrMmg2bk0tc3kxUXxBQ3Jtc0tsOVF5VG82TkhRU3R5TVRWWmdhMzBrSTU2eW9wby1OYWN4VTg5bkJBY0lhTmNsOFhETzB5cVp0WU8zbTQwTlZkdk9Dby1fSXdhWmRpZFFPUmk3NS1QOGpMOVBlaDFhVVpwa2JZMkxKNGRnTnppMm93SQ&q=https%3A%2F%2Fpecb.university%2Fprograms%2Fmba-programs%2Fbusiness-continuity-management&v=3YJbbr708pk
-EMBA in Governance, Risk, and Compliance: https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbUplMGtjOFRWbzdGWERmdTR2QjdSbTBuQUxCd3xBQ3Jtc0tsNVdOU1p6UERWM3ZySE55V2FlWlJ1aFlzUU85VEt0aVRoR0hyTjNHbUNVYVMyb0lzTkZycUtJRzNxazlDWGRqTHZQMWJPZEYwbG1xWjVJN1JNOW1QUjJBZDY3NkU5LVl0b2xxOFpkZW1ZX2F3QmF5cw&q=https%3A%2F%2Fpecb.university%2Fprograms%2Fmba-programs%2Fgovernance-risk-compliance&v=3YJbbr708pk
How to Add Chatter in the odoo 17 ERP ModuleCeline George
In Odoo, the chatter is like a chat tool that helps you work together on records. You can leave notes and track things, making it easier to talk with your team and partners. Inside chatter, all communication history, activity, and changes will be displayed.
it describes the bony anatomy including the femoral head , acetabulum, labrum . also discusses the capsule , ligaments . muscle that act on the hip joint and the range of motion are outlined. factors affecting hip joint stability and weight transmission through the joint are summarized.
How to Fix the Import Error in the Odoo 17Celine George
An import error occurs when a program fails to import a module or library, disrupting its execution. In languages like Python, this issue arises when the specified module cannot be found or accessed, hindering the program's functionality. Resolving import errors is crucial for maintaining smooth software operation and uninterrupted development processes.
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...Dr. Vinod Kumar Kanvaria
Exploiting Artificial Intelligence for Empowering Researchers and Faculty,
International FDP on Fundamentals of Research in Social Sciences
at Integral University, Lucknow, 06.06.2024
By Dr. Vinod Kumar Kanvaria
How to Manage Your Lost Opportunities in Odoo 17 CRMCeline George
Odoo 17 CRM allows us to track why we lose sales opportunities with "Lost Reasons." This helps analyze our sales process and identify areas for improvement. Here's how to configure lost reasons in Odoo 17 CRM
The simplified electron and muon model, Oscillating Spacetime: The Foundation...RitikBhardwaj56
Discover the Simplified Electron and Muon Model: A New Wave-Based Approach to Understanding Particles delves into a groundbreaking theory that presents electrons and muons as rotating soliton waves within oscillating spacetime. Geared towards students, researchers, and science buffs, this book breaks down complex ideas into simple explanations. It covers topics such as electron waves, temporal dynamics, and the implications of this model on particle physics. With clear illustrations and easy-to-follow explanations, readers will gain a new outlook on the universe's fundamental nature.
Main Java[All of the Base Concepts}.docxadhitya5119
This is part 1 of my Java Learning Journey. This Contains Custom methods, classes, constructors, packages, multithreading , try- catch block, finally block and more.
Thinking of getting a dog? Be aware that breeds like Pit Bulls, Rottweilers, and German Shepherds can be loyal and dangerous. Proper training and socialization are crucial to preventing aggressive behaviors. Ensure safety by understanding their needs and always supervising interactions. Stay safe, and enjoy your furry friends!
Assessment and Planning in Educational technology.pptxKavitha Krishnan
In an education system, it is understood that assessment is only for the students, but on the other hand, the Assessment of teachers is also an important aspect of the education system that ensures teachers are providing high-quality instruction to students. The assessment process can be used to provide feedback and support for professional development, to inform decisions about teacher retention or promotion, or to evaluate teacher effectiveness for accountability purposes.
2. Kildow Consulting
Business continuity and supply chain management consultant, advisor, trainer,
speaker, author
More than 25 years partnering with widely diverse businesses and organizations to
develop and maintain continuity and resilience
Fellow of the Business Continuity Institute (FBCI) 2002
Certified Business Continuity Professional (CBCP), DRII 1998
ISO 22301 Master
ISO 28000 Lead Implementer/Lead Auditor
Conduct ISO-28000 and ISO-22301 internal audits and reviews
PECB Certified Trainer
Author, A Supply Chain Management Guide to Business Continuity, 2011; in
Japanese「事業継続」のためのサプライチェーン・マネジメント
Betty A. Kildow
3. Kildow Consulting
• Founder & Principal Consultant @ Business As Usual (started 2006)
• MSc (Engineering) – TU Delft, the Netherlands - Honours
• 20+ years of consulting experience globally
• ISO 22301 Master – ISO 31000 Lead Risk Mgr – ISO 27001 Master
• CBCP, MBCI, ITIL Master, COBIT certified
• Regularly conducting ISO 27001 certification audits
• Consulted to 15 Central Banks and 100s of other Government
entities, SMEs and larger corporates across Australasia, Africa,
Europe and Latin America
Rinske Geerlings
Risk Consultant of the Year 2017 (RMIA)
Outstanding Security Consultant of the Year 2019 (OSPAs Finalist)
4. Kildow Consulting
• ISO 31000 Lead Risk Manager
• ISO 22301 Lead Implementer
• ISO 9001 Lead Implementer
• PECB Certified Trainer
• Worked with clients across industries to develop and review
their enterprise risk and business continuity management
frameworks.
Michael Kamau Kiiru
Senior Consultant at Sentinel Africa Consulting
Experienced risk manager and trainer specializing in enterprise
risk management, business continuity management
Photo
6. Kildow Consulting
What Is
Business
Continuity?
1,000,000 choices
• Timely, orderly continuation or rapid restoration
of delivery of the organization’s service or
product following a disruption of any magnitude.
• Includes strategies and plans developed from the
perspective of keeping the most critical functions
running while normal operations are restored.
• Capability of the organization to continue delivery
of products or services at acceptable predefined
levels following a disruptive incident. ISO 22301,
clause 3.3
7. Kildow Consulting
Here is Your First Quiz
What is the precise full official name of
ISO-22301 – with all correct punctuation?
8. Kildow Consulting
What is ISO 22301?
• Full name of the standard is: ISO 22301:2019 Societal security – Business continuity
management systems – Requirements.
• Billed as the world's first international standard for business continuity management
(BCM)
– Written by leading business continuity experts
– Provides the best framework for managing business continuity in an organization.
• An organization can become certified by an accredited certification body and will
therefore be able to prove its compliance to its customers, partners, owners and
other stakeholders.
• Any organization – large or small, for profit or non-profit, private or public can
implement the standard.
What is ISO 22301?
9. Kildow Consulting
ISO 22301 Standard
Specifies requirements for
BCMS management
Requirements (clauses) are
written using the imperative
verb “shall”
Integrate the PDCA (Plan, Do,
Check and Act) model
Auditable
Organization can obtain
certification against this
standard
10. Kildow Consulting
Why ISO-22301:2012 Had Me at Hello
Business Continuity Management System
– Includes the supply chain
– Requires top management involvement
– Globally accepted standard
– Sets requirements for a business continuity management
system
– Provides guidance on the implementation of a comprehensive
Business Continuity Program
– Provides solid evidence of business continuity competence
Published in May 2012 by the technical committee, ISO 22301:2012 is the first international standard
for management systems that help ensure business continuity. ISO 22301 is the premium standard
for business continuity, and certification demonstrates conformance to rigorous practices to prevent,
mitigate, respond to, and recover from disruptive incidents.
11. Kildow Consulting
Value of a
Business
Continuity
Management
System
Many stakeholders care about your business continuity capability;
some have a vested interest.
In extreme situations the success, even survival, of your
organization as it exists today may depend on its business
continuity capability.
The number of regulatory and legal requirements that include
having a business continuity program continue to increase in
number.
For public utilities there is an ethical requirement to protect the
interests of all customers.
Customers need and expect your products and services to be
available even when significant disruptions and disasters occur.
Developing, implementing, and maintaining a continuity program
that ensures the organization can continue operations even in the
face of disaster, thus avoiding damage to the company’s brand,
image, and reputation, and losses to the bottom line.
12. Kildow Consulting
Advantages of Business Continuity
Predictable and
effective
response to
crises
Protection of
people
Maintenance of
vital activities of
the organization
Better
understanding of
the organization
Mitigation of
Risks
Respect of the
interested
parties
Protection of the
reputation and
brand
Confidence of
clients
Competitive
advantage
Legal
compliance
Regulatory
compliance
Contract
compliance
13. Kildow Consulting
Definition: Establishment of policies and
continuous monitoring of their proper
implementation by members of the governing
body of an organization
• Adopt formal Business Continuity Policy
• Identify who has overall ownership
• Establish a central point of accountability,
oversight, and support
• Ensure proper monitoring to ensure
requirements are met - and follow-up as
necessary
• Assign roles and responsibilities
14. Kildow Consulting
Business Continuity’s Value
Beyond Business Continuity
• Gather information from across the
organization
• Gain an in-depth understanding of the big
picture
• Develop a greater understanding of
internal and external interdependencies
• Identify redundancies and opportunities for
efficiencies
15. Kildow Consulting
“You can't go
back and change
the beginning, but
you can start
where you are
and change the
ending.”
C.S.Lewis
COVID – Two Years and Counting
Global
Prolonged
Impacted people, facilities, equipment, suppliers,
technology, infrastructure
Required extraordinary levels of adaptability
What seemed impossible was made possible
Higher awareness of the need for business
continuity than ever before
Unparalleled lessons for needed improvements to
our Business Continuity Programs
16. Kildow Consulting
Requirements for Successful Business Continuity
Enterprise-wide integrated involvement
Total collaboration among all risk-
related business units
Fully addressing a wide range of
internal and external operational risks
Strategies and plans that are flexible,
scalable
17. Kildow Consulting
Internal Partnering
Strategy and plan
development
• Give ownership to the
implementers
• Train and empower
IT/DR
• Collaborative DR and
BC exercises and tests
• IT is also a business
unit
One small step for
business continuity-
kind; one giant step
for a successful BCMS
• Adopt a shared
glossary of business
continuity terms and
acronyms that is used
across the
organization
18. Kildow Consulting
• Business Continuity Plans need to outline how
each individual plan coordinates, collaborates, and
communicates with other plans:
– Corporate-level Business Continuity Plan
– Department / Division Business Continuity
Plans at all locations
– Business Continuity Plans for strategic,
tactical and operational levels
– Disaster Recovery Plan
– Emergency Response Plan
– Other risk-related plans
• A change in one will likely require changes in
others
19. Kildow Consulting
Business
Continuity’s
Role in
Cybersecurity
and Vice
Versa
• It is a fact that BC, DR and Cybersecurity
activities often occupy separate silos
• Those barriers need to come down
• Business continuity does not prevent nor lead
the charge to recover from cyber attacks
• Business Continuity’s role is to ensure that the
organization can still function in spite of any
disruption, including of cyber attacks
Collaboration is the key to success. There is strength and power
in coming together to find answers to current and future
common challenges.
20. Kildow Consulting
Executive
sponsorship,
involvement, and
commitment
Focus on sustaining
operations essential
to the delivery of
products and
services
Clearly defined
ownership and
responsibility
Full communication
of the program
enterprise wide
Full coordination
and integration of all
risk-related
programs
Regular reviews
and audits and
updates
Comprehensive
training, exercising
and testing
Integrated into
culture and
operations
ISO-22301
Essentials for
Ongoing
Business
Continuity
Success
25. Kildow Consulting
ISO 27001 – What is it?
ISO/IEC 27001 (usually shortened to
“ISO 27001”) is an Information
Security Management System standard
written jointly by the International
Organization for Standardization (ISO)
and the International Electrotechnical
Commission (EC). This standard lays
out universal best practices for creating
and maintaining an information security management system (ISMS).
It helps organizations protect the confidentiality, integrity, and availability (CIA) of their
information. These three elements form the basis good information security.
ISO 27001 helps protect information in any form, but cybersecurity—which protects digital
information—plays a major role.
30. Kildow Consulting
• A technical topic well explained in “laymen’s terms”
• Generic – 2013 version!
• Helpful as a starting point in order to measure/benchmark your IS maturity
• Good outline of Information Security controls (Annex A)
• Well aligned with other standards and guidelines (e.g. ISO 22301, ISO 31000, SOC2,
NIST etc)
• Various related guidelines for further support (e.g. ISO 27002 – IS controls, ISO 27032 -
Cyber Risk, ISO 27017 – Cloud services, ISO 27018 – Personally Identifiable Information
in public Clouds, ISO 28000 – Supply Chain Security)
• Note: ISO 27001 goes beyond electronic information security.
ISO 27001 - Will it break or make your process?
32. Kildow Consulting
ISO/IEC 27001 provides requirements for organizations that are seeking to establish,
implement, maintain, and continually improve an information security management system.
As such, organisations can get certified against it.
ISO/IEC 27002 is an international standard used as a reference for selecting and
implementing information security controls listed in Annex A of ISO/IEC 27001. It is used as
guidance on the best practices of information security management helping organisations in
selecting, implementing, and managing the controls of ISO/IEC 27001. Organisations
cannot get a certification against ISO/IEC 27002. It serves as supporting material in
implementing the requirements.
What is the difference between ISO/IEC 27001 & ISO/IEC 27002?
33. Kildow Consulting
Number of controls
The revised version of ISO/IEC 27002 published in 2022 decreases the number of
information security controls from 114 controls to 93 controls, covered in four sections:
• Organizational controls (clause 5)
• People controls (clause 6)
• Physical controls (clause 7)
• Technological controls (clause 8)
What are the main changes in ISO/IEC 27002:2022?
34. Kildow Consulting
New controls
The ISO/IEC 27002:2022 introduced 11 new controls, as stated in the following:
• 5.7 Threat intelligence
• 5.23 Information security for use of cloud services
• 5.30 ICT readiness for business continuity
• 7.4 Physical security monitoring
• 8.9 Configuration management
• 8.10 Information deletion
• 8.11 Data masking
• 8.12 Data leakage prevention
• 8.16 Monitoring activities
• 8.23 Web filtering
• 8.28 Secure coding
What are the main changes in ISO/IEC 27002:2022?
35. Kildow Consulting
Restructuring and merging of sections
• Despite the number of controls being reduced, no controls were excluded in the latest version
of the standard; however, they were merged.
• It is considered that based on the newest structure, the process of designation of
responsibilities and the applicability of controls will be easier.
How is ISO/IEC 27002:2022 impacting ISO/IEC 27001?
• There will be an amendment to ISO/IEC 27001:2013 (referred to as ISO/IEC
27001:2013+A1:2022).
• As such, the latest changes in ISO/IEC 27002:2022 will be reflected in Annex A of ISO/IEC
27001 with a normative version of the 93 new controls.
What are the main changes in ISO/IEC 27002:2022?
36. Kildow Consulting
Once the updated Annex A of ISO/IEC 27001 is published, you will need to update the
Statement of Applicability so it can be aligned with the new list of security controls.
Will the changes affect my organisation’s ISO/IEC 27001 certification?
• If you’re currently certified to ISO 27001:2013, you will need to make the transition to
ISO 27001:2022 before your first surveillance or recertification audit of 2023.
• Depending on the scope of your ISMS, you could be required to implement up to 11
new controls.
• Before your audit, those controls need to be put in place, enforced with policies and
procedures, and tested.
When should we start implementing the latest changes?
40. Kildow Consulting
Scope of ISO 31000
Provides principles, a framework and
process for managing risks.
It is easily adaptable to any business
regardless of sector or industry
It is applicable to any type of risk – Including
Information Security and Business
Continuity Risks
Aims to simplify risk management.
Not intended for certification
41. Kildow Consulting
What is Risk and Risk Management?
Risk management refers to a coordinated
set of activities and methods that is used
to direct an organization and to control the
many risks that can affect its ability to
achieve objectives
According to ISO 31000, risk is the “effect
of uncertainty on objectives” and an effect is
a positive or negative deviation from what is
expected.
43. Kildow Consulting
Risk Management Framework
A risk management framework
provides the policies, procedures
and organizational arrangements
that will embed risk management
throughout the organization at all
levels.
The framework guides the
establishment of the risk process.
45. Kildow Consulting
Risk Assessment
Provides a structured process that identifies how objectives may
be affected and analyses the risk in terms of consequences and
their probabilities before deciding on whether further action is
required.
Risk Assessment attempts to answer the following fundamental
questions:
What can happen and why? (By risk identification)
What are the consequences?
What is the probability of their future occurrence?
Are there any factors that mitigate the consequence or
probability of the risk
Is the level of risk tolerable or acceptable and does it require
further action
46. Kildow Consulting
Benefits of Effective Risk Management
Organisations exhibiting mature risk
management practices outperform their
peers financially
Enhanced compliance to legal and
contractual obligations
Provides better quality data for decision
making
Provides a roadmap for prioritizing actions
Business Process Improvement
Enhances communication and
collaboration within an organisation
47. Kildow Consulting
Considerations To Make
What are our risk management objectives: What are we hoping to achieve with the
implementation of a risk framework based on ISO 31000
Who is doing what: Roles and responsibilities should be clearly defined. Leadership must
support Risk Management. Everyone is a risk manager (In their roles, not necessarily in
title)
How will it be implemented: Document a process tailored for the organisation.
When will it be implemented: Risk management is a journey, not a destination. Risks
should be continually assessed and mitigation strategies re-considered. Change is
inevitable. Recognise new risks and opportunities.
48. Kildow Consulting
Continuous Improvement
This is a process of increasing the effectiveness
and efficiency of the organisation to fulfil its
policy and objectives
Taking consistent steps forward
50. Discussion Question
I understand how these three standards can be of value to my
company. We have not yet implemented any of these standards.
Where should we start?
51. Kildow Consulting
About ISO Standards
ISO is a network of national
standardization bodies from over
160 countries
There are more than 788
technical bodies for standard
development
The final results of ISO works
are published as international
standards
More than 21,000 standards
have been published since 1947
52. Facts
• We have choices
• All three standards have merit and value
• We can have basic knowledge and an understanding of all
three
• It is difficult to fully be a subject matter expert in everything
• An organization can be certified in multiple ISO standards
• But where to start?
53. Considerations
• Which of the three has greatest value to the organization and
its stakeholders today? In the future?
• Which aligns with the organization’s vision, mission, policies?
• Not the latest trend, one that it is the latest hot topic, or was a perfect
for another organization
• Is there a standard that is preferred or recommended by your
business sector, industry, or profession?
54. Making the Best Selection
• What other standards does your organization use?
• Have you read and understand the standard(s) you are considering?
• Which standard addresses the company’s current greatest risks?
• Which standard has buy-in from interested parties – including
executive management, business partners, regulatory agencies, etc.?
• Do a great many of your customers use, prefer, or require a specific
standard?
• Is there a standard that is more widely used in your industry?
• Are all the right people involved in the selection process?
56. Kildow Consulting
• Combine workshops where you can
• Create a ‘cross-walk’ of any standards and show the Sections in other standards that
cover the same/similar topics e.g. ISI 27001, NIST,
Key points to prevent ‘standards fatigue’