ISACA Advanced in AI Security Management (AAISM) Training Course

This instructor-led, live training in Taiwan (online or onsite) is designed for intermediate-level enterprise leaders who wish to understand how to responsibly govern and secure AI systems in compliance with emerging global frameworks such as the EU AI Act, GDPR, ISO/IEC 42001, and the U.S. Executive Order on AI.

Upon completion of this training, participants will be able to:

• Comprehend the legal, ethical, and regulatory risks associated with using AI across various departments.
• Interpret and apply major AI governance frameworks (including the EU AI Act, NIST AI RMF, and ISO/IEC 42001).
• Establish policies for security, auditing, and oversight regarding AI deployment within the enterprise.
• Develop guidelines for procurement and usage of both third-party and in-house AI systems.

Artificial Intelligence (AI) introduces new dimensions of operational risk, governance challenges, and cybersecurity exposure for government agencies and departments.

This instructor-led, live training (online or onsite) is aimed at public sector IT and risk professionals with limited prior experience in AI who wish to understand how to evaluate, monitor, and secure AI systems within a government or regulatory context.

By the end of this training, participants will be able to:

• Interpret key risk concepts related to AI systems, including bias, unpredictability, and model drift.
• Apply AI-specific governance and auditing frameworks such as NIST AI RMF and ISO/IEC 42001.
• Recognize cybersecurity threats targeting AI models and data pipelines.
• Establish cross-departmental risk management plans and policy alignment for AI deployment.

Format of the Course

• Interactive lecture and discussion of public sector use cases.
• AI governance framework exercises and policy mapping.
• Scenario-based threat modeling and risk evaluation.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

This instructor-led, live training in Taiwan (online or onsite) is aimed at beginner-level to intermediate-level IT professionals who wish to understand and implement AI TRiSM in their organizations.

By the end of this training, participants will be able to:

• Grasp the key concepts and importance of AI trust, risk, and security management.
• Identify and mitigate risks associated with AI systems.
• Implement security best practices for AI.
• Understand regulatory compliance and ethical considerations for AI.
• Develop strategies for effective AI governance and management.

This instructor-led, live training in Taiwan (online or onsite) targets intermediate to advanced AI developers, architects, and product managers who aim to identify and mitigate risks associated with LLM-powered applications, such as prompt injection, data leakage, and unfiltered output. The course also covers integrating security controls like input validation, human-in-the-loop oversight, and output guardrails.

Upon completing this training, participants will be able to:

• Comprehend the core vulnerabilities inherent in LLM-based systems.
• Apply secure design principles to LLM application architecture.
• Utilize tools such as Guardrails AI and LangChain for validation, filtering, and safety assurance.
• Integrate techniques like sandboxing, red teaming, and human-in-the-loop review into production-grade pipelines.

Description:

This four-day CGEIT training course serves as the ultimate preparation for the exam, meticulously designed to ensure you pass the challenging CGEIT examination on your first attempt.
The CGEIT qualification is an internationally recognized symbol of excellence in IT governance, awarded by ISACA. It is tailored for professionals tasked with managing IT governance or holding significant advisory or assurance responsibilities in this domain.
Earning CGEIT status enhances your marketplace recognition and increases your influence at the executive level.

Objectives:

This seminar is designed to prepare delegates for the CGEIT examination by enabling them to supplement their existing knowledge and understanding, ensuring they are better equipped to pass the exam as defined by ISACA.

Target Audience:

Our training course is intended for IT and business professionals who possess significant IT governance experience and are undertaking the CGEIT exam.

Description:

CISA® stands as the globally recognized and most prestigious certification for professionals engaged in IS auditing and IT risk consulting.

Our CISA program is an intensive, highly competitive, and exam-oriented training course. Having delivered over 150 CISA training sessions across Europe and worldwide, and trained more than 1,200 delegates, Net Security has developed its in-house CISA materials with the primary objective of ensuring delegates successfully pass the ISACA CISA® Exam. Our methodology emphasizes a deep understanding of CISA IS auditing concepts alongside rigorous practice using large question banks released by ISACA over the past three years. Over time, CISA holders have seen immense demand from prestigious accounting firms, global banks, advisory and assurance consultancies, as well as internal audit departments.

While delegates may possess years of IT auditing experience, their ability to solve CISA questions hinges entirely on their grasp of globally accepted IT assurance practices. The CISA exam is particularly challenging due to the potential for close discrepancies between plausible answer choices, which is where ISACA evaluates your understanding of global IT auditing standards. To address these challenges, we consistently provide expert trainers with extensive global experience in delivering CISA training.

The Net Security CISA manual encompasses all exam-relevant concepts, case studies, and Q&A across the five CISA domains. Additionally, the trainer provides key supporting materials such as relevant CISA notes, question banks, glossary, videos, revision documents, exam tips, and CISA mind maps throughout the course.

Goal:

The ultimate goal is to pass your CISA examination on the first attempt.

Objectives:

• Apply gained knowledge in a practical manner beneficial to your organization
• Deliver audit services in compliance with IT audit standards
• Provide assurance regarding leadership, organizational structure, and processes
• Provide assurance on the acquisition, development, testing, and implementation of IT assets
• Provide assurance on IT operations, including service operations and third-party engagements
• Provide assurance on the organization’s security policies, standards, procedures, and controls to ensure the confidentiality, integrity, and availability of information assets.

Target Audience:

Finance/CPA professionals, IT professionals, Internal & External auditors, Information security professionals, and risk consulting professionals.

This training is delivered as a workshop enriched with substantial professional knowledge. The curriculum aligns with the official CISA certification framework. Throughout the sessions, participants will engage in case studies to explore specific issues in depth. Instruction is conducted in English, with Polish available upon request, utilizing the ISACA handbook in English as the primary reference.
 

CISA Exam Material Scope:

• Information System Auditing Process (21%)
• Governance and Management of IT (17%)
• Information Systems Acquisition, Development and implementation (12%)
• Information Systems Operation and Business Resilience (23%)
• Protection of Information Assets (27%)

Duration of the exam: 4 hours
Type: multiple choice test
Volume: 200 questions

To claim the CISA qualification, you must meet the following requirements: 

1. Pass the CISA exam, achieving a scaled score of 450 or higher.
2. Adhere to the ISACA Code of Professional Ethics
3. Agree to comply with the CISA Continuing Professional Education Policy
4. Accumulate at least 5 years of professional experience in information systems auditing, control, or security.
5. Comply with Information Systems Auditing Standards

If you have passed the exam and believe you fulfill these requirements, you may begin the certification application process via this certification page.
An application fee of $50 is required.

Additionally, an annual maintenance fee is required to keep your certification active. ISACA members pay $40 per annum, while non-members pay $75 per annum.

Description:

Note: Please be aware that this updated CISM exam content outline applies to examinations commencing on June 1, 2022.

CISM® stands as the most prestigious and rigorous qualification for Information Security Managers globally. This credential offers you a pathway to join an exclusive peer network, empowering you to continuously learn and adapt to the evolving opportunities and challenges in Information Security Management.

Our CISM training methodology delivers comprehensive coverage across the four CISM domains, with a strong emphasis on building foundational concepts and mastering ISACA’s official CISM exam questions. This course serves as an intensive training program and rigorous exam preparation for the ISACA’s Certified Information Security Manager (CISM®) Examination.

Our instructors advise all participants to review the ISACA-released CISM QA&E (Questions, Answers, and Explanations) as part of their exam preparation. The QA&E is invaluable in helping participants understand the style and approach of ISACA questions, facilitating rapid memory assimilation of CISM concepts during live classroom sessions.
All our trainers possess extensive experience in delivering CISM training, ensuring you are thoroughly prepared for the CISM examination.

Goal:

The primary objective is to pass your CISM examination on the first attempt.

Objectives:

• Apply acquired knowledge practically to benefit your organization.
• Establish and maintain an information security governance framework to achieve organizational goals and objectives.
• Manage information risk to an acceptable level to meet business and compliance requirements.
• Establish and maintain information security architectures encompassing people, processes, and technology.
• Integrate information security requirements into the contracts and activities of third parties and suppliers.
• Plan, establish, and manage the capability to detect, investigate, respond to, and recover from information security incidents to minimize business impact.

Target Audience:

• Security professionals with 3-5 years of frontline experience.
• Information security managers or individuals with management responsibilities.
• Information security staff and assurance providers requiring an in-depth understanding of information security management, including: CISOs, CIOs, CSOs, privacy officers, risk managers, security auditors, compliance personnel, BCP/DR personnel, and executive and operational managers responsible for assurance functions.

Description:

This course serves as an intensive, rigorous exam preparation for the ISACA Certified Information Systems Auditor (CRISC) Examination. It comprehensively covers the latest four (4) domains of the ISACA CRISC syllabus, with a primary emphasis on exam readiness. Official ISACA CRISC Review Manuals and Question, Answer and Explanation (Q&A&E) supplements will be provided to all attendees. The Q&A&E materials are particularly valuable for helping participants grasp the specific style of ISACA questions, understand the types of answers they seek, and facilitate rapid memorization and comprehension of the course material.

The technical skills and practices promoted and evaluated by ISACA for the CRISC certification constitute the foundational elements of professional success in this field. Holding the CRISC certification validates your expertise and competency within the profession. As demand grows for professionals with specialized risk and control knowledge, ISACA’s CRISC has become the preferred certification for individuals and enterprises globally. This certification reflects a strong commitment to serving both your enterprise and your chosen profession with distinction.

Objectives:

• Enable you to pass the CRISC examination on your first attempt.
• Demonstrate your commitment to serving an enterprise with distinction through this certification.
• Capitalize on the growing demand for risk and control professionals, allowing certification holders to secure better positions and higher salaries.

You will learn:

• How to help enterprises achieve their business objectives by designing, implementing, monitoring, and maintaining risk-based, efficient, and effective IT controls.
• The technical skills and practices promoted by CRISC, which form the building blocks of success in the industry.

Description:

Cybersecurity expertise is in high demand as threats persistently challenge enterprises globally. A vast majority of professionals surveyed by ISACA acknowledge this reality and intend to pursue roles requiring cybersecurity knowledge.
To address this need, ISACA has introduced the Cybersecurity Fundamentals Certificate, offering education and skill verification in this domain.

Objectives:

With escalating cybersecurity threats and a growing global shortage of qualified security professionals, ISACA's Cybersecurity Fundamentals Certificate programme serves as an effective solution for rapidly training entry-level staff, ensuring they possess the necessary skills and knowledge to thrive in the cybersecurity landscape.

Target Audience:

This certificate program is an excellent opportunity to acquire foundational cybersecurity knowledge and start building expertise in this critical field.

This instructor-led, live training in Taiwan (online or onsite) is aimed at intermediate-level AI and cybersecurity professionals who wish to understand and address the security vulnerabilities specific to AI models and systems, particularly in highly regulated industries such as finance, data governance, and consulting.

By the end of this training, participants will be able to:

• Understand the types of adversarial attacks targeting AI systems and methods to defend against them.
• Implement model hardening techniques to secure machine learning pipelines.
• Ensure data security and integrity in machine learning models.
• Navigate regulatory compliance requirements related to AI security.

This instructor-led, live training in Taiwan (online or onsite) is aimed at security engineers and compliance officers who wish to harden EXO deployments, control model access, and govern AI workloads running entirely on-premise.

This instructor-led, live training in Taiwan (online or on-site) is designed for beginner-level IT security, risk, and compliance professionals who want to grasp foundational AI security concepts, threat vectors, and global frameworks such as NIST AI RMF and ISO/IEC 42001.

By the end of this training, participants will be able to:

• Comprehend the unique security risks posed by AI systems.
• Identify threat vectors such as adversarial attacks, data poisoning, and model inversion.
• Apply foundational governance models like the NIST AI Risk Management Framework.
• Align AI usage with emerging standards, compliance guidelines, and ethical principles.

Based on the latest OWASP GenAI Security Project guidance, participants will learn to identify, assess, and mitigate AI-specific threats through hands-on exercises and real-world scenarios.

This instructor-led, live training in Taiwan (online or onsite) is aimed at advanced-level professionals who wish to implement and evaluate techniques such as federated learning, secure multiparty computation, homomorphic encryption, and differential privacy in real-world machine learning pipelines.

By the end of this training, participants will be able to:

• Understand and compare key privacy-preserving techniques in ML.
• Implement federated learning systems using open-source frameworks.
• Apply differential privacy for safe data sharing and model training.
• Use encryption and secure computation techniques to protect model inputs and outputs.