Opleidingen

Hands-on beginner's penetration testing training with TryHackMe lab challenges Understand how hackers work, how a penetration test is performed, and what agreements to make to safely carry out a penetration test; Use open-source intelligence, sniffing and port scanning tools and techniques to gain valuable information on a target; Gain hands-on experience in vulnerability scanning, SQL injection, password cracking, XSS, and remote and local file inclusion with realistic TryHackMe lab challenges. The language of instruction for this course is English. About this program: Ethical Hacking Foundation Course – Learn the basics of penetration testing from expert hackers In our Ethical Hacking Foundation course, you will learn to think like a hacker and immerse yourself in the techniques and tools hackers use to break into networks and systems. Designed by experienced hackers, the course guides you through the penetration testing process and challenges you to practice your hacking skills at every step of your journey. In this beginner’s penetration testing training, you will learn hacking by doing it. Throughout the course, you will perform basic penetration testing tasks in a TryHackMe lab environment. You will try your hand at network sniffing, port scanning, SQL injection, password cracking, local and remote file inclusion, and cross-site scripting (XSS). At the end of the course, you will use your newly acquired hacking skills to carry out a basic black-box penetration test (Capture the Flag challenge). This is an entry-level ethical hacking course for beginners with little or no programming experience. Are you looking for advanced penetration testing training? Our Ethical Hacking Practitioner course will challenge you with more complex hacking exercises to test networks, devices, access control, software and databases. Prerequisites This is a complete beginner’s penetration testing training. You don’t need any previous hacking knowledge or experience to participate. However, we strongly recommend you to have a basic understanding of Linux. Are you new to Linux? If you want to participate in our hacking exercises, please consider taking a one-day Linux Introduction course before signing up for Ethical Hacking Foundation. Who should join Ethical Hacking Foundation? This course is an ideal choice for anyone interested in exploring “the hacker mindset” and getting a solid understanding of basic penetration testing techniques. We especially recommend this course if: You are considering starting a career in ethical hacking, and you would like to get basic hacking skills and credentials before following more advanced trainings; You would like to learn penetration testing fundamentals to succeed in a SOC analyst or IT security role. What is included in this Ethical Hacking Foundation course? Official SECO-Institute course materials developed by experienced hackers; Training from passionate instructors who are active in the penetration testing industry; Access to SECO’s hacking lab environment Practice exam and exam syllabus to fully prepare for your Ethical Hacking Foundation certification exam; Certification exam voucher; Access to the (S)ECO-system, a professional community website where you will find additional resources and exclusive knowledge events. Target group: Who should join Ethical Hacking Foundation? This course is an ideal choice for anyone interested in exploring “the hacker mindset” and getting a solid understanding of basic penetration testing techniques. We especially recommend this course if: You are considering starting a career in ethical hacking, and you would like to get basic hacking skills and credentials before following more advanced trainings; You would like to learn penetration testing fundamentals to succeed in a SOC analyst or IT security role. Subjects: Ethical Hacking Foundation Course Modules   Module 1: Penetration Testing – Preparation Understand the difference between hacking and ethical hacking Understand the legal implications of hacking Know what agreements to make in the intake phase to safely carry out a penetration test Understand the difference between white box, grey box and black box testing Understand the penetration testing process Learn to use Kali Linux for penetration testing Module 2: Reconnaissance Understand the difference between passive and active reconnaissance Use common open-source intelligence (OSINT) tools to carry out passive reconnaissance and find useful information on the target Identify relevant information to be found about the target Make a plan for keeping track of the findings Use Shodan.io to gather information on a target Geolocate images to gather information on a target Use basic sniffing and scanning techniques to perform active reconnaissance and gather more useful information on the target Use Wireshark to sniff network traffic and filter relevant information Use Nmap to map the target network infrastructure and services Perform TCP Connect, SYN “Half-open”, and UDP scans using Nmap Use Dirb and Nikto to scan for web content and web server vulnerabilities Module 3: Web Application Attacks Find web application vulnerabilities with Zap Perform a basic web parameter tampering attack Perform a basic XSS attack Perform a basic SQL attack Crack hashed passwords Perform a basic file inclusion attack Module 4: Capture the Flag Use the techniques learnt in Modules 1-3 to break into a (simulated) company’s wireless network. Discover interesting hosts and identify the services running on them. Finally, access and exploit these services to gain access to the company’s systems. Goals and result: In this beginner’s penetration testing training, you will learn hacking by doing it. Throughout the course, you will perform basic penetration testing tasks in a TryHackMe lab environment. You will try your hand at network sniffing, port scanning, SQL injection, password cracking, local and remote file inclusion, and cross-site scripting (XSS). At the end of the course, you will use your newly acquired hacking skills to carry out a basic black-box penetration test (Capture the Flag challenge). Teaching methods: What is included in this Ethical Hacking Foundation course? Official SECO-Institute course materials developed by experienced hackers; Training from passionate instructors who are active in the penetration testing industry; Access to SECO’s hacking lab environment Practice exam and exam syllabus to fully prepare for your Ethical Hacking Foundation certification exam; Certification exam voucher; Access to the (S)ECO-system, a professional community website where you will find additional resources and exclusive knowledge events. Program setup: 3 course days, 1pm – 5.30pm CEST 8.5 hours of self-study 1 CPE credit per study hour English spoken online classroom Related programs: For follow-up options, please visit our website. 

Learn crisis preparedness, response and communication fundamentals from crisis management consultants Understand how crises emerge, progress, and impact individuals and organisations; Find out what key activities to carry out in each phase of the crisis management lifecycle (prevention & preparation, response and recovery); Understand the fundamental principles of crisis management methodology and apply them to basic crisis scenarios; Explore how an Internal Crisis Management Organisation works and how to participate effectively in a Crisis Management Team meeting; Understand best-practice internal and external crisis communication principles and apply them to basic crisis scenarios; Grasp the fundamental principles of stakeholder analysis and reputation management. About this program: Crisis Management Foundation Course – Comprehensive beginner’s crisis management training Our Crisis Management Foundation course introduces you to the fundamental principles of effective crisis management and crisis communications. In this beginner’s crisis management training, you will familiarise yourself with the crisis management lifecycle and learn what activities you need to perform in each crisis stage to contain the impact of a crisis and help your organisation recover from disruptions. While getting acquainted with industry best-practice crisis management methodology, you will gain insight into real-world crisis management experts’ tips and tricks on crisis preparedness and crisis response, with a special focus on internal and external communications during a crisis. Furthermore, you will understand how an internal crisis organisation functions and what resources it needs to perform its tasks. Throughout the course, you will participate in basic Crisis Management Team meetings and apply your newly acquired crisis management skills to basic crisis scenarios with real-life relevance. Is this Crisis Management Foundation course for you? This Crisis Management Foundation course is ideal for beginners with no previous experience in crisis management. If you are interested in learning the basics of identifying (potential) crises, containing the impact of adverse events on your organisation and communicating during a crisis to stakeholders, this course is the perfect choice. Do you already have a good understanding of key crisis management principles? And are you looking for a more advanced crisis management training with plenty of interactive crisis simulation practice? Then we advise you to register for our Crisis Management Practitioner Course. This training was specifically designed by expert crisis management consultants for professionals considering a career in crisis management or crisis communications. What is included in this Crisis Management Foundation course? Before the training starts, you will receive your course material through our student portal. The course materials are in English. The language of instruction is either English or Dutch, depending on the participants. The language of instruction for this course is English. Your Crisis Management Foundation training package includes: Official SECO-Institute course materials developed by practicing crisis management professionals; Training from passionate instructors with extensive experience in crisis management (consultancy); Practice exam and exam syllabus so you can fully prepare for your certification exam; Certification exam voucher; Access to the (S)ECO-system, a professional community website where you will find additional resources and exclusive knowledge events. Target group: This Crisis Management Foundation course is ideal for beginners with no previous experience in crisis management. If you are interested in learning the basics of identifying (potential) crises, containing the impact of adverse events on your organisation and communicating during a crisis to stakeholders, this course is the perfect choice. Do you already have a good understanding of key crisis management principles? And are you looking for a more advanced crisis management training with plenty of interactive crisis simulation practice? Then we advise you to register for our Crisis Management Practitioner Course. This training was specifically designed by expert crisis management consultants for professionals considering a career in crisis management or crisis communications. Subjects: Module 1: Introduction to Crisis Management General themes and the importance of crisis management Developments and trends in crisis management Crisis Management Framework Module 2: Prepare Your Organisation for a Crisis Developing a crisis management program The Crisis Management Team Roles and responsibilities in the Crisis Management Team Raising awareness Module 3: Crisis Management Process Crisis control methodology The OODA Loop (Observe, Orient, Decide, Act) Communication between CMO teams (Crisis Management Organisation) Performance of the CMT (Crisis Management Team) Module 4: Crisis Communications The concept of crisis communications Internal and external crisis communications Reputation management Goals and result: Our Crisis Management Foundation course introduces you to the fundamental principles of effective crisis management and crisis communications. In this beginner’s crisis management training, you will familiarise yourself with the crisis management lifecycle and learn what activities you need to perform in each crisis stage to contain the impact of a crisis and help your organisation recover from disruptions. While getting acquainted with industry best-practice crisis management methodology, you will gain insight into real-world crisis management experts’ tips and tricks on crisis preparedness and crisis response, with a special focus on internal and external communications during a crisis. Furthermore, you will understand how an internal crisis organisation functions and what resources it needs to perform its tasks. Throughout the course, you will participate in basic Crisis Management Team meetings and apply your newly acquired crisis management skills to basic crisis scenarios with real-life relevance. Teaching methods: What is included in this Crisis Management Foundation course? Before the training starts, you will receive your course material through our student portal. The course materials are in English. The language of instruction is either English or Dutch, depending on the participants. It is an english spoken online classroom. Your Crisis Management Foundation training package includes: Official SECO-Institute course materials developed by practicing crisis management professionals; Training from passionate instructors with extensive experience in crisis management (consultancy); Practice exam and exam syllabus so you can fully prepare for your certification exam; Certification exam voucher; Access to the (S)ECO-system, a professional community website where you will find additional resources and exclusive knowledge events. Program setup: 3 course days, 1pm – 5pm CEST 8 hours of self-study 1 CPE credit per study hour English spoken online classroom Related programs: For follow-up options, please visit our website. 

Hands-on beginner's Dark Web training by experienced cyber security specialists Understand the technology behind the Dark Web; Use Tor to discover hidden sites and services; Grasp the business dynamics of Dark Markets; Gain insight into Dark Web investigations through real-world incidents; Get a thorough grounding in Bitcoin transactions, Bitcoin mining and Bitcoin laundering. The language of instruction for this course is English. About this program: Dark Web Foundation – Learn to safely access and navigate the Dark Web In Dark Web Foundation, you learn how to safely access the Dark Web and how to find information on Dark websites for threat intelligence or research purposes. This hands-on beginner’s Dark Web training draws on the practical experience of high-level cybersecurity experts and Dark Web researchers. The learning material was co-developed with the Netherlands Organisation for Applied Scientific Research (TNO), the first scientific research institute to partner with INTERPOL to combat cybercrime. During the course, you will understand the technology behind the Dark Web, and you will use Tor to discover hidden sites and services. You will grasp the business dynamics of Dark Markets, and you will gain insight into Dark Web investigations through real-world incidents. Finally, you will get a thorough grounding in Bitcoin transactions, Bitcoin mining and Bitcoin laundering. To participate in Dark Web Foundation, you will need to install the TOR browser on your PC/Laptop. Who is Dark Web Foundation for? Dark Web Foundation is an ideal training for technical and non-technical security professionals, investigators and intelligence officials, especially: IT and information security professionals who aspire to use the Dark Web for (cyber) threat intelligence, will benefit from learning the basics of accessing the Dark Web safely and monitoring it for new threats; Law enforcement and intelligence professionals (police, justice, defence, fiscal authorities and investigators) will benefit from insights on how criminal activities evolve on the hidden part of the web, and how crypto currencies are used for money transactions and money laundering. Dark Web Foundation has also received keen interest from policy-makers and government officials in their efforts to develop legislation to combat crime in the digital era. What is included in Dark Web Foundation? Official SECO-Institute course materials developed by practicing cyber security specialists; Training from passionate instructors who are active in Dark Web monitoring and cyber security research; Practice exam and exam syllabus so you can fully prepare for your Dark Web certification exam; Certification exam voucher; Access to the (S)ECO-system, a professional community website where you will find additional resources and knowledge events. Target group: Dark Web Foundation is an ideal training for technical and non-technical security professionals, investigators and intelligence officials, especially: IT and information security professionals who aspire to use the Dark Web for (cyber) threat intelligence, will benefit from learning the basics of accessing the Dark Web safely and monitoring it for new threats; Law enforcement and intelligence professionals (police, justice, defence, fiscal authorities and investigators) will benefit from insights on how criminal activities evolve on the hidden part of the web, and how crypto currencies are used for money transactions and money laundering. Dark Web Foundation has also received keen interest from policy-makers and government officials in their efforts to develop legislation to combat crime in the digital era. Subjects: Course modulesModule 1: Introduction to the Dark Web History of the Dark Web and the Tor project Understanding Dark Markets Finding Deep/Dark Web sites Module 2: The Onion Router (Tor) Identifiable information Pretty Good Privacy (PGP) and cryptographic principles Onion routing Perfect forwarding secrecy The Tor browser Module 3: Bitcoin and Blockchain Bitcoin basics Blockchain technology Advanced wallets Bitcoin laundering and mixing services Goals and result: During the course, you will understand the technology behind the Dark Web, and you will use Tor to discover hidden sites and services. You will grasp the business dynamics of Dark Markets, and you will gain insight into Dark Web investigations through real-world incidents. Finally, you will get a thorough grounding in Bitcoin transactions, Bitcoin mining and Bitcoin laundering. Teaching methods: What is included in Dark Web Foundation? Official SECO-Institute course materials developed by practicing cyber security specialists; Training from passionate instructors who are active in Dark Web monitoring and cyber security research; Practice exam and exam syllabus so you can fully prepare for your Dark Web certification exam; Certification exam voucher; Access to the (S)ECO-system, a professional community website where you will find additional resources and knowledge events. Program setup: 3 days, 1pm – 5.30pm CEST 8 hours of self-study 1 CPE credit per study hour Participants need to install the TOR browser on their PC/Laptop English spoken online classroom Related programs: For follow-up options, please visit our website. 

Learn information security fundamentals from practicing information security experts. Information security is crucial for all employees within an organization. It is essential that they understand why certain actions should be taken while others should not be performed during their daily activities. The language of instruction for this course is English. About this program: The Information Security Foundation (ISF) course provides a comprehensive understanding of information security and risk management. Participants learn about the importance of information security and how to integrate risk management into their organization. The course covers strategies to mitigate human, organizational, and technological risks. By the end of the course, participants are equipped to protect sensitive information, ensure compliance, and promote a security-conscious culture within their organization. This Foundation training is the first level of SECO's unique complete information security training and certification trajectory. It prepares you for the Practitioner level (training at the Information Security Officer level with practical policy development, risk assessment, awareness planning, standard implementation, and improvement planning exercises after the audit). The trajectory culminates in an Expert – CISO training focused on strategic leadership in information security. The course includes an (re)exam voucher (code) for the official SECO-Institute exam. Pass Guarantee: If, unexpectedly, you do not pass the Information Security Foundation (ISF) exam, you are entitled to retake the course (or its components) for free. You can continue to participate in the course days and lessons at no cost if there are available spots. Target group: Is this Information Security Foundation course for you? Information Security Foundation gives you a solid grounding in information security management principles and best practices. This course is an ideal choice if you aspire to start a career in information security management without a security background. Having completed Information Security Foundation, you will be well-equipped to move on to more advanced information security management trainings and certifications. For example, you will be competent to join our Information Security Practitioner training where you can practice an Information Security Officer’s tasks, from ISO 27001 implementation planning to performing information security risk assessments or developing security awareness programs. You will also be able to follow our ISACA Certified Information Security Manager (CISM) Preparation Course and prepare to earn your ISACA CISM certificate. Information security awareness and fundamental information security skills are becoming indispensable in all sectors. Do you work with information in any capacity? Completing this Information Security Foundation course and certifying your skills can add extra value to your professional profile. Finally, we also recommend this training to business owners or (line) managers who would like to oversee and understand their information security responsibilities, or aim to educate their employees on information security beyond ‘traditional’ awareness trainings. Subjects: Module 1 – Introduction to Information Security: What is information security? The importance of information security for organizations and employees The evolution of information security The information security process in a continuously changing environment Roles and responsibilities to manage information security Module 2 – Information & Risk: Elements and objectives of the risk management process Standards, laws and regulations, social obligations Relationship with other business plans Data protection & privacy How information risk management is governed Information and enterprise-wide risk management processes Qualitative and quantitative risk assessments Risk assessments & threat modeling Risk governance Module 3: Risk Mitigation – Human Factor: What is information security awareness? The boundaries of awareness programs Module 4 – Risk Mitigation – Organizational Focus: The information security framework The use of standards and best practices Module 5: Risk Mitigation – Technological Focus: Asset management Identity and access management Data protection Vulnerability management Incident response Security intelligence Practice Exam At the end of the course, you will complete a practice exam that mimics the SECO Information Security Foundation Certification Exam. After completing the practice exam, you will have the opportunity to discuss your results with your trainer and the group. Goals and result: At the end of the course, you will communicate with confidence about information security topics. You will have a good understanding of information security risks, you will be able to identify information security risks in a given context, and you will be competent to identify suitable best-practice physical, organisational and technical information security controls to mitigate specific information security risks. Teaching methods: What is included in this Information Security Foundation course? Official SECO-Institute course materials developed by practicing information security officers and consultants; Online training by passionate instructors who are active in the information security industry; Practice exam and exam syllabus so you can fully prepare for your certification exam; Certification exam voucher; Access to the (S)ECO-system, the SECO-Institute’s professional community website where you will find additional resources and exclusive knowledge events. Program setup: 3 days, 1pm – 5.30pm CEST 8 hours of self-study 1 CPE credit per study hour English spoken online classroom Related programs: For follow-up options, please visit our website. 

Learn IT security fundamentals from practicing IT security specialists Build solid IT security knowledge without having to immerse yourself deeply in information technology; Learn what components make up an IT infrastructure and understand the (potential) vulnerabilities of each component; Explore how attackers exploit common vulnerabilities and what tools, techniques and controls you can use to prevent exploitation; Get a practical overview of best-practice hardware, software, network, database and cloud vulnerabilities and protections; Benefit from the insights of practicing cyber security managers and specialists. The language of instruction for this course is English. About this program: IT-Security Foundation Course – Entry-level IT security training by practicing IT security specialists Information security rests on three pillars: people, processes and technology. None of the three can do without the rest. But understanding the technical pillar is often quite difficult for security managers. Our IT-Security Foundation course gives you a complete introduction to the concepts and tools used in IT security, and equips you with the knowledge and skills you need to effectively communicate with IT professionals to improve your organisation’s technical (cyber) security. Designed by practicing IT security experts with experience in (cyber) security management, this beginner’s IT security training helps you understand fundamental IT security principles, challenges and best-practice remedies without asking you to immerse yourself in technical details. In this course, you will get a complete overview of IT infrastructure components, vulnerabilities and protection mechanisms. You will learn what components make up an IT infrastructure and how each component can be secured against common threats. In particular, you will explore common hardware, operating system, software, network, database and cloud vulnerabilities and protections. You will understand how attackers operate and what best-practice defence techniques you can use to protect yourself against attacks. By completing this IT-Security Foundation course, you will understand the security threats that could affect your IT infrastructure, and you will know how to secure each component to protect your organisation from security risks. If you are building a career in IT security, this course is ideal to build up the fundamental IT security skills you need to move on to advanced IT security trainings and certifications. After completing IT-Security Foundation, you will be fully equipped to follow our IT-Security Practitioner course, where you will have the opportunity to deep-dive into the pragmatics of securing an IT infrastructure and practice an IT Security Manager’s tasks with realistic hands-on assignments. You will also have sufficient technical knowledge to follow our CISM Preparation Course and prepare for your ISACA CISM certification exam. Prerequisites to joining this IT Security Foundation course This is an entry-level IT security training. No previous knowledge or experience is required. Familiarity with the most commonly used IT terms is recommended. The course is ideal for absolute beginners with a basic knowledge of computers and technology. Do you already have a good understanding of IT security principles and you are interested in practicing a Security Manger’s tasks? Take our IT-Security Practitioner course and ready yourself for a career in IT security management. Target group: Is this IT-Security Foundation course for you? This course was primarily designed for professionals who have a limited technical background but should be able to work together with technical IT security experts, network or system administrators with ambitions to start a career in IT security, and aspiring information security professionals who lack technical security knowledge. Typical participants include: Aspiring information security officers IT risk officers IT governance officers Auditors Line managers Service management officers Helpdesk employees Subjects: IT-Security Foundation Course ModulesSystems Hardware Operating systems Modes of cooperation Software Types of software Common causes of vulnerabilities Mitigations for common vulnerabilities Databases Networking Networking devices Network connections Network models Network architecture Network addressing Cryptography Types of cryptography Public Key Infrastructure Major cryptographic network protocols Major cryptographic applications IT security administration Know your enemy: Hacking as a process, Tool of their trade Know yourself: IT security administration as a process, Tool of our trade Goals and result: By completing this IT-Security Foundation course, you will understand the security threats that could affect your IT infrastructure, and you will know how to secure each component to protect your organisation from security risks. If you are building a career in IT security, this course is ideal to build up the fundamental IT security skills you need to move on to advanced IT security trainings and certifications. After completing IT-Security Foundation, you will be fully equipped to follow our IT-Security Practitioner course, where you will have the opportunity to deep-dive into the pragmatics of securing an IT infrastructure and practice an IT Security Manager’s tasks with realistic hands-on assignments. You will also have sufficient technical knowledge to follow our CISM Preparation Course and prepare for your ISACA CISM certification exam. Teaching methods: What is included in this IT-Security Foundation course? Official SECO-Institute course materials developed by practicing IT security specialists; Training from passionate instructors who are active in IT security (management); Practice exam and exam syllabus so you can fully prepare for your certification exam; Certification exam voucher; Access to the (S)ECO-system, the SECO-Institute’s professional community website where you will find additional resources and exclusive knowledge events. Program setup: 3 course days, 1pm – 5.30pm CEST 8 hours of self-study 1 CPE credit per study hour English spoken online classroom Related programs: For follow-up options, please visit our website. 

Intensive CISM exam training with officially ISACA-accredited trainers Establish and maintain an information security governance framework and supporting processes; Manage information risk to an acceptable level based on risk appetite; Develop and maintain an information security program; Plan, establish and manage the capability to detect, investigate, respond to and recover from information security incidents. The language of instruction for this course is English. About this program: CISM® Preparation Course – Intensive CISM training Our CISM Preparation Course will help you master the skills you need to pass the ISACA Certified Information Security Manager certification exam and earn your CISM qualification. In this intensive five-day CISM training, you will learn how to manage, design, oversee and assess enterprise information security. You will cover all domains of the CISM certification exam with expert trainers who are active in cyber security risk management and incident management and can help you with practical insights. To fully prepare for your CISM certification exam and future career, the course will challenge you to practice exam-style questions as well as apply your knowledge in practical contexts. The Security Academy is an Accredited ISACA Training Partner, which means you will get access to official ISACA CISM® courseware. Completing this unique CISM Preparation Course, you will gain in-depth understanding of the ISACA CISM domains (Information Security Governance, Information Security Risk Management, Information Security Program and Incident Management). At the same time, you will benefit from the guidance of real-world (cyber) security management experts who are up to date with current practices that will help you excel at your CISM certification exam as well as your career in an information security management role. Is this CISM Preparation Course for you? This CISM Preparation Course is intended for information or IT security professionals who aspire to manage information security programs and advance their career to a senior information security management role. Since the ISACA CISM certification is particularly popular amongst professionals with an IT or information security background, our CISM exam training is typically attended by IT (security) managers, information security officers, security consultants, security program managers and IT auditors. Prerequisites to joining this CISM Preparation Course This CISM Preparation Course is designed to prepare you for the ISACA CISM certification exam. To make the most of the training, you need to have a good understanding of fundamental information security management and technical IT security principles. Are you new to information security management? Or would you just feel more comfortable taking an entry-level information security management training before moving on to CISM? Learn all the essentials in three days in our  Information Security Foundation course. Unsure if you know enough of IT security to follow CISM®? Take three days to cover the basics in our IT Security Foundation course. What is included in this CISM Preparation Course? Before the training starts, you will receive your official ISACA CISM® courseware through our student portal. The course materials are in English. The language of instruction is either English or Dutch, depending on the participants.. Your CISM training package includes: Official ISACA CISM® courseware Additional course materials (slides, use cases, exam questions) Expert trainer who is active in security risk management and incident management Practice exam, evaluation and discussion on the last day Target group: This CISM Preparation Course is intended for information or IT security professionals who aspire to manage information security programs and advance their career to a senior information security management role. Since the ISACA CISM certification is particularly popular amongst professionals with an IT or information security background, our CISM exam training is typically attended by IT (security) managers, information security officers, security consultants, security program managers and IT auditors. Subjects: CISM Preparation Course ModulesModule 1: Information Security Governance ‘Establish and maintain an information security governance framework and supporting processes to ensure that the information security strategy is aligned with organizational goals and objectives.’ This module covers the organization and management of the information security function within an organization. This includes describing information security goals (in measurable terms), determining roles and responsibilities, describing the current and desired situation, performing a gap analysis, translating your findings to a plan of action… and getting to work! Module 2: Information Risk Management and Compliance ‘Manage information risk to an acceptable level based on risk appetite to meet organizational goals and objectives.’ This module provides insights into formulating a risk management strategy, identifying associated roles and responsibilities, determining the risk management framework, performing risk gap analysis, assessing and treatingrisks, integrating risk management with life cycle processes and working with baseline measures, as well as risk monitoring and communication. Module 3: Information Security Program Development ‘Develop an information security program that identifies, manages and protects the organization’s assets while aligning to information security strategy and business goals, thereby supporting an effective security posture.’ In this module, you will start translating the action plan made in Module 1 into an information security program. You will determine program objectives and program scope, perform a gap analysis, and outline the current and desired situation. Based on this, you will develop an information security program, paying attention to information security architectures, management tasks, operational aspects of program implementation, third party influences, and the types of measures that can be implemented. You will also grasp how to establish metrics to evaluate the effectiveness of an information security program. Module 4: Managing an Information Security Program ‘In Module 3 you covered Information Security Program Development. In this module you will learn how to manage the security program you just developed.’ Module 5: Incident Management and Response ‘Plan, establish and manage the capability to detect, investigate, respond to and recover from information security incidents to minimize business impact.’ And what if the unexpected happens? What if an incident turns into a disaster?  In this module, you will learn how to develop incident response goals and procedures and how to establish a competent and trained incident response team. You will explore how to develop and implement incident response plans, disaster recovery plans and procedures. Plans need to be extensively tested and integrated with the organization’s disaster recovery (DR) and business continuity plan, so you will also get a good grounding in this area. Finally, you will learn what to do after an incident: how to conduct reviews to identify the causes, how to define corrective actions, and how to re-assess relevant risks. Practice Exam On your last course day, you will take an extensive CISM practice exam, so that you can judge for yourself to what extent you are ready for the official ISACA CISM certification exam and to which domains you should pay more attention. After taking the practice exam, you will have the opportunity to discuss answers or potential issues with your trainer and the group.  Goals and result: Completing this unique CISM Preparation Course, you will gain in-depth understanding of the ISACA CISM domains (Information Security Governance, Information Security Risk Management, Information Security Program and Incident Management). At the same time, you will benefit from the guidance of real-world (cyber) security management experts who are up to date with current practices that will help you excel at your CISM certification exam as well as your career in an information security management role. Teaching methods: What is included in this CISM Preparation Course? Before the training starts, you will receive your official ISACA CISM® courseware through our student portal. The course materials are in English. The language of instruction is either English or Dutch, depending on the participants.. Your CISM training package includes: Official ISACA CISM® courseware Additional course materials (slides, use cases, exam questions) Expert trainer who is active in security risk management and incident management Practice exam, evaluation and discussion on the last day Program setup: 5 course days 40-60 hours of self-study One CPE credit per hour (including self-study) English spoken online classroom Related programs: For follow-up options, please visit our website. 

Complete beginner's GDPR training & certificate. Learn from experienced privacy professionals. Understand the GDPR through easy explanations, real-world examples and practical exercises; Get a clear picture of your rights and obligations under the GDPR; Translate the GDPR to your daily life and work. About this program: Data Protection Foundation – Comprehensive online beginner’s GDPR training and certificate Our Data Protection Foundation course is designed by experienced privacy experts to help you truly understand the EU General Data Protection Regulation (GDPR) and meet fundamental compliance requirements. The training combines in-depth analysis of the GDPR’s key terms and provisions, practical examples, interactive group discussions and exercises based on actual events to equip you with the ability to translate the GDPR to your daily work. By completing the course and passing your certification exam, you demonstrate your ability to handle personal data in a GDPR-compliant way, which is a valued skill for any job role that involves working with people’s information. If you aspire to start a career in privacy, you will be fully equipped to follow Data Protection Practitioner, a hands-on training to learn and practice the tasks of a Data Protection Officer. Why join Data Protection Foundation? Privacy is an ongoing concern for organisations in all sectors. Data protection authorities are increasingly monitoring GDPR-compliance, imposing fines of up to 4% of an organisation’s annual global turnover or €20 million. At the same time, consumers are also becoming more aware of their privacy rights and more selective about whom they trust with their information. In today’s increasingly privacy-conscious regulatory and consumer landscape, a good understanding of European privacy rules and the ability to handle personal data in accordance with the GDPR are valuable skills in any industry. This entry-level course provides a basic but thorough introduction to the GDPR’s key principles and their application to real-world processing activities. No prior knowledge of the GDPR is required to participate. If you already have a good understanding of GDPR terminology, processing principles, controller and processor obligations and data subject rights, we recommend you to take our Privacy & Data Protection Practitioner course, where you can practice writing a privacy notice, conducting a Data Protection Impact Assessment (DPIA), drafting a data breach procedure, and performing other key DPO activities. Target group: Who should join Data Protection Foundation? This entry-level online GDPR training and certificate are ideal for anyone wishing to start a privacy career without a background in European data protection. The course is also extremely useful for professionals who work with personal data in other fields and wish to enhance their value to employers by adding certified GDPR skills to their profile. This training is the perfect choice if you: Aspire to start a career in privacy and want to have the basics covered before following more advanced GDPR trainings; Are an information security or IT security professional and wish to improve your cooperation with Data Protection and Privacy Officers; Own a business or manage a team, make decisions on collecting and using people’s information, and need to understand your obligations under the EU GDPR; Work with personal data in marketing, administration, healthcare, customer service, accounting or any other role and wish to enhance your value to employers by demonstrating your ability to contribute to your organisation’s GDPR-compliance. Subjects: Learning objectives of Data Protection Foundation Understand the historical and legal context of European privacy and data protection legislation and the General Data Protection Regulation; Understand the GDPR’s key terms and definitions; Understand the GDPR’s material and territorial scope (what information and what activities the GDPR applies to, what are the exceptions, and in what situations the GDPR applies within and outside the EU/EEA); Understand the main provisions of the GDPR and their consequences for individuals and businesses; Interpret the GDPR’s seven key processing principles and apply them to real-life situations; Interpret the restrictions on the processing of personal data and apply your knowledge to real-life situations; Interpret the obligations of controllers and processors and apply your knowledge to real-life situations; Know how compliance with the GDPR can be demonstrated to the supervisory authority; Understand the consequences of non-compliance; Know where to find additional information and resources about specific provisions. Goals and result: This entry-level course provides a basic but thorough introduction to the GDPR’s key principles and their application to real-world processing activities. No prior knowledge of the GDPR is required to participate. If you already have a good understanding of GDPR terminology, processing principles, controller and processor obligations and data subject rights, we recommend you to take our Privacy & Data Protection Practitioner course, where you can practice writing a privacy notice, conducting a Data Protection Impact Assessment (DPIA), drafting a data breach procedure, and performing other key DPO activities. Teaching methods: What is included? Official SECO-Institute course materials developed by practicing data protection specialists; Training from experienced privacy experts who can introduce you to real-world privacy issues and solutions; Practice exam and exam syllabus so you can fully prepare for your certification exam; Certification exam voucher Access to the (S)ECO-system, a professional community website where you will find additional resources and data protection templates you can use at work. Program setup: 3 course days, 1pm – 5.30pm CEST 8.5 hours of self-study 1 CPE credit per study hour English spoken online classroom Related programs: For follow-up options, please visit our website. 

Intensive CISA® training with ISACA-accredited trainers Develop a risk-based information systems audit strategy; Plan and conduct information system audits according to audit standards; Provide conclusions on the state of an organisation’s information and IT security, including risk and control solutions; The language of instruction for this course is English. About this program: CISA® Preparation Course – Intensive CISA® training with ISACA-accredited trainers Our CISA® Preparation Course will help you master the skills you need to pass the ISACA Certified Information Systems Auditor (CISA)® certification exam and advance your  career as an IT or information security auditor. In this intensive CISA® training, you will learn how to provide audit services in accordance with industry standards to assist organisations in protecting and controlling information systems. You will learn how to assess the state of an organisation’s information and IT security, identify critical issues, and recommend specific practices to safeguard the governance of information. You will cover the five domains of the CISA® certification exam with ISACA-accredited trainers who are also active in the IT security industry and up to date with current practices, which will help you excel at your CISA® certification exam as well as your career in IT or information security auditing. To fully prepare for your CISA® certification exam and future career, the course will challenge you to practice with exam-style questions as well as authentic case studies. The Security Academy is an Accredited ISACA Training Partner, which means you will study with official ISACA CISA® courseware. After completing this course, you will have a thorough understanding of the five CISA® domains (Information Systems Audit Process, IT Governance and Management, Information Systems Acquisition, Development, and Implementation, Information Systems Operations, Maintenance, and Support, and Protection of Information Assets). You will be well-equipped to pass your CISA® certification exam and apply your CISA® knowledge and skills in your daily work. What makes this CISA® Preparation Course unique? ISACA-accredited trainers with specific expertise in the CISA® domains Authentic use cases and practice exam questions for each domain Extensive CISA® practice exam on the last day, including evaluation and follow-up discussion Success guarantee: Pass the CISA® exam on your first try or retake (parts of) the course for free! Prerequisites to joining this CISA® Preparation Course The CISA® training is not a technical course, but basic knowledge of IT security is strongly recommended. Unsure if you know enough of IT security to follow CISA®? Cover the basics first in our IT Security Foundation course. Is this CISA® Preparation Course for you? The CISA® certification is for (aspiring) IT and information security auditors and control, assurance and information security professionals who would like to advance their career with the CISA® certification. Our CISA® Preparation Course is typically attended by IT auditors, IT managers, information security officers, security architects and security consultants. What is included in this CISA® Preparation Course? Official ISACA CISA® course materials Additional course materials (slides, use cases, exam questions) Practice exam, evaluation and discussion on the last day Target group: The CISA® certification is for (aspiring) IT and information security auditors and control, assurance and information security professionals who would like to advance their career with the CISA® certification. Our CISA® Preparation Course is typically attended by IT auditors, IT managers, information security officers, security architects and security consultants. Subjects: CISA® Preparation Course ModulesModule 1: The Process of Auditing Information Systems This module covers how IT auditors provide their services in accordance to the IT audit standards to assist organisations in the protection and control of information systems. This module also addresses the development and implementation of risk-based IT audit strategies, audit planning and reporting the findings. Topics covered: Risk-based IS audit strategy Planning and conducting audits Control self-assessments Communicating audit results and follow-up Module 2: Governance and Management of IT This module covers how auditors provide assurance of an organisation’s information governance and risk management structure and processes. Topics covered: Evaluate organizational IT strategy; IT governance structure; organisational structure and HR management; IT policies, standards and procedures Evaluate IT resource management and IT portfolio management Evaluate risk management practices and IT management Evaluate controls and KPIs Evaluate the organisation’s business continuity planning Module 3: Information Systems Acquisition, Development and Implementation This module covers how IT auditors provide assurance that the acquisition, development, testing and implementation of information systems meet the organisation’s objectives. Topics covered: Evaluate business cases for proposed investments Evaluate IT supplier selection and contract management processes Evaluate the project management framework and conduct reviews Virtualisation and CSP (Cloud service provider) architecture Evaluate readiness for implementation Conduct post implementation reviews Module 4: Information Systems Operations, Maintenance and Support This domain explains how to provide assurance that the processes governing the operation, maintenance and support of an organisation’s information systems are aligned with the organisation’s objectives. Topics covered: Evaluate IT service management framework and practices Conduct periodic reviews of IS Evaluate IT operations and IT maintenance, evaluate database management practices and data quality Evaluate problem and incident management Change and release management practices Evaluate end-user computing, and IT continuity and resilience Disaster recovery testing Module 5: Protection of information assets This module explains how to ensure that security policies, standards and procedures protect the integrity, confidentiality and availability of the organisation’s information assets. Topics covered: Evaluate information security and privacy Evaluate physical and environmental controls Evaluate the system and logical security controls Evaluate classification of data and information asset safeguards Evaluate information security programs Practice Exam On your last course day, you will take an extensive CISA practice exam, so that you can judge for yourself to what extent you are ready for the official ISACA CISA® certification exam and to which domains you should pay more attention. After taking the practice exam, you will have the opportunity to discuss answers or potential issues with your trainer and the group. Goals and result: After completing this course, you will have a thorough understanding of the five CISA® domains (Information Systems Audit Process, IT Governance and Management, Information Systems Acquisition, Development, and Implementation, Information Systems Operations, Maintenance, and Support, and Protection of Information Assets). You will be well-equipped to pass your CISA® certification exam and apply your CISA® knowledge and skills in your daily work. Teaching methods: What is included in this CISA® Preparation Course? Official ISACA CISA® course materials Additional course materials (slides, use cases, exam questions) Practice exam, evaluation and discussion on the last day Program setup: 5 course days 40-60 hours of self-study 1 CPE credit per study hour English spoken online classroom Related programs: For follow-up options, please visit our website. 

Master fundamental business continuity terminology, concepts and principles; 9Gain a full understanding of the business continuity management process based on ISO 22301 and ISO 22313; Understand the steps of building an effective business continuity program and gain insight into how business continuity planning affects your organisation’s operational activities. The language of instruction for this course is English. About this program: Our Business Continuity Foundation course gives you a comprehensive introduction to designing, implementing and improving a Business Continuity Management Process (BCMP). Designed by practicing business continuity managers, this entry-level business continuity management training offers a concise but in-depth coverage of the key topics of business continuity management, combining best-practice know-how with practical examples, interactive group discussions and fresh insights from the industry. In this entry-level business continuity management training, you will work with a unique business continuity management process model, a step-by-step guide developed by practicing Business Continuity Managers based on ISO 22301 and ISO 22313, the most widely used international business continuity management standards. As you move along in the course, you will understand what steps you need to take to build an effective business continuity program, and how business continuity planning affects your organisation’s operational activities. At the end of the course, you will have a good understanding of business continuity management terminology, concepts and principles, and you will be able to contribute to your organisation’s continuity efforts at the operational level. Is this Business Continuity Foundation course for you? Business Continuity Foundation was designed by practicing business continuity experts for professionals who have an interest in business continuity planning and raising business continuity awareness across their organisation. This course and certificate are ideal for you, if you are considering starting a career in business continuity or resilience management. If you are a facility manager or information security professional, you (will) likely need to work with business continuity teams to ensure your organisation’s safety. This business continuity training will help you acquire the basics you need to successfully cooperate with business continuity, disaster recovery and resilience professionals. Are you a start-up founder or SME owner? Benefit from the practical insights shared in this training to develop a solid game plan to shield your business against unexpected events. Prerequisites to joining this Business Continuity Foundation course This is an entry-level business continuity management training. No previous knowledge or experience is required. What is included in this Business Continuity Foundation course? Official SECO-Institute course materials developed by practicing business continuity managers; Training from passionate instructors who are active in the business continuity industry; Practice exam and exam syllabus so you can fully prepare for your certification exam; Certification exam voucher; Access to the (S)ECO-system, the SECO-Institute’s professional community website where you will find additional resources and exclusive knowledge events. Target group: Business Continuity Foundation was designed by practicing business continuity experts for professionals who have an interest in business continuity planning and raising business continuity awareness across their organisation. This course and certificate are ideal for you, if you are considering starting a career in business continuity or resilience management. If you are a facility manager or information security professional, you (will) likely need to work with business continuity teams to ensure your organisation’s safety. This business continuity training will help you acquire the basics you need to successfully cooperate with business continuity, disaster recovery and resilience professionals. Are you a start-up founder or SME owner? Benefit from the practical insights shared in this training to develop a solid game plan to shield your business against unexpected events. Subjects: Business Continuity Foundation Course Modules   Business Continuity Process Development & Identifying ThreatsModule 1 – Developing a Business Continuity Process Topics: Understand the steps of the BCM process, and gain insight into input and output  Understand the importance of implementing BCM as a support process Understand how the BCM process relates to other organisational processes Understand the importance of assessing the maturity of an existing BCM process through preliminary research and gap analysis Understand the BCM status of your organisation and identify improvement opportunities Design a BCM process from an organisational point of view Understand how to allocate tasks, roles and responsibilities, and how to develop policies Understand the basics of implementing BCM policy  Module 2 – Threats, Vulnerabilities and Business Impact Understand two main BCM pillars: Business Impact Analysis Identify and understand the (possible) consequences of disruptions in product / service delivery Understand the time it is allowed for processes to be outside the company Threats and Vulnerability Analysis Identify internal and external threats and vulnerabilities in a given context Identify best-practice measures to prevent adverse events Business Continuity Plan & Testing and MaintenanceModule 3 – Developing and Implementing a Business Continuity Plan Topics: Familiarise yourself with the various components of a Business Continuity Plan (BCP) Learn about the costs and benefits of BCP components (including occupational safety and health, crisis and recovery planning) Identify recovery time objectives, recovery point objectives and other factors to take into account when developing a BCP Module 4 – Testing and Maintaining a Business Continuity Plan Topics: Understand that the BCM process needs constant maintenance Learn how to test a complete Business Continuity Plan from test preparation to execution and evaluation Understand audit processes and audit focus areas in a BCM process Goals and result: In this entry-level business continuity management training, you will work with a unique business continuity management process model, a step-by-step guide developed by practicing Business Continuity Managers based on ISO 22301 and ISO 22313, the most widely used international business continuity management standards. As you move along in the course, you will understand what steps you need to take to build an effective business continuity program, and how business continuity planning affects your organisation’s operational activities. At the end of the course, you will have a good understanding of business continuity management terminology, concepts and principles, and you will be able to contribute to your organisation’s continuity efforts at the operational level. Teaching methods: What is included in this Business Continuity Foundation course? Official SECO-Institute course materials developed by practicing business continuity managers; Training from passionate instructors who are active in the business continuity industry; Practice exam and exam syllabus so you can fully prepare for your certification exam; Certification exam voucher; Access to the (S)ECO-system, the SECO-Institute’s professional community website where you will find additional resources and exclusive knowledge events. English spoken online classroom Program setup: 3 course days, 1pm – 5.30pm CEST 8,5 hours of self-study 1 CPE credit per study hour Related programs: For follow-up options, please visit our website. 

INLEIDING De operational auditor heeft als taak het bestuur en het management (aanvullende) zekerheid te geven over de wijze waarop de risico’s, die realisatie van de organisatiedoelstellingen bedreigen, worden beheerst. Mocht deze risicobeheersing onvoldoende blijken, dan dient de operational auditor het bestuur en het management hierover te informeren en te adviseren. Hiermee levert de operational auditor een belangrijk bijdrage aan het lerend vermogen van de organisatie. De laatste jaren is de aandacht voor goed functionerende risicobeheersing- en controlesystemen sterk gegroeid. Aangewakkerd door de vele schandalen wordt meer dan ooit gelet op de mate waarin organisaties ‘in control’ zijn. De rol van de operational auditor wordt dan ook steeds belangrijker. ONDERWERPEN Tijdens de cursus komen de volgende onderwerpen aan bod: Corporate governance Internal/operational auditing Controlmodellen Auditmethodiek Auditontwerp Normenkader Testplan Auditvaardigheden Interviewvaardigheden Rapportagevaardigheden LEERDOELEN Na afloop van de cursus is de deelnemer in staat: operational auditing als concept te duiden; het belang van operational auditing toe te lichten; enkele belangrijke controlmodellen uiteen te zetten; een auditontwerp (inclusief normenkader) voor audits binnen de eigen organisatie te ontwikkelen; een interviewschema op te stellen dat aansluit op het normenkader; gesprekstechnieken toe te passen binnen de verschillende fasen van een auditinterview; een auditrapportage op te stellen; en draagvlak te creëren voor de opvolging van de aanbevelingen die volgen uit audits. Je bent na afloop van de cursus in staat zelfstandig operational audits uit te voeren en het management (aanvullende) zekerheid te geven over de kwaliteit van de risicobeheersing binnen jouw organisatie. Je begrijpt bovendien hoe de operational auditfunctie kan worden ingezet als verbeterinstrument van het management. Door de opgedane auditvaardigheden lever je een stevige bijdrage aan het lerend vermogen van de organisatie. PROGRAMMA De cursus bestaat uit zeven dagdelen en drie e-learnings. De voorbereiding bedraagt ongeveer een tot twee uur per bijeenkomst.  Lesdag 1: Introductie + Corporate governance Lesdag 2: Controlmodellen Lesdag 3: Auditmethodiek Lesdag 4: Interviewvaardigheden + Rapportagevaardigheden Je volgt tijdens deze cursus de e-learnings Controlmodellen, Auditmethodiek en Interviewvaardigheden. Dat doe je tijd- en plaatsonafhankelijk, dus waar en wanneer je zelf wil. De kennis die je tijdens het doorlopen van deze e-learnings opdoet, pas je direct toe in de eigen praktijk. Je stelt namelijk tijdens deze cursus een auditontwerp op voor een audit binnen jouw organisatie. Tijdens de lesdagen, die je zowel fysiek als digitaal kunt bijwonen, ontvang je feedback op je auditontwerp van medestudenten en de docent. Vanzelfsprekend bestaat er tijdens deze bijeenkomsten alle ruimte voor het stellen van vragen. DOELGROEP Je bent werkzaam als (operational, IT- of financial) auditor, accountant, controller, risk officer, compliance officer, medewerker AO/IC, kwaliteitsmedewerker of proceseigenaar en van jou wordt verwacht een oordeel te kunnen vormen of te kunnen adviseren over de kwaliteit van risicobeheersing binnen jouw organisatie. Je wenst in korte tijd de basisbeginselen van operational auditing te doorgronden en in de praktijk toe te kunnen passen.