HiTrust Common Security Framework Compliance Training Course

Description:

Basel III is a global regulatory framework that sets standards for bank capital adequacy, stress testing, and market liquidity risk. Initially agreed upon by the Basel Committee on Banking Supervision in 2010–11, the implementation of these standards has been extended to March 31, 2019. Basel III enhances bank capital requirements by boosting liquidity and reducing leverage.
Unlike Basel I and II, which set uniform reserve levels for different types of deposits and borrowings, Basel III introduces differentiated reserve requirements. This means it complements rather than replaces Basel I and II.
Navigating this complex and evolving regulatory landscape can be challenging. Our course and training are designed to help you stay ahead of changes and understand their impact on your institution. We are accredited by the Basel Certification Institute as a training partner, ensuring that our content is up-to-date and effective.

Objectives:

• Prepare for the Certified Basel Professional Examination.
• Develop practical strategies and techniques for defining, measuring, analyzing, improving, and controlling operational risk within a banking organization.

Target Audience:

• Board members with risk management responsibilities
• Chief Risk Officers (CROs) and Heads of Risk Management
• Members of the Risk Management team
• Compliance, legal, and IT support staff
• Equity and Credit Analysts
• Portfolio Managers
• Rating Agency Analysts

Overview:

• An introduction to Basel norms and amendments to the Basel Accord (III)
• Regulations for market, credit, counterparty, and liquidity risk
• Stress testing methodologies, including how to design and conduct stress tests
• The potential impacts of Basel III on the international banking industry, with practical demonstrations of its application
• The need for new Basel norms
• The Basel III framework
• The objectives of the Basel III framework
• The timeline for Basel III implementation

This instructor-led, live training in Taiwan (online or onsite) is aimed at advanced-level professionals who wish to gain a comprehensive understanding of fraud examination concepts and prepare for the Certified Fraud Examiner (CFE) exam.

By the end of this training, participants will be able to:

• Gain comprehensive knowledge of fraud examination principles and the fraud examination process.
• Learn to identify, investigate, and prevent various types of financial fraud schemes.
• Understand the legal environment related to fraud, including the legal elements of fraud, relevant laws, and regulations.
• Acquire practical skills in conducting fraud investigations, including evidence collection, interviewing techniques, and data analysis.
• Learn to design and implement effective fraud prevention and deterrence programs within organizations.
• Gain confidence and knowledge to successfully pass the Certified Fraud Examiner (CFE) exam.

Description:

This four-day event (CGEIT training) is the ultimate preparation to help you pass the challenging CGEIT exam on your first attempt. The CGEIT qualification, awarded by ISACA, is an internationally recognized symbol of excellence in IT governance. It is designed for professionals responsible for managing IT governance or those with significant advisory or assurance responsibilities in this area. Achieving CGEIT status will enhance your recognition in the market and increase your influence at the executive level.

Objectives:

This seminar is tailored to prepare participants for the CGEIT examination by enhancing their existing knowledge and understanding, ensuring they are well-prepared to pass the exam as defined by ISACA.

Target Audience:

This training course is designed for IT and business professionals with substantial experience in IT governance who are preparing to take the CGEIT exam.

This instructor-led, live training in Taiwan (online or onsite) is aimed at beginner to intermediate-level system administrators and security professionals who wish to learn how to implement Cloudflare for content delivery and cloud security, as well as mitigate DDoS attacks.

By the end of this training, participants will be able to:

• Configure Cloudflare for their websites.
• Set up DNS records and SSL certificates.
• Implement Cloudflare for content delivery and caching.
• Protect their websites from DDoS attacks.
• Implement firewall rules to restrict traffic to their websites.

This instructor-led, live training in Taiwan (online or onsite) is aimed at payment services compliance professionals who wish to create, implement, and enforce a compliance program within an organization.

By the end of this training, participants will be able to:

• Understand the rules set forth by government regulators for payment service providers.
• Create the internal policies and procedures needed to satisfy government regulations.
• Implement a compliance program that adheres to relevant laws.
• Ensures that all corporate processes and procedures comply with the compliance program.
• Uphold the business's reputation while protecting it from lawsuits.

This instructor-led, live training in Taiwan (online or onsite) is aimed at intermediate-level cybersecurity professionals who wish to enhance their understanding of GRC frameworks and apply them to secure and compliant business operations.

By the end of this training, participants will be able to:

• Understand the key components of cybersecurity governance, risk, and compliance.
• Conduct risk assessments and develop risk mitigation strategies.
• Implement compliance measures and manage regulatory requirements.
• Develop and enforce security policies and procedures.

This instructor-led, live training in Taiwan (online or onsite) is aimed at supply chain professionals who wish to establish effective control and oversight of their supply chain, especially as it relates to cybersecurity.

By the end of this training, participants will be able to:

• Understand the security oversights that can bring about significant damage and disruption to a supply chain.
• Break down a complex security problem into manageable and actionable parts.
• Address common supply chain vulnerabilities by analyzing high risk areas and engaging with stakeholders.
• Adopt best practices in securing a supply chain.
• Noticeably reduce or eliminate the biggest risks to an organization's supply chain.

This instructor-led, live training in Taiwan (online or onsite) is aimed at intermediate-level to advanced-level IT professionals and business leaders who wish to develop a structured approach to handling data breaches.

By the end of this training, participants will be able to:

• Understand the causes and consequences of data breaches.
• Develop and implement data breach prevention strategies.
• Establish an incident response plan to contain and mitigate breaches.
• Conduct forensic investigations and assess the impact of breaches.
• Comply with legal and regulatory requirements for breach notification.
• Recover from data breaches and strengthen security postures.

This course provides an expert introduction to the newly enacted Accessibility Law and equips developers with the practical skills to design, develop, and maintain fully accessible applications. Starting with a contextual discussion on the law's importance and implications, the course quickly shifts to hands-on coding practices, tools, and testing techniques to ensure compliance and inclusivity for users with disabilities.

Course Goal:

To ensure that participants have a solid understanding of GRC processes and capabilities, along with the skills needed to integrate governance, performance management, risk management, internal control, and compliance activities.

Overview:

• Basic terms and definitions in GRC
• Principles guiding GRC
• Core components, practices, and activities within GRC
• The relationship between GRC and other related disciplines

HIPAA (Health Insurance Portability and Accountability Act of 1996) is a U.S. legislation that sets standards for data privacy and security in the handling and storage of medical information. These guidelines serve as an excellent benchmark for developing health applications, regardless of geographic location. HIPAA-compliant applications are widely recognized and trusted on a global scale.

In this instructor-led, live training (remote), participants will gain a foundational understanding of HIPAA through a series of hands-on exercises in a live lab environment.

By the end of this training, participants will be able to:

• Grasp the fundamental principles of HIPAA
• Create health applications that meet HIPAA compliance standards
• Leverage developer tools designed for HIPAA compliance

Audience

• Developers
• Product Managers
• Data Privacy Officers

Format of the Course

• A combination of lectures, discussions, exercises, and extensive hands-on practice.

Note

• To request a customized training for this course, please contact us to arrange.

Audience

This course is designed for all staff who require a solid understanding of Compliance and Risk Management.

Format of the Course

The course format includes a blend of:

• Facilitated discussions to encourage active participation and knowledge sharing.
• Slide presentations to visually illustrate key concepts and principles.
• Case studies to provide real-world examples and practical insights.
• Examples to help clarify complex topics and enhance understanding.

Course Objectives

By the end of this course, participants will be able to:

• Grasp the essential aspects of Compliance and the national and international initiatives aimed at managing associated risks.
• Outline the methods for establishing a robust Compliance Risk Management Framework within a company and its workforce.
• Explain the responsibilities of Compliance Officers and Money Laundering Reporting Officers, and how these roles should be integrated into business operations.
• Gain insight into other critical areas of Financial Crime, particularly in the context of International Business, Offshore Centers, and High-Net-Worth Clients.

Open Source Software (OSS) Management involves the strategic oversight of open-source components within an organization, ensuring their secure, compliant, and efficient utilization.

This instructor-led, live training (conducted online or on-site) is designed for intermediate-level IT professionals who aim to implement best practices for managing open-source software in both enterprise and government settings.

By the end of this training, participants will be able to:

• Develop effective OSS policies and governance frameworks.
• Utilize SBOM and SCA tools to identify, track, and manage open-source dependencies.
• Address risks related to licensing and security vulnerabilities.
• Facilitate the adoption of OSS while maximizing innovation and cost savings.

Format of the Course

• Interactive lectures and discussions.
• Case studies and scenario-based exercises.
• Practical demonstrations with OSS management tools.

Course Customization Options

• The course can be customized to align with specific organizational OSS policies and toolchains. Please contact us for customization arrangements.

Description:

This is a 'Practitioner' course that emphasizes practical exercises to reinforce the concepts being taught and build delegates' confidence in implementing business continuity management. The course also encourages debate and the sharing of knowledge and experience among participants. Delegates will benefit from the practical and extensive experiences of our trainers, who are active business continuity management professionals and ISO 22301:2019 specialists.

Delegates will learn how to:

• Explain the importance of business continuity management (BCM) in all organizations
• Define the business continuity lifecycle
• Manage a business continuity programme
• Understand their organization well enough to identify mission-critical impact areas
• Determine their organization's business continuity strategy
• Establish a business continuity response plan
• Exercise, maintain, and review plans
• Integrate business continuity into an organization
• Define terms and definitions relevant to business continuity

By the end of the course, delegates will have a comprehensive understanding of all key components of business continuity management and be equipped to return to their work and make significant contributions to the business continuity management process.

This instructor-led, live Payment Card Industry Professional training in Taiwan (online or onsite) provides an individual qualification for industry practitioners who wish to demonstrate their professional expertise and understanding of the PCI Data Security Standard (PCI DSS).

By the end of this training, participants will be able to:

• Understand the payment process and the PCI standards designed to protect it.
• Understand the roles and responsibilities for entities involved in the payment industry.
• Have deep insight into, and understanding of, the 12 PCI DSS requirements.
• Demonstrate knowledge of PCI DSS and how it applies to organizations that are involved in the transaction process.