Security Management Training in Bhutan

This instructor-led, live training in Bhutan (online or onsite) is tailored for intermediate-level IT auditors who wish to effectively integrate AI tools into their audit practices.

By the conclusion of this training, participants will be able to:

• Grasp the core concepts of artificial intelligence and its application in the context of IT auditing.
• Utilize AI technologies such as machine learning, NLP, and RPA to improve audit efficiency, accuracy, and scope.
• Perform risk assessments using AI tools, enabling continuous monitoring and proactive risk management.
• Integrate AI into audit planning, execution, and reporting, enhancing the overall effectiveness of IT audits.

Encryption Key Management refers to the practice of securely generating, storing, distributing, rotating, and retiring cryptographic keys to safeguard sensitive data and adhere to regulatory requirements.

This instructor-led, live training (available online or onsite) targets intermediate-level IT and security professionals who aim to implement robust encryption key management practices and systems across enterprise environments.

Upon completing this training, participants will be able to:

• Comprehend the lifecycle of encryption keys and apply best practices for their protection.
• Set up and manage Key Management Systems (KMS) in both on-premises and cloud environments.
• Implement access control and auditing mechanisms for key usage.
• Ensure compliance with regulations and standards related to encryption key security.

Course Format

• Interactive lectures and discussions.
• Hands-on practice with key management tools in lab environments.
• Guided exercises focused on implementing secure key lifecycle processes.

Course Customization Options

• To request customized training for this course based on your infrastructure or compliance requirements, please contact us to arrange.

This instructor-led, live training in Bhutan (online or onsite) targets advanced-level security analysts looking to refine their skills in using advanced Micro Focus ArcSight ESM capabilities to improve an organisation’s ability to detect, respond to, and mitigate cyber threats with greater precision and speed.

Upon completion of this training, participants will be equipped to:

• Maximise the utilisation of Micro Focus ArcSight ESM to strengthen monitoring and threat detection capabilities.
• Create and administer advanced ArcSight variables to refine event streams for more accurate analysis.
• Design and implement ArcSight lists and rules to facilitate effective event correlation and alerting.
• Employ advanced correlation techniques to uncover complex threat patterns and minimise false positives.

This instructor-led, live training in Bhutan (online or onsite) is aimed at beginner-level law enforcement officers who wish to gain a deeper understanding of human behavior, enhancing their skills in communication, empathy, conflict resolution, and overall effectiveness in their roles.

By the end of this training, participants will be able to:

• Have a deeper understanding of human psychology.
• Develop advanced communication and conflict resolution skills for more effective interaction with the public, colleagues, and in negotiation scenarios.
• Promote awareness and understanding of diverse cultural backgrounds, improving community policing and relations with various demographic groups.

This instructor-led, live training in Bhutan (online or onsite) is aimed at beginner-level security professionals who wish to gain the knowledge and skills necessary to adapt to the rapidly evolving digital landscape in the security industry.

By the end of this training, participants will be able to:

• Understanding Digital Transformation in security.
• Learn how digital solutions can improve security operations, efficiency, and effectiveness.
• Manage security-related data for informed decision-making.

This instructor-led, live training in Bhutan (online or onsite) is aimed at beginner-level security managers who wish to effectively embrace and utilize technology in their field.

By the end of this training, participants will be able to:

• Understand the evolution of technology in security.
• Learn how to effectively blend traditional security methods with modern technological solutions.
• Understand the basics of cybersecurity, risks associated with digital systems, and how to protect against cyber threats in the security industry.

This instructor-led, live training in Bhutan (online or onsite) is designed for beginner-level security managers and designers who aim to effectively plan, design, and implement security strategies that are integrated, technologically advanced, and compliant with legal and ethical standards.

By the conclusion of this training, participants will be able to:

• Understand how to integrate security considerations into architectural and facility design.
• Evaluate threats and vulnerabilities to inform security planning.
• Develop comprehensive security plans that address a wide range of threats.
• Formulate effective emergency response and crisis management plans.

This instructor-led, live training in Bhutan (online or onsite) is aimed at beginner-level security administrators who wish to deepen their understanding of security practices within an organization.

By the end of this training, participants will be able to:

• Understand the fundamentals of security operations and administration.
• Identify and mitigate various security threats and vulnerabilities.
• Implement and manage security solutions.
• Understand legal and ethical considerations in security operations.
• Prepare for incident response and disaster recovery.

This instructor-led, live training in Bhutan (online or onsite) is designed for advanced-level professionals seeking a comprehensive understanding of fraud examination concepts and preparation for the Certified Fraud Examiner (CFE) exam.

Upon completion of this training, participants will be able to:

• Acquire in-depth knowledge of fraud examination principles and the examination process.
• Identify, investigate, and prevent various types of financial fraud schemes.
• Understand the legal landscape of fraud, including its legal elements, applicable laws, and regulations.
• Develop practical skills for conducting fraud investigations, such as evidence collection, interviewing techniques, and data analysis.
• Design and implement effective fraud prevention and deterrence programs within their organizations.
• Build the confidence and expertise necessary to successfully pass the Certified Fraud Examiner (CFE) exam.

This instructor-led live training in Bhutan (available online or onsite) is designed for advanced-level security managers who wish to be well-equipped with the knowledge and skills needed to excel in the exam and their roles as security management professionals.

By the end of this training, participants will be able to:

• Understand the five domains of ISSMP.
• Develop skills to manage an information security program.
• Learn to establish and maintain security governance.
• Gain insights into risk management, incident response, and continuity planning.
• Prepare effectively for the ISSMP certification exam.

This instructor-led, live training in Bhutan (online or onsite) is aimed at beginner-level security professionals who wish to thoroughly understand how to protect physical assets, people, and facilities.

By the end of this training, participants will be able to:

• Understand the fundamentals of physical security.
• Learn about risk assessment and management in physical security.
• Explore various physical security measures and technologies.
• Understand the integration of physical security with other security domains.
• Develop skills in designing and implementing effective physical security plans.

This instructor-led, live training, available online or onsite, is designed for IT professionals who wish to understand how to utilize the CipherTrust Solution suite.

By the end of this training, participants will be able to:

• Understand the CipherTrust Solution and its basic functions.
• Evaluate device architecture and usage schemes.
• Manage CipherTrust product suite.

This instructor-led live training in Bhutan (online or onsite) is tailored for security managers who wish to acquire basic to intermediate-level skills in CCTV security surveillance and management.

By the end of this training, participants will be able to:

• Identify various types of CCTV systems and understand their advantages and key features.
• Comprehend the requirements for cabling and setting up CCTV systems.
• Install, configure, and manage CCTV systems effectively.

Description:

Note: Kindly note that the updated CISM exam content outline is valid for exams commencing on 1 June 2022.

CISM® stands as the most distinguished and rigorous qualification for Information Security Managers worldwide. This credential offers a pathway to join an exclusive peer network capable of continuously learning and adapting to the expanding opportunities and challenges in Information Security Management.

Our CISM training methodology ensures comprehensive coverage of the content across all Four CISM domains, with a sharp focus on building conceptual clarity and solving ISACA-released CISM exam questions. This course serves as an intensive training and rigorous exam preparation for ISACA’s Certified Information Security Manager (CISM®) Examination.

Our instructors encourage all participating delegates to review the ISACA-released CISM QA&E (Questions, Answers and Explanations) as part of their exam preparation. The QA&E is particularly effective in helping delegates grasp the ISACA style of questions, the approach to solving them, and aids in rapid assimilation of CISM concepts during live classroom sessions.
All our trainers possess extensive experience in delivering CISM training. We will thoroughly prepare you for the CISM examination.

Goal:

The ultimate objective is to pass your CISM examination on the first attempt.

Objectives:

• Apply the acquired knowledge in a practical manner that benefits your organisation
• Establish and maintain an Information security governance framework to achieve your organization’s goals and objectives
• Manage Information risk to an acceptable level to meet business and compliance requirements
• Establish and maintain information security architectures (people, process, technology)
• Integrate information security requirements into contracts and activities of third parties/ suppliers
• Plan, establish and manage the capability to detect, investigate, respond to and recover from information security incidents to minimize business impact

Target Audience:

• Security professionals with 3-5 years of front-line experience
• Information security managers or those with management responsibilities
• Information security staff and assurance providers requiring an in-depth understanding of information security management, including: CISOs, CIOs, CSOs, privacy officers, risk managers, security auditors, compliance personnel, BCP/DR personnel, and executive and operational managers responsible for assurance functions

This instructor-led, live training in Bhutan (online or onsite) is designed for security professionals who wish to learn and improve how to handle security threats and perform security risk assessments.

By the end of this training, participants will be able to:

• Manage security systems and handle any hostile environment.
• Manage any security risks or threats.
• Learn how to conduct security risk assessments.

Open Source Software (OSS) Management involves overseeing the entire lifecycle of open-source components within an organization to ensure their secure, compliant, and efficient utilization.

This instructor-led live training, available either online or onsite, is designed for intermediate-level IT professionals aiming to implement best practices for managing open-source software in enterprise and government settings.

Upon completing this training, participants will be able to:

• Establish robust OSS policies and governance frameworks.
• Leverage SBOM and SCA tools to identify, track, and manage open-source dependencies.
• Mitigate risks related to licensing and security vulnerabilities.
• Streamline OSS adoption while maximizing innovation and cost efficiency.

Course Format

• Interactive lectures and discussions.
• Case studies and scenario-based exercises.
• Hands-on demonstrations with OSS management tools.

Customization Options

• This course can be tailored to align with specific organizational OSS policies and toolchains. Please contact us to arrange customization.

This instructor-led, live training in Bhutan (online or onsite) targets intermediate-level cybersecurity professionals keen on enhancing their grasp of GRC frameworks and applying them to secure and compliant business operations.

By the conclusion of this training, participants will be able to:

• Comprehend the core components of cybersecurity governance, risk, and compliance.
• Carry out risk assessments and devise risk mitigation strategies.
• Implement compliance measures and manage regulatory requirements.
• Formulate and enforce security policies and procedures.

This instructor-led, live training in Bhutan (online or onsite) is designed for developers and anyone wishing to learn and apply OAuth to provide applications with secure delegated access.

Upon completion of this training, participants will be able to:

• Grasp the fundamentals of OAuth.
• Comprehend native applications and their distinct security challenges when utilizing OAuth.
• Learn and understand common extensions to the OAuth protocols.
• Integrate with any OAuth authorization server.

This instructor-led, live training in Bhutan (online or onsite) is designed for IT professionals at intermediate to expert levels who wish to enhance their skills and qualifications in information security or related fields.

By the end of this training, participants will be able to:

• Understand the differences between ISO/IEC 27001:2013 and ISO/IEC 27001:2022.
• Gain the knowledge and skills to plan and implement the transition from the 2013 to the 2022 version of the standard efficiently.
• Apply the knowledge in real-world scenarios, facilitating a smooth transition in their respective organizations.

This instructor-led, live training in Bhutan (online or onsite) is designed for intermediate-level system administrators who want to learn how to use Siteminder to implement various authentication methods.

By the end of this training, participants will be able to:

• Understand the core concepts of Siteminder and its role in authentication and access management.
• Configure and manage user authentication with Siteminder.
• Implement various authentication methods supported by Siteminder.
• Troubleshoot common issues related to Siteminder authentication.
• Integrate Siteminder with other identity providers for federated authentication.

Description:

Basel III serves as a global regulatory framework concerning bank capital adequacy, stress testing, and market liquidity risk. Originally established by the Basel Committee on Banking Supervision in 2010–2011, the implementation timeline for the Accord has been extended to March 31, 2019. This framework enhances bank capital requirements by improving liquidity and reducing leverage.
Unlike Basel I and II, Basel III mandates distinct reserve levels for various deposit types and borrowings. Rather than replacing its predecessors, it operates in tandem with them.
Navigating this complex and evolving landscape can be challenging. Our course and training are designed to help you manage anticipated changes and their impact on your institution. As an accredited training partner of the Basel Certification Institute, we guarantee that our training materials and methods are current, effective, and of the highest quality.

Objectives:

• Prepare participants for the Certified Basel Professional Examination.
• Develop hands-on strategies and techniques for defining, measuring, analyzing, improving, and controlling operational risk within banking organizations.

Target Audience:

• Board members with risk oversight responsibilities
• Chief Risk Officers (CROs) and Heads of Risk Management
• Members of the Risk Management team
• Staff in Compliance, Legal, and IT support functions
• Equity and Credit Analysts
• Portfolio Managers
• Rating Agency Analysts

Overview:

• Introduction to Basel norms and amendments to the Basel Accord (III)
• Regulations addressing market, credit, counterparty, and liquidity risk
• Stress testing for various risk measures, including the formulation and delivery of stress tests
• The potential effects of Basel III on the international banking industry, including practical application demonstrations
• The need for new Basel norms
• Overview of the Basel III norms
• Objectives of the Basel III norms
• Basel III implementation timeline

Description:

This intensive four-day CGEIT training programme serves as the definitive preparation for your exam, designed to equip you with the knowledge required to successfully clear the challenging CGEIT examination on your first attempt.
The CGEIT qualification is a globally recognised benchmark of excellence in IT governance, awarded by ISACA. It is tailored for professionals who manage IT governance or hold significant advisory and assurance responsibilities within this domain.
Gaining CGEIT status will enhance your professional visibility in the marketplace and strengthen your influence at the executive level.

Objectives:

This seminar is specifically crafted to prepare delegates for the CGEIT examination. It aims to supplement existing knowledge and understanding, ensuring candidates are thoroughly prepared to meet the exam standards set by ISACA.

Target Audience:

This course is ideal for IT and business professionals who possess substantial experience in IT governance and are preparing to undertake the CGEIT exam.

A comprehensive, practical 3-day course designed to equip participants with the knowledge and skills necessary to manage information security, information assurance, and information risk processes effectively. The CISMP curriculum aligns with the latest national information assurance frameworks (IAMM), as well as ISO/IEC 27002 and 27001, which serve as the code of practice and standard for information security. This course is certified as a CESG Certified Training (CCT) programme.

Aligned with the latest BCS syllabus, the course prepares delegates for the 2-hour multiple-choice BCS examination.

This qualification delivers detailed understanding of core information security concepts—including confidentiality, integrity, availability, vulnerabilities, threats, risks, and countermeasures—along with insights into current legislation and regulations affecting information security management. Award holders will be equipped to apply these practical principles to ensure that standard business processes are robust and secure.

This instructor-led, live training in Bhutan (online or onsite) is designed for compliance professionals in the payment services sector who aim to establish, execute, and maintain a robust compliance framework within their organizations.

Upon completion of this training, participants will be equipped to:

• Grasp the regulatory rules imposed by government authorities on payment service providers.
• Develop internal policies and procedures necessary to meet statutory requirements.
• Execute a compliance programme that aligns with applicable laws.
• Ensure that all corporate processes and procedures adhere to the established compliance programme.
• Safeguard the business's reputation and protect it from legal liabilities.

Description:

Cybersecurity expertise is currently in high demand, as threats continue to challenge enterprises globally. An overwhelming majority of professionals surveyed by ISACA recognise this trend and plan to work in roles requiring cybersecurity knowledge.
To bridge this skill gap, ISACA has developed the Cybersecurity Fundamentals Certificate, which offers education and verification of skills in this domain.

Objectives:

With cybersecurity threats on the rise and a growing global shortage of adequately equipped security professionals, ISACA's Cybersecurity Fundamentals Certificate programme is the ideal way to rapidly train entry-level staff and ensure they possess the necessary skills and knowledge to succeed in the cyber arena.

Target Audience:

This certificate programme is also one of the most effective ways to gain foundational knowledge in cybersecurity and begin building your skills in this critical area.

This live, instructor-led training (online or onsite) is tailored for enterprise leaders who aim to understand data sovereignty principles and develop compliant data management strategies.

By the end of this training, participants will be able to define data sovereignty, identify applicable laws, assess compliance risks, and implement governance frameworks for managing cross-border data.

In this instructor-led live course in Bhutan, participants will learn how to formulate a robust security strategy to address DevOps security challenges.

This course offers an expert overview of the recently enacted Accessibility Law, empowering developers with the practical skills necessary to design, develop, and maintain fully accessible applications. Beginning with a contextual discussion on the law's significance and implications, the curriculum swiftly transitions to hands-on coding practices, tools, and testing techniques to ensure compliance and inclusivity for users with disabilities.

Course Objective:

To equip participants with a foundational understanding of GRC processes and capabilities, alongside the necessary skills to integrate governance, performance management, risk management, internal controls, and compliance activities effectively.

Program Overview:

• Key GRC terminology and definitions
• Core principles of GRC
• Essential components, best practices, and operational activities
• The interplay between GRC and related professional disciplines

This instructor-led, live training in Bhutan (online or onsite) is aimed at developers and administrators who wish to produce software and products that are HiTRUST compliant.

By the end of this training, participants will be able to:

• Understand the key concepts of the HiTrust CSF (Common Security Framework).
• Identify the HITRUST CSF administrative and security control domains.
• Learn about the different types of HiTrust assessments and scoring.
• Understand the certification process and requirements for HiTrust compliance.
• Know the best practices and tips for adopting the HiTrust approach.

Why attend this course?

The ISO/IEC 27002 Introduction training course empowers you to gain a thorough understanding of Information Security Management Systems (ISMS) and Information Security Controls, as outlined in ISO/IEC 27002.

By participating in the ISO/IEC 27002 Introduction training course, you will appreciate the significance of ISMS and Information Security Controls, as well as the advantages these bring to businesses, society, and government bodies.

Who should attend?

• Professionals interested in Information Security Management and Information Security Controls
• Individuals keen to acquire knowledge about the core processes involved in Information Security Management Systems and Information Security Controls

Learning objectives

• Grasp the Information Security standards and management practices employed to implement and oversee Information Security Controls
• Identify the controls required to effectively manage Information Security risks

This instructor-led, live training in Bhutan (online or onsite) is aimed at public sector professionals who wish to use information security management and IT service management practices to strengthen digital security strategies and protect institutional digital assets.

By the end of this training, participants will be able to: explain core information security concepts, identify risks in information systems and services, apply practical security controls, and support secure IT service delivery.

Target Audience

This course is designed for all staff members seeking a practical grasp of Compliance and effective Risk Management.

Course Format

The training employs a blended methodology comprising:

• Guided discussions
• Slide presentations
• Case studies
• Practical real-world examples

Learning Objectives

Upon completion of this course, participants will be able to:

Gain a robust understanding of key Compliance pillars, alongside national and international initiatives designed to manage associated risks.

Articulate how organisations and their teams can establish an effective Compliance Risk Management Framework.

Clarify the responsibilities of the Compliance Officer and the Money Laundering Reporting Officer, and comprehend how these roles are integrated within the business structure.

Pinpoint critical risk areas within Financial Crime, particularly concerning international operations, offshore centres, and high-net-worth clients.

This instructor-led, live training (online or onsite) is aimed at cloud professionals who wish to design and implement multi-cloud architectures that avoid vendor lock-in and ensure data sovereignty.

By the end of this training, participants will be able to identify vendor lock-in risks, design portable architectures, implement data sovereignty controls, and leverage cloud-agnostic tools.

This instructor-led, live training (available online or onsite) is designed for security engineers and firmware developers who aim to harden OpenBMC deployments against unauthorized access and firmware tampering.

This instructor-led, live training in Bhutan (online or onsite) centres on analysing the risks associated with Open Data while minimising vulnerability to disasters or data loss.

By the conclusion of this training, participants will be able to:

• Grasp the concepts and advantages of Open Data.
• Identify various data types.
• Comprehend the risks of Open Data and learn mitigation techniques.
• Acquire skills to manage Open Data risks and develop contingency plans.
• Apply Open Data risk mitigation strategies to reduce disaster risk.

This instructor-led, live Payment Card Industry Professional training in Bhutan (online or onsite) offers an individual certification for industry professionals looking to showcase their expertise and comprehension of the PCI Data Security Standard (PCI DSS).

Upon completing this training, participants will be able to:

• Comprehend the payment lifecycle and the PCI standards established to safeguard it.
• Grasp the roles and responsibilities of entities operating within the payment industry.
• Gain a thorough understanding of the 12 PCI DSS requirements.
• Exhibit knowledge of PCI DSS and its application to organizations involved in transaction processing.

This instructor-led, live training in Bhutan (online or onsite) is tailored for IT administrators, security coordinators, and compliance managers who wish to identify, evaluate, and implement security policy management methods for their organization.

By the end of this training, participants will be able to develop, manage, and monitor security policies to protect their organization's information, network, and physical and software assets.

This capstone course teaches participants to design, deploy, and operate a complete sovereign digital infrastructure stack from the ground up. By the end of the course, students will have built a functioning mini-organization using only self-hosted, open-source tools: identity, communication, productivity, development, security, AI, and monitoring - all without reliance on Google, Microsoft, AWS, or proprietary SaaS.

Wazuh is an open-source security platform providing unified XDR and SIEM capabilities for threat detection, integrity monitoring, incident response, and compliance. It aggregates endpoint telemetry into a self-managed analysis engine, offering a credible alternative to Splunk Enterprise Security, Microsoft Sentinel, and other cloud-native SIEMs.