{"title":"Governance, Risk, \u0026 Compliance","description":null,"products":[{"product_id":"cissp®-training-and-certification-prep-course-1","title":"CISSP® Training and Certification Prep Course","description":"\u003cdiv\u003e\n\u003cp\u003e\u003cspan\u003eThe \u003cstrong\u003eCISSP Training and Certification\u003c\/strong\u003e Prep Course is a comprehensive training course aimed at preparing individuals for the CISSP Certified Information Systems Security Professional exam. The course covers various aspects of information security, including security measures, data security, and system security. The curriculum also includes a focus on security architecture, application security, and cryptographic keys. Participants will learn about the ISC2 code of ethics and the CIA triad, as well as the trusted platform module (TPM) 2.0.\u003cbr\u003e\u003c\/span\u003e\u003c\/p\u003e\r\n\u003cp\u003e\u003cspan\u003eIndividuals who complete the course will gain a solid understanding of the skills and knowledge required to pass the CISSP exam, which is administered by Pearson VUE. To become CISSP certified, candidates must have a minimum of five years of work experience in the field of information security.\u003cbr\u003e\u003c\/span\u003e\u003c\/p\u003e\r\n\u003cp\u003e\u003cspan\u003eThe course also covers the latest developments in information security, including the requirements for operating systems and the impact of data breaches on sensitive information. Participants will learn about social engineering and the importance of a comprehensive information security program.\u003cbr\u003e\u003c\/span\u003e\u003c\/p\u003e\r\n\u003cp\u003e\u003cspan\u003eThe CISSP Training and Certification Prep Course provides the essential knowledge and skills required to become a CISSP-certified professional, with a focus on protecting the confidentiality, integrity, and availability of information.\u003cbr\u003e\u003c\/span\u003e\u003c\/p\u003e\r\n\u003cp\u003eU.S. DoDM 8140.03 APPROVED BY DEPARTMENT OF DEFENSE\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eCISSP® Training and Certification Prep Course Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this CISSP Certification prep course, you will:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eManage security and risk.\u003c\/li\u003e\n\u003cli\u003ePractice securing assets.\u003c\/li\u003e\n\u003cli\u003eDesign security framework.\u003c\/li\u003e\n\u003cli\u003eSecure communication and networks.\u003c\/li\u003e\n\u003cli\u003eSecurely develop software.\u003c\/li\u003e\n\u003cli\u003eLearn from official ISC2 real-world instructors using ISC2 course materials with a preferred official partner.\u003c\/li\u003e\n\u003cli\u003eGet practical insights into the 8 domains of the CISSP CBK (Common Body of Knowledge).\u003c\/li\u003e\n\u003cli\u003eCreate a test study strategy by assessing strengths and weaknesses.\u003c\/li\u003e\n\u003cli\u003eAccess to ISC2 Official flashcards for use in exam prep.\u003c\/li\u003e\n\u003cli\u003eReceive a voucher for the CISSP certification exam included with the course tuition.\u003c\/li\u003e\n\u003cli\u003eContinue learning and face new challenges with after-course one-on-one instructor coaching.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCISSP Certification Prep Training Prerequisites\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eTo succeed in this course and pass the exam, you should meet the \u003ca href=\"https:\/\/www.isc2.org\/cissp\/default.aspx\" title=\"CISSP Exam Requirements | ISC2 Home\" rel=\"nofollow noopener\" target=\"_blank\"\u003especific requirements established by ISC2\u003c\/a\u003e.\u003c\/p\u003e\n\u003cp\u003eIf you do not have the required experience, you should consider taking the \u003ca href=\"https:\/\/www.isc2.org\/how-to-become-an-associate.aspx\" title=\"Associate of ISC2 | ISC2 Home\" rel=\"nofollow noopener\" target=\"_blank\"\u003eAssociate of ISC2 exam\u003c\/a\u003e first.\u003c\/p\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCISSP Certification Exam Information\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eIn addition to the domain weighting changes, the time limit for the computerized adaptive testing (CAT) exam will be a maximum of three hours beginning April 15, 2024. Candidates taking the CAT version of the exam (currently only available in English) will see a minimum of 100 and a maximum of 150 items. \u003c\/p\u003e\n\u003cp\u003eAttendees can self-submit our courses for the following \u003ca href=\"https:\/\/www.isc2.org\/CPE-Portal-Questions\" title=\"CPE Portal Questions | (ISC)² Home\" rel=\"nofollow noopener\" target=\"_blank\"\u003eCPE credit\u003c\/a\u003e:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eGroup A credits for attending any of our cybersecurity courses, and\u003c\/li\u003e\n\u003cli\u003eGroup B General Education credits for attending any other Learning Tree course they attend.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eCISSP Training Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 1: Security and Risk Management\u003c\/h4\u003e\n\u003cp\u003eIn this module, you will learn how to:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eUnderstand, adhere to, and promote professional ethics\u003c\/li\u003e\n\u003cli\u003eUnderstand and apply security concepts\u003c\/li\u003e\n\u003cli\u003eEvaluate and apply security governance principles\u003c\/li\u003e\n\u003cli\u003eDetermine compliance and other requirements\u003c\/li\u003e\n\u003cli\u003eUnderstand legal and regulatory issues that pertain to information security in a holistic context\u003c\/li\u003e\n\u003cli\u003eUnderstand requirements for investigation types (i.e., administrative, criminal, civil, regulatory, industry standards)\u003c\/li\u003e\n\u003cli\u003eDevelop, document, and implement security policy, standards, procedures, and guidelines\u003c\/li\u003e\n\u003cli\u003eIdentify, analyze, and prioritize Business Continuity (\u003cabbr title=\"Business Continuity\"\u003eBC\u003c\/abbr\u003e) requirements\u003c\/li\u003e\n\u003cli\u003eContribute to and enforce personnel security policies and procedures\u003c\/li\u003e\n\u003cli\u003eUnderstand and apply risk management concepts\u003c\/li\u003e\n\u003cli\u003eUnderstand and apply threat modeling concepts and methodologies\u003c\/li\u003e\n\u003cli\u003eApply Supply Chain Risk Management (\u003cabbr title=\"Supply Chain Risk Management\"\u003eSCRM\u003c\/abbr\u003e) concepts\u003c\/li\u003e\n\u003cli\u003eEstablish and maintain a security awareness, education, and training program\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 2: Asset Security\u003c\/h4\u003e\n\u003cp\u003eIn this module, you will learn how to:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eIdentify and classify information and assets\u003c\/li\u003e\n\u003cli\u003eEstablish information and asset handling requirements\u003c\/li\u003e\n\u003cli\u003eProvision resources securely\u003c\/li\u003e\n\u003cli\u003eManage data lifecycle\u003c\/li\u003e\n\u003cli\u003eEnsure appropriate asset retention (e.g., End-of-Life (\u003cabbr title=\"End-of-Life\"\u003eEOL\u003c\/abbr\u003e), End-of-Support (\u003cabbr title=\"End-of-Support\"\u003eEOS\u003c\/abbr\u003e))\u003c\/li\u003e\n\u003cli\u003eDetermine data security controls and compliance requirements\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 3: Security Architecture and Engineering\u003c\/h4\u003e\n\u003cp\u003eIn this module, you will learn how to:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eResearch, implement and manage engineering processes using secure design principles\u003c\/li\u003e\n\u003cli\u003eUnderstand the fundamental concepts of security models (e.g., Biba, Star Model, Bell-LaPadula)\u003c\/li\u003e\n\u003cli\u003eSelect controls based upon systems security requirements\u003c\/li\u003e\n\u003cli\u003eUnderstand security capabilities of Information Systems (\u003cabbr title=\"Information Systems\"\u003eIS\u003c\/abbr\u003e) (e.g., memory protection, Trusted Platform Module (\u003cabbr title=\"Trusted Platform Module\"\u003eTPM\u003c\/abbr\u003e), encryption\/decryption)\u003c\/li\u003e\n\u003cli\u003eAssess and mitigate the vulnerabilities of security architectures, designs, and solution elements\u003c\/li\u003e\n\u003cli\u003eSelect and determine cryptographic solutions\u003c\/li\u003e\n\u003cli\u003eUnderstand methods of cryptanalytic attacks\u003c\/li\u003e\n\u003cli\u003eApply security principles to site and facility design\u003c\/li\u003e\n\u003cli\u003eDesign site and facility security controls\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 4: Communication and Network Security\u003c\/h4\u003e\n\u003cp\u003eIn this module, you will learn how to:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAssess and implement secure design principles in network architectures\u003c\/li\u003e\n\u003cli\u003eSecure network components\u003c\/li\u003e\n\u003cli\u003eImplement secure communication channels according to design\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 5: Identity and Access Management (IAM)\u003c\/h4\u003e\n\u003cp\u003eIn this module, you will learn how to:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eControl physical and logical access to assets\u003c\/li\u003e\n\u003cli\u003eManage identification and authentication of people, devices, and services\u003c\/li\u003e\n\u003cli\u003eFederated identity with a third-party service\u003c\/li\u003e\n\u003cli\u003eImplement and manage authorization mechanisms\u003c\/li\u003e\n\u003cli\u003eManage the identity and access provisioning lifecycle\u003c\/li\u003e\n\u003cli\u003eImplement authentication systems\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 6: Security Assessment and Testing\u003c\/h4\u003e\n\u003cp\u003eIn this module, you will learn how to:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDesign and validate assessment, test, and audit strategies\u003c\/li\u003e\n\u003cli\u003eConduct security control testing\u003c\/li\u003e\n\u003cli\u003eCollect security process data (e.g., technical and administrative)\u003c\/li\u003e\n\u003cli\u003eAnalyze test output and generate a report\u003c\/li\u003e\n\u003cli\u003eConduct or facilitate security audits\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 7: Security Operations\u003c\/h4\u003e\n\u003cp\u003eIn this module, you will learn how to:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eUnderstand and comply with investigations\u003c\/li\u003e\n\u003cli\u003eConduct logging and monitoring activities\u003c\/li\u003e\n\u003cli\u003ePerform Configuration Management (\u003cabbr title=\"Configuration Managemen\"\u003eCM\u003c\/abbr\u003e) (e.g., provisioning, baselining, automation)\u003c\/li\u003e\n\u003cli\u003eApply foundational security operations concepts\u003c\/li\u003e\n\u003cli\u003eApply resource protection\u003c\/li\u003e\n\u003cli\u003eConduct incident management\u003c\/li\u003e\n\u003cli\u003eOperate and maintain detective and preventative measures\u003c\/li\u003e\n\u003cli\u003eImplement and support patch and vulnerability management\u003c\/li\u003e\n\u003cli\u003eUnderstand and participate in change management processes\u003c\/li\u003e\n\u003cli\u003eImplement recovery strategies\u003c\/li\u003e\n\u003cli\u003eImplement Disaster Recovery (\u003cabbr title=\"Disaster Recovery\"\u003eDR\u003c\/abbr\u003e) processes\u003c\/li\u003e\n\u003cli\u003eTest Disaster Recovery Plans (\u003cabbr title=\"Disaster Recovery Plans\"\u003eDRP\u003c\/abbr\u003e)\u003c\/li\u003e\n\u003cli\u003eParticipate in Business Continuity (BC) planning and exercises\u003c\/li\u003e\n\u003cli\u003eImplement and manage physical security\u003c\/li\u003e\n\u003cli\u003eAddress personnel safety and security concerns\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 8: Software Development Security\u003c\/h4\u003e\n\u003cp\u003eIn this module, you will learn how to:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eUnderstand and integrate security in the Software Development Life Cycle (\u003cabbr title=\"Software Development Life Cycle\"\u003eSDLC\u003c\/abbr\u003e)\u003c\/li\u003e\n\u003cli\u003eIdentify and apply security controls in software development ecosystems\u003c\/li\u003e\n\u003cli\u003eAssess the effectiveness of software security\u003c\/li\u003e\n\u003cli\u003eAssess security impact of acquired software\u003c\/li\u003e\n\u003cli\u003eDefine and apply secure code\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"266A15CN \/ 2026-06-22T09:00:00 \/ Online","offer_id":47534193639643,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"266B06US \/ 2026-06-08T09:00:00 \/ Online","offer_id":47534193803483,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"267B29US \/ 2026-07-06T09:00:00 \/ Online","offer_id":47534193869019,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"267B30US \/ 2026-07-13T09:00:00 \/ Herndon, VA","offer_id":47534193901787,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"267B31US \/ 2026-07-20T09:00:00 \/ Online","offer_id":47534193967323,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"268A22CN \/ 2026-08-17T09:00:00 \/ Ottawa","offer_id":47534194000091,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"268A23CN \/ 2026-08-31T09:00:00 \/ Toronto","offer_id":47534194098395,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"268A95US \/ 2026-08-10T09:00:00 \/ New York","offer_id":47534194131163,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"268A96US \/ 2026-08-24T09:00:00 \/ Washington, DC","offer_id":47534194163931,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"268A97US \/ 2026-08-31T09:00:00 \/ Herndon, VA","offer_id":47534194196699,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"269A89US \/ 2026-09-14T09:00:00 \/ Austin","offer_id":47591597834459,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"269A90US \/ 2026-09-21T09:00:00 \/ New York","offer_id":47618951872731,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"26AA19CN \/ 2026-10-05T09:00:00 \/ Ottawa","offer_id":48216550047963,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"26AB95US \/ 2026-10-19T09:00:00 \/ Herndon, VA","offer_id":48216550080731,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"26AB96US \/ 2026-10-26T09:00:00 \/ Washington, DC","offer_id":48216550113499,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"26BA37CN \/ 2026-11-02T09:00:00 \/ Toronto","offer_id":48216550146267,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"26BC58US \/ 2026-11-16T09:00:00 \/ Austin","offer_id":48216550179035,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"26BC59US \/ 2026-11-30T09:00:00 \/ New York","offer_id":48216550211803,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"26BC60US \/ 2026-11-30T09:00:00 \/ Bellevue, WA","offer_id":48216550244571,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"26CA28CN \/ 2026-12-07T09:00:00 \/ Ottawa","offer_id":48216550277339,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"26CB70US \/ 2026-12-14T09:00:00 \/ Aurora, CO","offer_id":48216550310107,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"271A36CN \/ 2027-01-25T09:00:00 \/ Toronto","offer_id":48216550342875,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"271C38US \/ 2027-01-04T09:00:00 \/ Herndon, VA","offer_id":48216550375643,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"271C39US \/ 2027-01-11T09:00:00 \/ Washington, DC","offer_id":48216550408411,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"272B70US \/ 2027-02-08T09:00:00 \/ Austin","offer_id":48230038667483,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"273B90US \/ 2027-03-01T09:00:00 \/ New York","offer_id":48309394112731,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"273A32CN \/ 2027-03-15T09:00:00 \/ Ottawa","offer_id":48363059380443,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"274B89US \/ 2027-04-05T09:00:00 \/ Herndon, VA","offer_id":48556119851227,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"274B90US \/ 2027-04-12T09:00:00 \/ Washington, DC","offer_id":48586414915803,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"274A31CN \/ 2027-04-19T09:00:00 \/ Toronto","offer_id":48612307009755,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"275C38US \/ 2027-05-03T09:00:00 \/ Austin","offer_id":48736203833563,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"275C39US \/ 2027-05-10T09:00:00 \/ New York","offer_id":48758109667547,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"275C40US \/ 2027-05-17T09:00:00 \/ San Francisco","offer_id":48778587635931,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0691\/4143\/0491\/files\/CISSP.jpg?v=1709761998"},{"product_id":"cism-certified-information-security-manager","title":"CISM Certified Information Security Manager","description":"\u003cdiv\u003e\n\u003cp\u003eIn this course, you will gain the knowledge and skills needed to successfully pass the certification exam and become a \u003cstrong\u003eCISM Certified Information Security Manager\u003c\/strong\u003e.\u003c\/p\u003e\r\n\u003cp\u003eThis course will cover four CISM domains:\u003c\/p\u003e\r\n\u003cul\u003e\r\n\u003cli\u003eSecurity governance\u003c\/li\u003e\r\n\u003cli\u003eRisk management and compliance\u003c\/li\u003e\r\n\u003cli\u003eSecurity program development and management\u003c\/li\u003e\r\n\u003cli\u003eSecurity incident management\u003c\/li\u003e\r\n\u003c\/ul\u003e\r\n\u003cp style=\"margin: 0in; font-family: Calibri; font-size: 11.0pt;\"\u003eU.S. DoDM 8140.03 APPROVED BY DEPARTMENT OF DEFENSE\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eCISM Certified Information Security Manager Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this course, you will:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eLearn from ISACA official curriculum.\u003c\/li\u003e\n\u003cli\u003eReceive an exam voucher from ISACA.\u003c\/li\u003e\n\u003cli\u003ePrepare for and pass the Certified Information Security Manager (CISM) exam.\u003c\/li\u003e\n\u003cli\u003eDevelop an information security strategy and plan of action to implement the strategy.\u003c\/li\u003e\n\u003cli\u003eManage and monitor information security risks.\u003c\/li\u003e\n\u003cli\u003eBuild and maintain an information security plan.\u003c\/li\u003e\n\u003cli\u003eImplement policies and procedures to respond to and recover from disruptive and destructive information security events.\u003c\/li\u003e\n\u003cli\u003eContinue learning and face new challenges with after-course one-on-one instructor coaching.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eTraining Prerequisites\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eTo succeed in this course and successfully pass the CISM exam, you should have at least five years of information security experience in at least one of the following roles:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eIT consultant, auditor, or manager\u003c\/li\u003e\n\u003cli\u003eSecurity policy writer\u003c\/li\u003e\n\u003cli\u003ePrivacy officer\u003c\/li\u003e\n\u003cli\u003eInformation security officer\u003c\/li\u003e\n\u003cli\u003eNetwork administrator\u003c\/li\u003e\n\u003cli\u003eSecurity device administrator\u003c\/li\u003e\n\u003cli\u003eSecurity engineers\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCertification Information\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eThe ISACA Exam Candidate Information Guide provides valuable information regarding exam day rules and information, as well as exam dates and deadlines. You can find the most recent version at \u003ca href=\"https:\/\/www.isaca.org\/Certification\/Documents\/Exam-Candidate-Guide-Continuous-Testing.pdf\" title=\"PDF | Exam Candidate Guide | ISACA\" rel=\"nofollow noopener\" target=\"_blank\"\u003eISACA.org\u003c\/a\u003e\u003c\/p\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eCISM Certified Information Security Manager Training Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 1: Information Security Governance\u003c\/h4\u003e\n\u003cp\u003eIn this module, you will learn how to:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEstablish and maintain an information security strategy and align the strategy with corporate governance\u003c\/li\u003e\n\u003cli\u003eIdentify internal and external influences to the organization\u003c\/li\u003e\n\u003cli\u003eDefine roles and responsibilities\u003c\/li\u003e\n\u003cli\u003eEstablish, monitor, evaluate, and report metrics\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 2: Information Risk Management and Compliance\u003c\/h4\u003e\n\u003cp\u003eIn this module, you will learn how to:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEstablish a process for information asset classification and ownership\u003c\/li\u003e\n\u003cli\u003eIdentify legal, regulatory, organizational, and other applicable requirements\u003c\/li\u003e\n\u003cli\u003eEnsure that risk assessments, vulnerability assessments, and threat analyses are conducted periodically\u003c\/li\u003e\n\u003cli\u003eDetermine appropriate risk treatment options\u003c\/li\u003e\n\u003cli\u003eEvaluate information security controls\u003c\/li\u003e\n\u003cli\u003eIdentify the gap between current and desired risk levels\u003c\/li\u003e\n\u003cli\u003eIntegrate information risk management into business and IT processes\u003c\/li\u003e\n\u003cli\u003eMonitor existing risk\u003c\/li\u003e\n\u003cli\u003eReport noncompliance and other changes in information risk\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 3: Information Security Program Development and Management\u003c\/h4\u003e\n\u003cp\u003eIn this module, you will learn how to:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEstablish and maintain the information security program\u003c\/li\u003e\n\u003cli\u003eIdentify, acquire, manage, and define requirements for internal and external resources\u003c\/li\u003e\n\u003cli\u003eEstablish and maintain information security architectures\u003c\/li\u003e\n\u003cli\u003eEstablish, communicate, and maintain organizational information security standards, procedures, and guidelines\u003c\/li\u003e\n\u003cli\u003eEstablish and maintain a program for information security awareness and training\u003c\/li\u003e\n\u003cli\u003eIntegrate information security requirements into organizational processes, as well as into contracts and activities of third parties\u003c\/li\u003e\n\u003cli\u003eEstablish, monitor, and periodically report program management and operational metrics\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 4: Information Security Incident Management\u003c\/h4\u003e\n\u003cp\u003eIn this module, you will learn how to:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEstablish and maintain an organizational definition and severity hierarchy for information security incidents\u003c\/li\u003e\n\u003cli\u003eEstablish and maintain an incident response plan\u003c\/li\u003e\n\u003cli\u003eDevelop and implement processes to ensure timely identification of information security incidents\u003c\/li\u003e\n\u003cli\u003eEstablish and maintain processes to investigate and document information security incidents\u003c\/li\u003e\n\u003cli\u003eEstablish and maintain incident escalation and notification processes\u003c\/li\u003e\n\u003cli\u003eOrganize, train, and equip teams to effectively respond to information security incidents\u003c\/li\u003e\n\u003cli\u003eTest and review the incident response plan periodically\u003c\/li\u003e\n\u003cli\u003eEstablish and maintain communication plans and processes\u003c\/li\u003e\n\u003cli\u003eConduct post-incident reviews\u003c\/li\u003e\n\u003cli\u003eEstablish and maintain integration among the incident response plan, disaster recovery plan, and business continuity plan\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"267A16CN \/ 2026-07-28T09:00:00 \/ Online","offer_id":47534166606043,"sku":"US-2036-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"267B08US \/ 2026-07-07T09:00:00 \/ New York","offer_id":47534166671579,"sku":"US-2036-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"268A78US \/ 2026-08-04T09:00:00 \/ Washington, DC","offer_id":47534166704347,"sku":"US-2036-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"269A75US \/ 2026-09-08T09:00:00 \/ Herndon, VA","offer_id":47570761023707,"sku":"US-2036-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"266D53US \/ 2026-06-09T09:00:00 \/ Online","offer_id":48216539332827,"sku":"US-2036-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"268A70CN \/ 2026-08-18T09:00:00 \/ Toronto","offer_id":48216539365595,"sku":"US-2036-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"269C59US \/ 2026-09-15T09:00:00 \/ Austin","offer_id":48216539398363,"sku":"US-2036-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"269C60US \/ 2026-09-22T09:00:00 \/ New York","offer_id":48216539431131,"sku":"US-2036-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"26AA06CN \/ 2026-10-20T09:00:00 \/ Ottawa","offer_id":48216539463899,"sku":"US-2036-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"26AB58US \/ 2026-10-13T09:00:00 \/ San Francisco","offer_id":48216539496667,"sku":"US-2036-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"26AB59US \/ 2026-10-27T09:00:00 \/ Washington, DC","offer_id":48216539529435,"sku":"US-2036-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"26BA12CN \/ 2026-11-03T09:00:00 \/ Toronto","offer_id":48216539562203,"sku":"US-2036-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"26BC03US \/ 2026-11-17T09:00:00 \/ Aurora, CO","offer_id":48216539594971,"sku":"US-2036-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"26CB38US \/ 2026-12-01T09:00:00 \/ Herndon, VA","offer_id":48216539627739,"sku":"US-2036-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"26CB39US \/ 2026-12-08T09:00:00 \/ Austin","offer_id":48216539660507,"sku":"US-2036-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"26CB40US \/ 2026-12-15T09:00:00 \/ New York","offer_id":48216539693275,"sku":"US-2036-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"271A10CN \/ 2027-01-12T09:00:00 \/ Ottawa","offer_id":48216539726043,"sku":"US-2036-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"271B99US \/ 2027-01-19T09:00:00 \/ Washington, DC","offer_id":48216539758811,"sku":"US-2036-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"272A08CN \/ 2027-02-02T09:00:00 \/ Toronto","offer_id":48216539791579,"sku":"US-2036-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"272B31US \/ 2027-02-16T09:00:00 \/ Herndon, VA","offer_id":48266084090075,"sku":"US-2036-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"272B32US \/ 2027-02-23T09:00:00 \/ Austin","offer_id":48293100486875,"sku":"US-2036-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"273B55US \/ 2027-03-16T09:00:00 \/ New York","offer_id":48377298452699,"sku":"US-2036-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"273A08CN \/ 2027-03-30T09:00:00 \/ Ottawa","offer_id":48523463590107,"sku":"US-2036-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"274B53US \/ 2027-04-13T09:00:00 \/ Washington, DC","offer_id":48588041191643,"sku":"US-2036-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"274A08CN \/ 2027-04-27T09:00:00 \/ Toronto","offer_id":48682039967963,"sku":"US-2036-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"275B82US \/ 2027-05-04T09:00:00 \/ Bellevue, WA","offer_id":48738851193051,"sku":"US-2036-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"275B83US \/ 2027-05-18T09:00:00 \/ Herndon, VA","offer_id":48780664045787,"sku":"US-2036-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"275B84US \/ 2027-05-25T09:00:00 \/ Austin","offer_id":48804197335259,"sku":"US-2036-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"276B71US \/ 2027-06-01T09:00:00 \/ New York","offer_id":48823753834715,"sku":"US-2036-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"269D12US \/ 2026-09-01T09:00:00 \/ Online","offer_id":48837148541147,"sku":"US-2036-IL","price":2200.0,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0691\/4143\/0491\/files\/CISM.jpg?v=1709761979"},{"product_id":"certified-information-systems-auditor-cisa-training","title":"Certified Information Systems Auditor (CISA) Training","description":"\u003cdiv\u003e\n\u003cp\u003eAn \u003cabbr title=\"Information Systems Audit and Control Association\"\u003eISACA\u003c\/abbr\u003e \u003cabbr title=\"Certified Information Systems Auditor\"\u003eCISA\u003c\/abbr\u003e (Certified Information Systems Auditor) is recognized as one of the leading authorities in the areas of IS (Information Systems) auditing, control, and information security. This official \u003cstrong\u003eCISA training\u003c\/strong\u003e course provides in-depth coverage of the five CISA domains covered on the CISA certification exam. These domains include Information System Auditing, governance and management of IT; information systems acquisition, development, and implementation; information systems operations and business resilience; and protection of information assets.\u003c\/p\u003e\r\n\u003cp\u003eU.S. DoDM 8140.03 APPROVED BY DEPARTMENT OF DEFENSE\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eCertified Information Systems Auditor (CISA) Training Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this CISA training, you will: \u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePrepare for the Certified Information Systems Auditor (CISA) Exam. \u003c\/li\u003e\n\u003cli\u003eDevelop and implement a risk-based IT audit strategy in compliance with IT audit standards. \u003c\/li\u003e\n\u003cli\u003eEvaluate the effectiveness of an IT governance structure. \u003c\/li\u003e\n\u003cli\u003eEnsure that the IT organizational structure and human resources (personnel) management support the organization’s strategies and objectives. \u003c\/li\u003e\n\u003cli\u003eReview the information security policies, standards, and procedures for completeness and alignment with generally accepted practices. \u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCertified Information Systems Auditor (CISA) Training Course Prerequisites \u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eIT professionals must have 5 years or more of IS audit, control, assurance, and security experience.\u003c\/p\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCertified Information Systems Auditor (CISA) Certification Exam Information \u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eThis ISACA certification prep course is specifically designed for experienced information security professionals who are preparing to take the ISACA CISA exam. \u003cspan title=\"ISACA Certification Training | Learning Tree\" rel=\"follow noopener\" target=\"_blank\"\u003e\u003cstrong\u003eClick here to view more ISACA certification prep training ›\u003c\/strong\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eCISA Training Learning Objectives:\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eDomain 1 - Information System Auditing Process\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003ePlan an audit to determine whether information systems are protected, controlled, and provide value to the enterprise.\u003c\/li\u003e\n\u003cli\u003eConduct an audit following IS audit standards and a risk-based IS audit strategy.\u003c\/li\u003e\n\u003cli\u003eCommunicate audit progress, findings, results, and recommendations to stakeholders.\u003c\/li\u003e\n\u003cli\u003eConduct audit follow-up to evaluate whether risks have been sufficiently addressed.\u003c\/li\u003e\n\u003cli\u003eEvaluate IT management and monitoring of controls.\u003c\/li\u003e\n\u003cli\u003eUtilize data analytics tools to streamline audit processes.\u003c\/li\u003e\n\u003cli\u003eProvide consulting services and guidance to the enterprise to improve the quality and control of information systems.\u003c\/li\u003e\n\u003cli\u003eIdentify opportunities for process improvement in the enterprise's IT policies and practices.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eTopics: \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eIS Audit Standards, Guidelines, Functions, and Codes of Ethics\u003c\/li\u003e\n\u003cli\u003eTypes of Audits, Assessments, and Reviews\u003c\/li\u003e\n\u003cli\u003eRisk-based Audit Planning\u003c\/li\u003e\n\u003cli\u003eTypes of Controls and Considerations\u003c\/li\u003e\n\u003cli\u003eAudit Project Management\u003c\/li\u003e\n\u003cli\u003eAudit Testing and Sampling Methodology\u003c\/li\u003e\n\u003cli\u003eAudit Evidence Collection Techniques\u003c\/li\u003e\n\u003cli\u003eAudit Data Analytics\u003c\/li\u003e\n\u003cli\u003eReporting and Communication Techniques\u003c\/li\u003e\n\u003cli\u003eQuality Assurance and Improvement of Audit Process\u003cb\u003e\u003c\/b\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eDomain 2 – Governance and Management of IT\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eEvaluate the IT strategy for alignment with the enterprise’s strategies and objectives.\u003c\/li\u003e\n\u003cli\u003eEvaluate the effectiveness of IT governance structure and IT organizational structure.\u003c\/li\u003e\n\u003cli\u003eEvaluate the enterprise’s management of IT policies and practices.\u003c\/li\u003e\n\u003cli\u003eEvaluate the enterprise’s IT policies and practices for compliance with regulatory and legal requirements.\u003c\/li\u003e\n\u003cli\u003eEvaluate IT resource and portfolio management for alignment with the enterprise’s strategies and objectives.\u003c\/li\u003e\n\u003cli\u003eEvaluate the enterprise’s risk management policies and practices.\u003c\/li\u003e\n\u003cli\u003eEvaluate IT management and monitoring of controls.\u003c\/li\u003e\n\u003cli\u003eEvaluate the monitoring and reporting of IT key performance indicators (KPIs).\u003c\/li\u003e\n\u003cli\u003eEvaluate whether IT supplier selection and contract management processes align with business requirements.\u003c\/li\u003e\n\u003cli\u003eEvaluate whether IT service management practices align with business requirements.\u003c\/li\u003e\n\u003cli\u003eConduct periodic reviews of information systems and enterprise architecture. Evaluate data governance policies and practices.\u003c\/li\u003e\n\u003cli\u003eEvaluate the information security program to determine its effectiveness and alignment with the enterprise’s strategies and objectives.\u003c\/li\u003e\n\u003cli\u003eEvaluate potential opportunities and threats associated with emerging technologies, regulations, and industry practices.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eTopics \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eLaws, Regulations, and Industry Standards\u003c\/li\u003e\n\u003cli\u003eOrganizational Structure, IT Governance, and IT Strategy\u003c\/li\u003e\n\u003cli\u003eIT Policies, Standards, Procedures, and Guidelines\u003c\/li\u003e\n\u003cli\u003eEnterprise Architecture and Considerations\u003c\/li\u003e\n\u003cli\u003eEnterprise Risk Management (ERM)\u003c\/li\u003e\n\u003cli\u003ePrivacy Program and Principles \u003c\/li\u003e\n\u003cli\u003eData Governance and Classification\u003c\/li\u003e\n\u003cli\u003eIT Resource Management\u003c\/li\u003e\n\u003cli\u003eIT Vendor Management\u003c\/li\u003e\n\u003cli\u003eIT Performance Monitoring and Reporting\u003c\/li\u003e\n\u003cli\u003eQuality Assurance and Quality Management of IT\u003cb\u003e\u003c\/b\u003e\u003cb\u003e\u003c\/b\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eDomain 3 – Information Systems Acquisition, Development, and Implementation\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eEvaluate whether the business case for proposed information system changes meets business objectives.\u003c\/li\u003e\n\u003cli\u003eEvaluate the enterprise's project management policies and practices.\u003c\/li\u003e\n\u003cli\u003eEvaluate controls at all stages of the information systems development lifecycle.\u003c\/li\u003e\n\u003cli\u003eEvaluate the readiness of information systems for implementation and migration into production. • Conduct a post-implementation review of systems to determine whether project deliverables, controls, and requirements are met.\u003c\/li\u003e\n\u003cli\u003eEvaluate change, configuration, release, and patch management policies and practices.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eTopics: \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eProject Governance and Management\u003c\/li\u003e\n\u003cli\u003eBusiness Case and Feasibility Analysis\u003c\/li\u003e\n\u003cli\u003eSystem Development Methodologies\u003c\/li\u003e\n\u003cli\u003eControl Identification and Design\u003c\/li\u003e\n\u003cli\u003eSystem Readiness and Implementation Testing\u003c\/li\u003e\n\u003cli\u003eImplementation Configuration and Release Management\u003c\/li\u003e\n\u003cli\u003eSystem Migration, Infrastructure Deployment, and Data Conversion\u003c\/li\u003e\n\u003cli\u003ePostimplementation Review\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eDomain 4 – Information Systems Operations and Business Resilience\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eEvaluate the enterprise’s ability to continue business operations.\u003c\/li\u003e\n\u003cli\u003eEvaluate whether IT service management practices align with business requirements.\u003c\/li\u003e\n\u003cli\u003eConduct periodic reviews of information systems and enterprise architecture.\u003c\/li\u003e\n\u003cli\u003eEvaluate IT operations to determine whether they are controlled effectively and continue to support the enterprise’s objectives.\u003c\/li\u003e\n\u003cli\u003eEvaluate IT maintenance practices to determine whether they are controlled effectively and continue to support the enterprise’s objectives.\u003c\/li\u003e\n\u003cli\u003eEvaluate database management practices.\u003c\/li\u003e\n\u003cli\u003eEvaluate data governance policies and practices.\u003c\/li\u003e\n\u003cli\u003eEvaluate problem and incident management policies and practices.\u003c\/li\u003e\n\u003cli\u003eEvaluate change, configuration, release, and patch management policies and practices.\u003c\/li\u003e\n\u003cli\u003eEvaluate end-user computing to determine whether the processes are effectively controlled.\u003c\/li\u003e\n\u003cli\u003eEvaluate policies and practices related to asset lifecycle management.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eTopics: \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eIT Components\u003c\/li\u003e\n\u003cli\u003eIT Asset Management\u003c\/li\u003e\n\u003cli\u003eJob Scheduling and Production Process Automation\u003c\/li\u003e\n\u003cli\u003eSystem Interfaces\u003c\/li\u003e\n\u003cli\u003eEnd-user Computing and Shadow IT\u003c\/li\u003e\n\u003cli\u003eSystems Availability and Capacity Management\u003c\/li\u003e\n\u003cli\u003eProblem and Incident Management\u003c\/li\u003e\n\u003cli\u003eIT Change, Configuration, and Patch Management\u003c\/li\u003e\n\u003cli\u003eOperational Log Management\u003c\/li\u003e\n\u003cli\u003eIT Service Level Management\u003c\/li\u003e\n\u003cli\u003eDatabase Management\u003c\/li\u003e\n\u003cli\u003eBusiness Impact Analysis\u003c\/li\u003e\n\u003cli\u003eSystem and Operational Resilience\u003c\/li\u003e\n\u003cli\u003eData Backup, Storage, and Restoration\u003c\/li\u003e\n\u003cli\u003eBusiness Continuity Plan\u003c\/li\u003e\n\u003cli\u003eDisaster Recovery Plans\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eDomain 5 – Protection of Information Assets\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eConduct audits by IS audit standards and a risk-based IS audit strategy.\u003c\/li\u003e\n\u003cli\u003eEvaluate problem and incident management policies and practices.\u003c\/li\u003e\n\u003cli\u003eEvaluate the enterprise's information security and privacy policies and practices.\u003c\/li\u003e\n\u003cli\u003eEvaluate physical and environmental controls to determine whether information assets are adequately safeguarded.\u003c\/li\u003e\n\u003cli\u003eEvaluate logical security controls to verify information confidentiality, integrity, and availability.\u003c\/li\u003e\n\u003cli\u003eEvaluate data classification practices for alignment with the enterprise’s policies and applicable external requirements.\u003c\/li\u003e\n\u003cli\u003eEvaluate policies and practices related to asset lifecycle management.\u003c\/li\u003e\n\u003cli\u003eEvaluate the information security program to determine its effectiveness and alignment with the enterprise’s strategies and objectives.\u003c\/li\u003e\n\u003cli\u003ePerform technical security testing to identify potential threats and vulnerabilities.\u003c\/li\u003e\n\u003cli\u003eEvaluate potential opportunities and threats associated with emerging technologies, regulations, and industry practices.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eTopics: \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eInformation Asset Security Policies, Frameworks, Standards, and Guidelines\u003c\/li\u003e\n\u003cli\u003ePhysical and Environmental Controls\u003c\/li\u003e\n\u003cli\u003eIdentity and Access Management\u003c\/li\u003e\n\u003cli\u003eNetwork and End-Point Security\u003c\/li\u003e\n\u003cli\u003eData Loss Prevention\u003c\/li\u003e\n\u003cli\u003eData Encryption\u003c\/li\u003e\n\u003cli\u003ePublic Key Infrastructure (PKI)\u003c\/li\u003e\n\u003cli\u003eCloud and Virtualized Environments\u003c\/li\u003e\n\u003cli\u003eMobile, Wireless, and Internet-of-Things Devices\u003c\/li\u003e\n\u003cli\u003eSecurity Awareness Training and Programs\u003c\/li\u003e\n\u003cli\u003eInformation System Attack Methods and Techniques\u003c\/li\u003e\n\u003cli\u003eSecurity Testing Tools and Techniques\u003c\/li\u003e\n\u003cli\u003eSecurity Monitoring Logs, Tools, and Techniques\u003c\/li\u003e\n\u003cli\u003eSecurity Incident Response Management\u003c\/li\u003e\n\u003cli\u003eEvidence Collection and Forensics CISA Exam Preparation\u003c\/li\u003e\n\u003cli\u003eCISA Exam Rules • Exam Tips • Day of the Exam • CISA Certification Step\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"267B10US \/ 2026-07-14T09:00:00 \/ Herndon, VA","offer_id":47534188691675,"sku":"US-2040-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"267B11US \/ 2026-07-28T09:00:00 \/ Austin","offer_id":47534188888283,"sku":"US-2040-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"269A21CN \/ 2026-09-08T09:00:00 \/ Ottawa","offer_id":47570762858715,"sku":"US-2040-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"268A82CN \/ 2026-08-11T09:00:00 \/ Toronto","offer_id":48216557519067,"sku":"US-2040-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"26AB68US \/ 2026-10-27T09:00:00 \/ San Francisco","offer_id":48216557551835,"sku":"US-2040-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"26BC27US \/ 2026-11-17T09:00:00 \/ New York","offer_id":48216557584603,"sku":"US-2040-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"26CB50US \/ 2026-12-01T09:00:00 \/ Aurora, CO","offer_id":48216557617371,"sku":"US-2040-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"26CB51US \/ 2026-12-08T09:00:00 \/ Herndon, VA","offer_id":48216557650139,"sku":"US-2040-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"26CB52US \/ 2026-12-15T09:00:00 \/ Austin","offer_id":48216557715675,"sku":"US-2040-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"271A31CN \/ 2027-01-05T09:00:00 \/ Toronto","offer_id":48216557748443,"sku":"US-2040-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"272A26CN \/ 2027-02-02T09:00:00 \/ Ottawa","offer_id":48216557781211,"sku":"US-2040-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"273B69US \/ 2027-03-30T09:00:00 \/ Bellevue, WA","offer_id":48523463524571,"sku":"US-2040-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"274B65US \/ 2027-04-20T09:00:00 \/ New York","offer_id":48619712348379,"sku":"US-2040-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"275C07US \/ 2027-05-11T09:00:00 \/ Herndon, VA","offer_id":48759289544923,"sku":"US-2040-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"275C08US \/ 2027-05-25T09:00:00 \/ Austin","offer_id":48804197761243,"sku":"US-2040-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"276B90US \/ 2027-06-01T09:00:00 \/ Aurora, CO","offer_id":48823754031323,"sku":"US-2040-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"269D20US \/ 2026-09-15T09:00:00 \/ Online","offer_id":48837149163739,"sku":"US-2040-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"269D21US \/ 2026-09-22T09:00:00 \/ Online","offer_id":48837149196507,"sku":"US-2040-IL","price":2200.0,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0691\/4143\/0491\/files\/cisa.png?v=1709761937"},{"product_id":"certified-risk-and-information-systems-control-crisc-training","title":"Certified Risk and Information Systems Control (CRISC) Training","description":"\u003cdiv\u003e\n\u003cp\u003eThis official ISACA \u003cstrong\u003eCRISC training\u003c\/strong\u003e provides you with in-depth coverage on the four CRISC domains: risk identification; IT risk assessment; risk response and mitigation; risk and control monitoring and reporting.\u003c\/p\u003e\r\n\u003cp\u003eIT and enterprise risk management is key to an organization’s operations and strategy. If you are an Information Technology professional, risk and control professional, business analyst, project manager or compliance professional, this Certified Risk and Information Systems Control training course will teach you to defend, protect and future-proof your enterprise.\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eCertified Risk and Information Systems Control (CRISC) Training Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this course, you will:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePrepare for and pass the Certified Risk and Information System Controls (CRISC) exam.\u003c\/li\u003e\n\u003cli\u003eIdentify the universe of IT risk to contribute to the execution of the IT risk management strategy.\u003c\/li\u003e\n\u003cli\u003eAnalyze and evaluate IT risk to determine the likelihood and impact on business objectives.\u003c\/li\u003e\n\u003cli\u003eDetermine risk response options and evaluate their efficiency and effectiveness to manage risk.\u003c\/li\u003e\n\u003cli\u003eContinuously monitor and report on IT risk and controls.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eTraining Prerequisites\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eTo earn CRISC certification, you must pass the CRISC exam and show three years experience in the fields of risk management and IS control, per ISACA's requirements.\u003c\/p\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCertification Information\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eThis is an ISACA certification prep course. \u003cspan title=\"ISACA Certification Training Courses | Learning Tree\" rel=\"follow\"\u003eClick here to view more ISACA certification prep training ›\u003c\/span\u003e\u003c\/p\u003e\n\u003cp\u003eThe \u003ca href=\"https:\/\/www.isaca.org\/-\/media\/files\/isacadp\/project\/isaca\/certification\/exam-candidate-guides\/2022\/exam-candidate-guide.pdf\" title=\"PDF Exam Candidate Guide | ISACA\" rel=\"nofollow noopener\" target=\"_blank\"\u003eISACA Exam Candidate Information Guide\u003c\/a\u003e provides valuable information regarding exam day rules and information as well as exam dates and deadlines. \u003c\/p\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eCRISC Training Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eDomain 1 — IT Risk Identification\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003e1.1: Collect and review information, including existing documentation, regarding the organization’s internal and external business and IT environments to identify potential or realized impacts of IT risk to the organization’s business objectives and operations.\u003c\/li\u003e\n\u003cli\u003e1.2: Identify potential threats and vulnerabilities to the organization’s people, processes and technology to enable IT risk analysis.\u003c\/li\u003e\n\u003cli\u003e1.3: Develop a comprehensive set of IT risk scenarios based on available information to determine the potential impact to business objectives and operations.\u003c\/li\u003e\n\u003cli\u003e1.4: Identify key stakeholders for IT risk scenarios to help establish accountability.\u003c\/li\u003e\n\u003cli\u003e1.5: Establish an IT risk register to help ensure that identified IT risk scenarios are accounted for and incorporated into the enterprise-wide risk profile.\u003c\/li\u003e\n\u003cli\u003e1.6: Identify risk appetite and tolerance defined by senior leadership and key stakeholders to ensure alignment with business objectives.\u003c\/li\u003e\n\u003cli\u003e1.7: Collaborate in the development of a risk awareness program, and conduct training to ensure that stakeholders understand risk and to promote a risk-aware culture.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eDomain 2 — IT Risk Assessment\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003e2.1: Analyze risk scenarios based on organizational criteria (e.g., organizational structure, policies, standards, technology, architecture, controls) to determine the likelihood and impact of an identified risk.\u003c\/li\u003e\n\u003cli\u003e2.2: Identify the current state of existing controls and evaluate their effectiveness for IT risk mitigation.\u003c\/li\u003e\n\u003cli\u003e2.3: Review the results of risk and control analysis to assess any gaps between current and desired states of the IT risk environment.\u003c\/li\u003e\n\u003cli\u003e2.4: Ensure that risk ownership is assigned at the appropriate level to establish clear lines of accountability.\u003c\/li\u003e\n\u003cli\u003e2.5: Communicate the results of risk assessments to senior management and appropriate stakeholders to enable risk-based decision making.\u003c\/li\u003e\n\u003cli\u003e2.6: Update the risk register with the results of the risk assessment.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eDomain 3 — Risk Response and Mitigation\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003e3.1: Consult with risk owners to select and align recommended risk responses with business objectives and enable informed risk decisions.\u003c\/li\u003e\n\u003cli\u003e3.2: Consult with, or assist, risk owners on the development of risk action plans to ensure that plans include key elements (e.g., response, cost, target date).\u003c\/li\u003e\n\u003cli\u003e3.3: Consult on the design and implementation or adjustment of mitigating controls to ensure that the risk is managed to an acceptable level.\u003c\/li\u003e\n\u003cli\u003e3.4: Ensure that control ownership is assigned to establish clear lines of accountability.\u003c\/li\u003e\n\u003cli\u003e3.5: Assist control owners in developing control procedures and documentation to enable efficient and effective control execution.\u003c\/li\u003e\n\u003cli\u003e3.6: Update the risk register to reflect changes in risk and management’s risk response.\u003c\/li\u003e\n\u003cli\u003e3.7: Validate that risk responses have been executed according to the risk action plans.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eDomain 4 — Risk and Control Monitoring and Reporting\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003e4.1: Define and establish key risk indicators (KRIs) and thresholds based on available data, to enable monitoring of changes in risk.\u003c\/li\u003e\n\u003cli\u003e4.2: Monitor and analyze key risk indicators (KRIs) to identify changes or trends in the IT risk profile.\u003c\/li\u003e\n\u003cli\u003e4.3: Report on changes or trends related to the IT risk profile to assist management and relevant stakeholders in decision making.\u003c\/li\u003e\n\u003cli\u003e4.4: Facilitate the identification of metrics and key performance indicators (KPIs) to enable the measurement of control performance.\u003c\/li\u003e\n\u003cli\u003e4.5: Monitor and analyze key performance indicators (KPIs) to identify changes or trends related to the control environment and determine the efficiency and effectiveness of controls.\u003c\/li\u003e\n\u003cli\u003e4.6: Review the results of control assessments to determine the effectiveness of the control environment.\u003c\/li\u003e\n\u003cli\u003e4.7: Report on the performance of, changes to, or trends in the overall risk profile and control environment to relevant stakeholders to enable decision making.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"267B09US \/ 2026-07-14T09:00:00 \/ New York","offer_id":47534201798875,"sku":"US-2037-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"268A20CN \/ 2026-08-25T09:00:00 \/ Ottawa","offer_id":47534201831643,"sku":"US-2037-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"268A79US \/ 2026-08-04T09:00:00 \/ Herndon, VA","offer_id":47534201897179,"sku":"US-2037-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"269A76US \/ 2026-09-15T09:00:00 \/ Austin","offer_id":47595010588891,"sku":"US-2037-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"269A20CN \/ 2026-09-22T09:00:00 \/ Toronto","offer_id":47620345299163,"sku":"US-2037-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"267A69CN \/ 2026-07-21T09:00:00 \/ Toronto","offer_id":48216548638939,"sku":"US-2037-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"268C91US \/ 2026-08-18T09:00:00 \/ Washington, DC","offer_id":48216548671707,"sku":"US-2037-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"26AB65US \/ 2026-10-06T09:00:00 \/ New York","offer_id":48216548704475,"sku":"US-2037-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"26AB66US \/ 2026-10-20T09:00:00 \/ Aurora, CO","offer_id":48216548737243,"sku":"US-2037-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"26AB67US \/ 2026-10-27T09:00:00 \/ Herndon, VA","offer_id":48216548770011,"sku":"US-2037-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"26BA33CN \/ 2026-11-17T09:00:00 \/ Ottawa","offer_id":48216548802779,"sku":"US-2037-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"26BC26US \/ 2026-11-03T09:00:00 \/ Washington, DC","offer_id":48216548835547,"sku":"US-2037-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"26CB47US \/ 2026-12-08T09:00:00 \/ Austin","offer_id":48216548868315,"sku":"US-2037-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"26CB48US \/ 2026-12-15T09:00:00 \/ Bellevue, WA","offer_id":48216548901083,"sku":"US-2037-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"271A30CN \/ 2027-01-12T09:00:00 \/ Toronto","offer_id":48216548933851,"sku":"US-2037-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"271C15US \/ 2027-01-05T09:00:00 \/ New York","offer_id":48216548966619,"sku":"US-2037-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"271C16US \/ 2027-01-19T09:00:00 \/ Herndon, VA","offer_id":48216548999387,"sku":"US-2037-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"272B45US \/ 2027-02-02T09:00:00 \/ Washington, DC","offer_id":48216549032155,"sku":"US-2037-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"272A25CN \/ 2027-02-09T09:00:00 \/ Ottawa","offer_id":48233008431323,"sku":"US-2037-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"273B66US \/ 2027-03-02T09:00:00 \/ Austin","offer_id":48310906585307,"sku":"US-2037-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"273B67US \/ 2027-03-22T09:00:00 \/ New York","offer_id":48498605457627,"sku":"US-2037-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"273A31CN \/ 2027-03-30T09:00:00 \/ Toronto","offer_id":48523463491803,"sku":"US-2037-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"274B62US \/ 2027-04-13T09:00:00 \/ Herndon, VA","offer_id":48588040011995,"sku":"US-2037-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"274B63US \/ 2027-04-20T09:00:00 \/ Aurora, CO","offer_id":48619708973275,"sku":"US-2037-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"274B64US \/ 2027-04-27T09:00:00 \/ Washington, DC","offer_id":48682037739739,"sku":"US-2037-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"275A27CN \/ 2027-05-04T09:00:00 \/ Ottawa","offer_id":48738852438235,"sku":"US-2037-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"275C06US \/ 2027-05-25T09:00:00 \/ Austin","offer_id":48804200972507,"sku":"US-2037-IL","price":2200.0,"currency_code":"USD","in_stock":true},{"title":"269D39US \/ 2026-09-08T09:00:00 \/ Online","offer_id":48837148967131,"sku":"US-2037-IL","price":2200.0,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0691\/4143\/0491\/files\/CRISC.png?v=1709761952"},{"product_id":"ec-council-certified-ciso-training-cciso-v3","title":"EC-Council Certified CISO Training CCISO v4","description":"\u003cdiv\u003e\n\u003cp\u003eThe Certified CISO (CCISO) EC-Council program is the first of its kind training and certification program aimed at producing top-level information security executives. The CCISO does not focus solely on technical knowledge but on applying information security management principles from an executive management point of view. Each segment of the program has been developed with the aspiring CISO in mind and looks to transfer the knowledge of seasoned professionals to the next generation in the most critical areas in developing and maintaining a successful information security program.\u003c\/p\u003e\r\n\u003cp\u003eU.S. DoDM 8140.03\u003cbr\u003eAPPROVED BY DEPARTMENT OF DEFENSE\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eEC-Council Certified CISO Training CCISO v4 Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this CISO training, you will learn how to:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePrepare for the CCISO exam.\u003c\/li\u003e\n\u003cli\u003eNavigate the day-to-day responsibilities of a CISO.\u003c\/li\u003e\n\u003cli\u003eConsider the technical aspects of the CISO role from an executive perspective.\u003c\/li\u003e\n\u003cli\u003ePlan security and financial strategies.\u003c\/li\u003e\n\u003cli\u003eAlign CISO tasks with business goals and risk tolerance.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePrerequisites\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eFive years of IS management experience in each of the 5 CCISO domains verified via the \u003ca href=\"https:\/\/ciso.eccouncil.org\/contact\/\"\u003eExam Eligibility Application\u003c\/a\u003e\u003c\/p\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCertification Information\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eIn order to sit the exam, you must have five years of IS management experience in each of the 5 CCISO domains.\u003c\/p\u003e\n\u003cp\u003eOnce the application has been approved, instructions for purchasing a Pearson VUE voucher will be issued. Applicants who do not meet these requirements can sit for the EC-Council Information Security Manager (E|ISM) exam as part of the Associate CCISO Program.\u003c\/p\u003e\n\u003cp\u003eThis is an EC-Council certification prep course. \u003cspan\u003e\u003cstrong\u003eClick here to view more EC-Council certification prep training ›\u003c\/strong\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eCCISO Certification Course Information\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eDomain 1: Governance (Policy, Legal, and Compliance)\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eInformation Security Management Program\u003c\/li\u003e\n\u003cli\u003eDefining an Information Security Governance Program\u003c\/li\u003e\n\u003cli\u003eRegulatory and Legal Compliance\u003c\/li\u003e\n\u003cli\u003eRisk Management\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eDomain 2: IS Management Controls and Auditing Management\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDesigning, deploying, and managing security controls\u003c\/li\u003e\n\u003cli\u003eUnderstanding security controls types and objectives\u003c\/li\u003e\n\u003cli\u003eImplementing control assurance frameworks\u003c\/li\u003e\n\u003cli\u003eUnderstanding the audit management process\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eDomain 3: Security Program Management \u0026amp; Operations\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eThe role of the CISO\u003c\/li\u003e\n\u003cli\u003eInformation Security Projects\u003c\/li\u003e\n\u003cli\u003eIntegration of security requirements into other operational processes (change management, version control, disaster recovery, etc.)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eDomain 4: Information Security Core Concepts\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAccess Controls\u003c\/li\u003e\n\u003cli\u003ePhysical Security\u003c\/li\u003e\n\u003cli\u003eDisaster Recovery and Business Continuity Planning\u003c\/li\u003e\n\u003cli\u003eNetwork Security\u003c\/li\u003e\n\u003cli\u003eThreat and Vulnerability Management\u003c\/li\u003e\n\u003cli\u003eApplication Security\u003c\/li\u003e\n\u003cli\u003eSystem Security\u003c\/li\u003e\n\u003cli\u003eEncryption\u003c\/li\u003e\n\u003cli\u003eVulnerability Assessments and Penetration Testing\u003c\/li\u003e\n\u003cli\u003eComputer Forensics and Incident Response\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eDomain 5: Strategic Planning, Finance, \u0026amp; Vendor Management\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity Strategic Planning\u003c\/li\u003e\n\u003cli\u003eAlignment with business goals and risk tolerance\u003c\/li\u003e\n\u003cli\u003eSecurity emerging trends\u003c\/li\u003e\n\u003cli\u003eKey Performance Indicators (KPI)\u003c\/li\u003e\n\u003cli\u003eFinancial Planning\u003c\/li\u003e\n\u003cli\u003eDevelopment of business cases for security\u003c\/li\u003e\n\u003cli\u003eAnalyzing, forecasting, and developing a capital expense budget\u003c\/li\u003e\n\u003cli\u003eAnalyzing, forecasting, and developing an operating expense budget\u003c\/li\u003e\n\u003cli\u003eReturn on Investment (ROI) and cost-benefit analysis\u003c\/li\u003e\n\u003cli\u003eVendor management\u003c\/li\u003e\n\u003cli\u003eIntegrating security requirements into the contractual agreement and procurement process\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"EC-Council","offers":[{"title":"268A65US \/ 2026-08-17T09:00:00 \/ Herndon, VA","offer_id":47534181056731,"sku":"US-2026-IL","price":3296.0,"currency_code":"USD","in_stock":true},{"title":"26BB78US \/ 2026-11-16T09:00:00 \/ Herndon, VA","offer_id":48216589041883,"sku":"US-2026-IL","price":3296.0,"currency_code":"USD","in_stock":true},{"title":"272B14US \/ 2027-02-08T09:00:00 \/ Herndon, VA","offer_id":48230042501339,"sku":"US-2026-IL","price":3296.0,"currency_code":"USD","in_stock":true},{"title":"275B62US \/ 2027-05-10T09:00:00 \/ Herndon, VA","offer_id":48758114746587,"sku":"US-2026-IL","price":3296.0,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0691\/4143\/0491\/files\/CISO.png?v=1709762173"},{"product_id":"sscp®-training-and-certification","title":"SSCP® Training and Certification","description":"\u003cdiv\u003e\n\u003cp\u003eThe \u003cstrong\u003eSSCP Certification Course\u003c\/strong\u003e is a comprehensive training program designed to prepare individuals to become Systems Security Certified Practitioners. The course covers the essential skills and concepts needed to pass the SSCP certification exam, which assesses the knowledge and abilities of IT professionals in the domains of systems security.\u003c\/p\u003e\r\n\u003cp\u003eWith a focus on data security and security vulnerabilities, this course covers topics such as access control, security operations, incident response, cryptography, and network security. It also delves into the security issues and solutions associated with cloud computing, hybrid clouds, and private clouds.\u003c\/p\u003e\r\n\u003cp\u003eAs companies increasingly rely on data centers, interactive application security testing (IAST), and dynamic application security testing (DAST), it is essential for professionals to have a deep understanding of software security and common vulnerabilities. With this training, IT professionals can gain the visibility and control necessary to protect their data and applications, as well as their business logic and source code.\u003c\/p\u003e\r\n\u003cp\u003eTo qualify for this course, individuals should have at least one year of full-time work experience in one of the domains covered in the SSCP exam. Upon completion of this course, individuals will be prepared to take the SSCP certification exam, which is included in the course tuition. With the knowledge gained from this training, professionals can help prevent data breaches and ensure the security of their organizations.\u003c\/p\u003e\r\n\u003cp\u003eU.S. DoDM 8140.03 APPROVED BY DEPARTMENT OF DEFENSE\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eSSCP® Training and Certification Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this SSCP course, you will learn how to:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePrepare for and pass the SSCP Exam.\u003c\/li\u003e\n\u003cli\u003eImplement authentication mechanisms.\u003c\/li\u003e\n\u003cli\u003eDocument and operate security controls.\u003c\/li\u003e\n\u003cli\u003ePerform security assessment activities.\u003c\/li\u003e\n\u003cli\u003eUnderstand security issues related to networks.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eSSCP Training Prerequisites\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eThis course is for Systems Analysts and Engineers, Security Engineers as well, Database Analysts, and other IT professionals who have a minimum of one year of full-time experience in one of the domains covered in the SSCP exam. \u003c\/p\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eSSCP Certification Information\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eLearning Tree can provide a voucher that allows you to take the exam at any Pearson VUE Test Center available on request.\u003cbr\u003eRequirements for certification:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eA minimum of one year of experience in one or more of the seven domains of the SSCP Common Body of Knowledge (CBK)\u003c\/li\u003e\n\u003cli\u003ePass SSCP exam\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eAttendees can self-submit our courses for the following \u003ca href=\"https:\/\/www.isc2.org\/CPE-Portal-Questions\" title=\"CPE Portal Questions | (ISC)² Home\" rel=\"nofollow noopener\" target=\"_blank\"\u003eCPE credit\u003c\/a\u003e:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eGroup A credits for attending any of our cybersecurity courses, and \u003c\/li\u003e\n\u003cli\u003eGroup B General Education credits for any other Learning Tree course they attend.\u003c\/li\u003e\n\u003cli\u003eOr ISC2 members can submit CPE credits directly to the \u003ca href=\"https:\/\/www.isc2.org\/CPE-Portal-Questions\" title=\"CPE Portal Questions | ISC2 Home\" rel=\"nofollow noopener\" target=\"_blank\"\u003eCPE portal\u003c\/a\u003e in the Members section of the \u003ca href=\"https:\/\/www.isc2.org\/Membership\" title=\"Membership | ISC2 Home\" rel=\"nofollow noopener\" target=\"_blank\"\u003eISC2 website\u003c\/a\u003e.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eThis is an ISC2 certification prep course. \u003cspan title=\"ISC2® Certification Training Courses | Learning Tree\" rel=\"follow noopener\" target=\"_blank\"\u003eClick here to view more ISC2 certification prep training ›\u003c\/span\u003e\u003c\/p\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eSSCP Training and Certification Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 1: Access Controls\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eImplement authentication mechanisms\u003c\/li\u003e\n\u003cli\u003eOperate internetwork trust architectures\u003c\/li\u003e\n\u003cli\u003eParticipate in the identity-management lifecycle\u003c\/li\u003e\n\u003cli\u003eImplement access controls\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 2: Security Operations and Administration\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eUnderstand and comply with the code of ethics\u003c\/li\u003e\n\u003cli\u003eUnderstand security concepts\u003c\/li\u003e\n\u003cli\u003eDocument and operate security controls\u003c\/li\u003e\n\u003cli\u003eParticipate in asset management\u003c\/li\u003e\n\u003cli\u003eImplement and assess compliance with controls\u003c\/li\u003e\n\u003cli\u003eParticipate in change management\u003c\/li\u003e\n\u003cli\u003eParticipate in security awareness and training\u003c\/li\u003e\n\u003cli\u003eParticipate in physical security operations\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 3: Risk Identification, Monitoring, and Analysis\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eUnderstand the risk management process\u003c\/li\u003e\n\u003cli\u003ePerform security assessment activities\u003c\/li\u003e\n\u003cli\u003eOperate and maintain monitoring systems\u003c\/li\u003e\n\u003cli\u003eAnalyze monitoring results\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 4: Incident Response and Recovery\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eParticipate in incident handling\u003c\/li\u003e\n\u003cli\u003eUnderstand and support forensic investigations\u003c\/li\u003e\n\u003cli\u003eUnderstand and support BCP and DRP\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 5: Cryptography\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eUnderstand and apply fundamental concepts of cryptography\u003c\/li\u003e\n\u003cli\u003eUnderstand the requirements for cryptography\u003c\/li\u003e\n\u003cli\u003eUnderstand and support secure protocols\u003c\/li\u003e\n\u003cli\u003eOperate and implement cryptographic systems\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 6: Networks and Communications Security\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eUnderstand security issues related to networks\u003c\/li\u003e\n\u003cli\u003eProtect telecommunications technologies\u003c\/li\u003e\n\u003cli\u003eControl network access\u003c\/li\u003e\n\u003cli\u003eManage LAN-based security\u003c\/li\u003e\n\u003cli\u003eOperate and configure network-based security devices\u003c\/li\u003e\n\u003cli\u003eImplement and operate wireless technologies\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 7: Systems and Application Security\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eIdentify and analyze malicious code and activity\u003c\/li\u003e\n\u003cli\u003eImplement and operate endpoint device security\u003c\/li\u003e\n\u003cli\u003eOperate and configure cloud security\u003c\/li\u003e\n\u003cli\u003eSecure big data systems\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"268B15US \/ 2026-08-24T09:00:00 \/ Herndon, VA","offer_id":47534198030555,"sku":"US-2060-IL","price":2400.0,"currency_code":"USD","in_stock":true},{"title":"267A82CN \/ 2026-07-27T09:00:00 \/ Ottawa","offer_id":48216574394587,"sku":"US-2060-IL","price":2400.0,"currency_code":"USD","in_stock":true},{"title":"267D51US \/ 2026-07-06T09:00:00 \/ New York","offer_id":48216574427355,"sku":"US-2060-IL","price":2400.0,"currency_code":"USD","in_stock":true},{"title":"269C67US \/ 2026-09-21T09:00:00 \/ Austin","offer_id":48216574460123,"sku":"US-2060-IL","price":2400.0,"currency_code":"USD","in_stock":true},{"title":"26BC72US \/ 2026-11-02T09:00:00 \/ Herndon, VA","offer_id":48216574492891,"sku":"US-2060-IL","price":2400.0,"currency_code":"USD","in_stock":true},{"title":"26CA29CN \/ 2026-12-14T09:00:00 \/ Ottawa","offer_id":48216574525659,"sku":"US-2060-IL","price":2400.0,"currency_code":"USD","in_stock":true},{"title":"26CB80US \/ 2026-12-07T09:00:00 \/ New York","offer_id":48216574558427,"sku":"US-2060-IL","price":2400.0,"currency_code":"USD","in_stock":true},{"title":"272B80US \/ 2027-02-22T09:00:00 \/ Austin","offer_id":48291027321051,"sku":"US-2060-IL","price":2400.0,"currency_code":"USD","in_stock":true},{"title":"273C02US \/ 2027-03-08T09:00:00 \/ Herndon, VA","offer_id":48329827320027,"sku":"US-2060-IL","price":2400.0,"currency_code":"USD","in_stock":true},{"title":"274C10US \/ 2027-04-26T09:00:00 \/ New York","offer_id":48669373300955,"sku":"US-2060-IL","price":2400.0,"currency_code":"USD","in_stock":true},{"title":"275A29CN \/ 2027-05-17T09:00:00 \/ Ottawa","offer_id":48778589733083,"sku":"US-2060-IL","price":2400.0,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0691\/4143\/0491\/files\/SSCP.jpg?v=1709762232"},{"product_id":"supply-chain-cyber-security-risk-management","title":"Supply Chain Cyber Security Risk Management","description":"\u003cdiv\u003e\u003cp\u003eThis course provides an introduction to fundamental \u003cstrong\u003ecybersecurity risk management\u003c\/strong\u003e concepts and how they are applied to modern supply chains. Attendees will learn how to identify critical suppliers, assess risk in third and fourth-party relationships, and identify mitigation strategies. The course covers risks associated with hardware, software, and services acquired from external sources, and attendees will learn strategies for analyzing, treating, and monitoring cyber risk throughout the supply chain.\u003c\/p\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eSupply Chain Cyber Security Risk Management Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cp\u003eIdentify supply chain components in modern organizations, including hardware, software, and services\u003c\/p\u003e\u003c\/li\u003e\n\u003cli\u003e\u003cp\u003eInventory critical assets and suppliers, and assess the risks they pose to your organization\u003c\/p\u003e\u003c\/li\u003e\n\u003cli\u003e\u003cp\u003eUnderstand risk mitigation options, and how to adapt them to address complex risks across the supply chain\u003c\/p\u003e\u003c\/li\u003e\n\u003cli\u003e\u003cp\u003eImplement risk management frameworks and build a supply chain risk management plan\u003c\/p\u003e\u003c\/li\u003e\n\u003cli\u003e\u003cp\u003eAudit and perform oversight of supply chain risk to monitor risk mitigation effectiveness\u003c\/p\u003e\u003c\/li\u003e\n\u003cli\u003e\u003cp\u003eContinue learning and face new challenges with after-course one-on-one instructor coaching\u003c\/p\u003e\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eSupply Chain Cyber Security Risk Management Instructor-Led Course Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eImportant Supply Chain Cyber Security Risk Management Information\u003c\/h4\u003e\n\u003cp\u003e\u003cb\u003ePrerequisites:\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eTo be successful in this course, some experience with risk management and business management is helpful but not required.\u003c\/li\u003e\n\u003cli\u003eBasic product development knowledge is beneficial, such as software development lifecycles and integrating components into a final product.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eWho should attend?\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eRisk managers, looking to extend risk management programs to external third parties, suppliers, and vendors.\u003c\/li\u003e\n\u003cli\u003eSecurity practitioners, tasked with holistic risk management.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 1: Risk Management Basics\u003c\/h4\u003e\n\u003cp\u003eIn this module, you will learn to:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDefine Risk and determine its likelihood and probability.\u003c\/li\u003e\n\u003cli\u003eAssess Risk’s financial, reputational, and revenue impact.\u003c\/li\u003e\n\u003cli\u003eDefine Threats and Threat Actors.\u003c\/li\u003e\n\u003cli\u003eIdentify threat modeling approaches.\u003c\/li\u003e\n\u003cli\u003eDefine Vulnerabilities to networks and organizations.\u003c\/li\u003e\n\u003cli\u003eDiscuss methods of risk assessment: qualitative vs. quantitative.\u003c\/li\u003e\n\u003cli\u003eIdentify ways to mature risk assessment processes over time through an Iterative risk assessment.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eExercise 1: Build a risk register for your fictional company.\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEvaluate Risk Treatment options: Avoid\/Mitigate\/Accept\/Transfer.\u003c\/li\u003e\n\u003cli\u003eDetermine when are certain options most appropriate?\u003c\/li\u003e\n\u003cli\u003eAsk what decision factors must be considered when selecting a risk option?\u003c\/li\u003e\n\u003cli\u003eDefine what limitations exist in choosing options.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eExercise 2: Document risk treatment plans.\u003c\/b\u003e\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 2: Supply Chain Basics\u003c\/h4\u003e\n\u003cp\u003eIn this module, you will learn about:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDefine Supply Chain, Vendor, Third\/Fourth Party, and key parts of a supply chain.\u003c\/li\u003e\n\u003cli\u003eOperational risk and understanding the business impact of prioritizing critical suppliers.\u003c\/li\u003e\n\u003cli\u003eCommon supply chain risks arising from Hardware (\u003cabbr title=\"Hardware\"\u003eHW\u003c\/abbr\u003e), Software \u003cabbr title=\"Software\"\u003eSW\u003c\/abbr\u003e), and Open-source software (\u003cabbr title=\"Open-source software\"\u003eOSS\u003c\/abbr\u003e).\u003c\/li\u003e\n\u003cli\u003eInherited\/platform risks (e.g., operating system risks that impact an application, underlying modules included in a larger application like Log4j).\u003c\/li\u003e\n\u003cli\u003eRisks from services such as key vendors, third parties, etc.\u003c\/li\u003e\n\u003cli\u003eIdentifying vulnerabilities - What do attackers target?\u003c\/li\u003e\n\u003cli\u003eWhat motivates supply chain attacks, and who are the victims?\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cem\u003e \u003c\/em\u003e\u003cstrong\u003eExercise 3: Assess supply chain risks.\u003c\/strong\u003e\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 3: SCRM Tools \u0026amp; Practices\u003c\/h4\u003e\n\u003cp\u003eIn this module, you will learn how to:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eBuild an \u003cabbr title=\"Supply Chain Risk Managment\"\u003eSCRM\u003c\/abbr\u003e plan.\u003c\/li\u003e\n\u003cli\u003eLeverage existing security and privacy controls in the organization.\u003c\/li\u003e\n\u003cli\u003eIdentify common framework elements that push compliance to other organizations, such as Business Associates in \u003cabbr title=\"Health Insurance Portability and Accountability Act\"\u003eHIPAA\u003c\/abbr\u003e and data subprocessors in \u003cabbr title=\"General Data Protection Regulation\"\u003eGDRP\u003c\/abbr\u003e.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eExercise 4: Identify inputs and key outputs of SCRM planning. Document the required process elements needed. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDefine the purpose of contracts and typical use cases.\u003c\/li\u003e\n\u003cli\u003eDefine service level requirements, service level agreements (\u003cabbr title=\"service level agreements\"\u003eSLA\u003c\/abbr\u003es), and the purpose\/typical use cases of each.\u003c\/li\u003e\n\u003cli\u003eDefine assurance and how the level of risk will impact the level of assurance required.\u003c\/li\u003e\n\u003cli\u003eConduct due diligence at contract initiation and then routinely throughout the service lifetime.\u003c\/li\u003e\n\u003cli\u003eImplement due care, such as supplier audits and identifying alternate suppliers.\u003c\/li\u003e\n\u003cli\u003eEnsure adequate insurance coverage for third- and fourth-party risks.\u003c\/li\u003e\n\u003cli\u003eConsume vendor-supplied audit reports and identify gaps against the organization’s internal compliance requirements.\u003c\/li\u003e\n\u003cli\u003eBuild an audit methodology and implement the program.\u003c\/li\u003e\n\u003cli\u003eTreat previously discussed hardware, software, and service supply chain risks.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eCase Studies: SolarWinds, Kaseya, and Target breaches.\u003c\/b\u003e\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 4: Compliance Frameworks, SCRM Vendors, and Tools\u003c\/h4\u003e\n\u003cp\u003eIn this module, you will learn about:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eUsing a compliance framework to build SCRM capability internal to an organization.\u003c\/li\u003e\n\u003cli\u003eRequirements to comply with a framework as a vendor to other organizations.\u003c\/li\u003e\n\u003cli\u003e\n\u003cabbr title=\"Cybersecurity Maturity Model Certification\"\u003eCMMC\u003c\/abbr\u003e \u0026amp; \u003cabbr title=\"National Institute of Standards and Technology\"\u003eNIST\u003c\/abbr\u003e SP 800-171.\u003c\/li\u003e\n\u003cli\u003eCMMI for Acquisition (\u003ca href=\"http:\/\/www.sei.cmu.edu\/library\/abstracts\/reports\/10tr032.cfm\" title=\"CMMI for Acquisition\" target=\"_blank\" rel=\"external nofollow noopener\"\u003eCMMI-ACQ\u003c\/a\u003e).\u003c\/li\u003e\n\u003cli\u003eSOC 2\n\u003cul\u003e\n\u003cli\u003eIdentify as a proactive measure; service providers can undergo an audit and have a documented report of compliance available to share with business partners.\u003c\/li\u003e\n\u003cli\u003eDiscuss various \u003cabbr title=\"System and Organization Controls\"\u003eSOC\u003c\/abbr\u003e reports (1, 2, 3) and types (I, II).\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003eCloud Security Alliance (\u003cabbr title=\"Cloud Security Alliance\"\u003eCSA\u003c\/abbr\u003e), Cloud Controls Matrix (\u003cabbr title=\"Cloud Controls Matrix\"\u003eCCM\u003c\/abbr\u003e), Consensus Assessment Initiative Questionnaire (\u003cabbr title=\"Consensus Assessment Initiative Questionnaire\"\u003eCAIQ\u003c\/abbr\u003e), and the CSA \u003cabbr title=\"Security, Trust, Assurance, and Risk\"\u003eSTAR\u003c\/abbr\u003e Registry.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eExercise: Review a sample CAIQ-Lite report or excerpts from a SOC 2 Type II.\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eVendor Security Alliance (vendorsecurityalliance.org).\u003c\/li\u003e\n\u003cli\u003eVendor security questionnaires.\u003c\/li\u003e\n\u003cli\u003eOngoing risk monitoring\/supplier monitoring platforms (Security Scorecard, BitSight. etc.).\u003c\/li\u003e\n\u003cli\u003e\n\u003cabbr title=\"Governance, Risk, and Compliance\"\u003eGRC\u003c\/abbr\u003e platforms (ZenGRC, TugBoat Logic, etc.).\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"268A63US \/ 2026-08-24T09:00:00 \/ Herndon, VA","offer_id":47534218051803,"sku":"US-2014-IL","price":1640.0,"currency_code":"USD","in_stock":true},{"title":"26BB76US \/ 2026-11-24T09:00:00 \/ Herndon, VA","offer_id":48216568266971,"sku":"US-2014-IL","price":1640.0,"currency_code":"USD","in_stock":true},{"title":"272B11US \/ 2027-02-22T09:00:00 \/ Herndon, VA","offer_id":48291027091675,"sku":"US-2014-IL","price":1640.0,"currency_code":"USD","in_stock":true},{"title":"275B60US \/ 2027-05-25T09:00:00 \/ Herndon, VA","offer_id":48804197400795,"sku":"US-2014-IL","price":1640.0,"currency_code":"USD","in_stock":true}]},{"product_id":"cgeit-certification-training","title":"CGEIT Certification Training","description":"\u003cdiv\u003e\n\u003cp\u003eIt has become even clearer that organizations with corporate and IT governance policies and processes in place are better able to adapt quickly to changing situations and maintain productivity.\u003c\/p\u003e\r\n\u003cp\u003eThis official ISACA \u003cstrong\u003eCGEIT certification\u003c\/strong\u003e course prepares you for the exam to become Certified in the Governance of Enterprise IT. It provides you with in-depth coverage on the GEIT Framework. As part of this 2020 updated ISACA CGEIT exam content outline, the exam domains have been consolidated from five to four, and include the governance of enterprise IT, IT resources, benefits realization, and risk optimization. This course is designed specifically for Senior Managers, CIOs, Compliance and IS Professionals, and those looking for more efficient and effective practices to manage IT.\u003c\/p\u003e\r\n\u003cp\u003eThe role of Enterprise IT Governance is not always clear to organizations looking to manage risk to and in an organization. Achieve this in-demand certification and demonstrate your ability to manage IT resources.\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eCGEIT Certification Training Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this course, you will:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePrepare for and pass the Certified Governance Enterprise IT (CGEIT) exam.\u003c\/li\u003e\n\u003cli\u003eDefine, establish, and manage a framework for the governance of enterprise IT.\u003c\/li\u003e\n\u003cli\u003eEnable and support the achievement of enterprise objectives.\u003c\/li\u003e\n\u003cli\u003eEnsure that IT-enabled investments are managed to deliver optimized business benefits.\u003c\/li\u003e\n\u003cli\u003eEstablish an IT risk management framework to identify, analyze, mitigate, manage, monitor, and communicate IT-related business risk.\u003c\/li\u003e\n\u003cli\u003eOptimize IT resources.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eTraining Prerequisites\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eTo earn CGEIT certification, you must pass the CGEIT exam and demonstrate five or more years of experience managing, serving in an advisory or oversight role, and\/or otherwise supporting the governance of the IT-related contribution to an enterprise is required to apply for certification.\u003c\/p\u003e\n\u003cp\u003eThis experience is defined specifically by the domains and task statements described in the CGEIT Job Practice.\u003c\/p\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCertification Information\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eThis is an ISACA certification prep course. \u003cspan title=\"ISACA Certification Training Courses | Learning Tree\" rel=\"follow\"\u003eClick here to view more ISACA certification prep training ›\u003c\/span\u003e\u003c\/p\u003e\n\u003cp\u003eThe \u003ca href=\"https:\/\/www.isaca.org\/-\/media\/files\/isacadp\/project\/isaca\/certification\/exam-candidate-guides\/2022\/exam-candidate-guide.pdf\" title=\"PDF Exam Candidate Guide | ISACA\" rel=\"nofollow noopener\" target=\"_blank\"\u003eISACA Exam Candidate Information Guide\u003c\/a\u003e provides valuable information regarding exam day rules and information as well as exam dates and deadlines. \u003c\/p\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eCGEIT Training Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eDomain 1A. Governance Framework\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003e1A1 Components of a Governance Framework\u003c\/li\u003e\n\u003cli\u003e1A2 Organizational Structures, Roles, and Responsibilities\u003c\/li\u003e\n\u003cli\u003e1A3 Strategy Development\u003c\/li\u003e\n\u003cli\u003e1A4 Legal and Regulatory Compliance\u003c\/li\u003e\n\u003cli\u003e1A5 Organizational Culture\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eDomain 1B. Technology Governance\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003e1B1 Governance Strategy Alignment with Enterprise Objectives\u003c\/li\u003e\n\u003cli\u003e1B2 Strategic Planning Process\u003c\/li\u003e\n\u003cli\u003e1B3 Stakeholder Analysis and Engagement\u003c\/li\u003e\n\u003cli\u003e1B4 Communication and Awareness Strategy\u003c\/li\u003e\n\u003cli\u003e1B5 Enterprise Architecture\u003c\/li\u003e\n\u003cli\u003e1B6 Policies and Standards\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eDomain 1C. Information Governance\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003e1C1 Information Architecture Workshop\u003c\/li\u003e\n\u003cli\u003e1C2 Information Asset Lifecycle\u003c\/li\u003e\n\u003cli\u003e1C3 Information Ownership and Stewardship\u003c\/li\u003e\n\u003cli\u003e1C4 Information Classification and Handling\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eDomain 2A. IT Resource Planning\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003e2A1 Sourcing Strategies\u003c\/li\u003e\n\u003cli\u003e2A2 Resource Capacity Planning\u003c\/li\u003e\n\u003cli\u003e2A3 Acquisition of Resources\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eDomain 2B. IT Resource Optimization\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003e2B1 IT Resource Lifecycle and Asset Management\u003c\/li\u003e\n\u003cli\u003e2B2 Human Resource Competency and Development\u003c\/li\u003e\n\u003cli\u003e2B3 Management of Contracted Services and Relationships\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eDomain 3A. IT Performance and Oversight\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003e3A1 Performance Management\u003c\/li\u003e\n\u003cli\u003e3A2 Change Management\u003c\/li\u003e\n\u003cli\u003e3A3 Governance Monitoring\u003c\/li\u003e\n\u003cli\u003e3A4 Governance Reporting\u003c\/li\u003e\n\u003cli\u003e3A5 Quality Assurance\u003c\/li\u003e\n\u003cli\u003e3A6 Process Development and Improvement\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eDomain 3B. Management of IT-Enabled Investments\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003e3B1 Business Case Development\u003c\/li\u003e\n\u003cli\u003e3B2 IT Investment Management and Reporting\u003c\/li\u003e\n\u003cli\u003e3B3 Performance Metrics Process Development and Improvement\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eDomain 4A Risk Strategy\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003e4A1 Risk Frameworks and Standards\u003c\/li\u003e\n\u003cli\u003e4A2 Enterprise Risk Management Workshop\u003c\/li\u003e\n\u003cli\u003e4A3 Risk Appetite and Risk Tolerance\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eDomain 4B Risk Management\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003e4B1 IT-Enabled Capabilities, Processes, and Services\u003c\/li\u003e\n\u003cli\u003e4B2 Business Risk, Exposures and Threats\u003c\/li\u003e\n\u003cli\u003e4B3 Risk Management Lifecycle\u003c\/li\u003e\n\u003cli\u003e4B4 Risk Assessment Methods\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"269A77US \/ 2026-09-01T09:00:00 \/ Herndon, VA","offer_id":47534222868699,"sku":"US-2038-IL","price":3080.0,"currency_code":"USD","in_stock":true},{"title":"267D43US \/ 2026-07-28T09:00:00 \/ Herndon, VA","offer_id":48216592515291,"sku":"US-2038-IL","price":3080.0,"currency_code":"USD","in_stock":true},{"title":"26CB49US \/ 2026-12-01T09:00:00 \/ Herndon, VA","offer_id":48216592548059,"sku":"US-2038-IL","price":3080.0,"currency_code":"USD","in_stock":true},{"title":"271C17US \/ 2027-01-26T09:00:00 \/ Herndon, VA","offer_id":48216592580827,"sku":"US-2038-IL","price":3080.0,"currency_code":"USD","in_stock":true},{"title":"273B68US \/ 2027-03-30T09:00:00 \/ Herndon, VA","offer_id":48523465064667,"sku":"US-2038-IL","price":3080.0,"currency_code":"USD","in_stock":true},{"title":"276B89US \/ 2027-06-01T09:00:00 \/ Herndon, VA","offer_id":48823753965787,"sku":"US-2038-IL","price":3080.0,"currency_code":"USD","in_stock":true}]},{"product_id":"cgrc®-training-and-certification","title":"CGRC® Training and Certification","description":"\u003cdiv\u003e\n\u003cp\u003eA professional earning the Certified in Governance, Risk and Compliance (CGRC®) is an information security practitioner who advocates for security risk management in pursuit of information system authorization to support an organization’s mission and operations in accordance with legal and regulatory requirements.\u003c\/p\u003e\r\n\u003cp\u003eU.S. DoDM 8140.03 APPROVED BY DEPARTMENT OF DEFENSE\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eCGRC® Training and Certification Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this CGRC Certification and Training, you will learn how to:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eInformation Security Risk Management Program\u003c\/li\u003e\n\u003cli\u003eScope of the Information System\u003c\/li\u003e\n\u003cli\u003eSelection and Approval of Security and Privacy Controls\u003c\/li\u003e\n\u003cli\u003eImplementation of Security and Privacy Controls\u003c\/li\u003e\n\u003cli\u003eAssessment\/Audit of Security and Privacy Controls\u003c\/li\u003e\n\u003cli\u003eAuthorization\/Approval of Information System\u003c\/li\u003e\n\u003cli\u003eContinuous Monitoring\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCGRC Training Prerequisites\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eTo qualify for the CGRC certification, you must have a minimum of two years of cumulative, paid, full-time work experience in one or more of the seven domains of the CGRC Common Body of Knowledge (CBK).\u003c\/p\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCGRC Certification Information\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eTo maintain certification, you must:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEarn and post a minimum of 20 ISC2 \u003cstrong\u003e\u003cabbr title=\"Continuing Professional Education\"\u003eCPE\u003c\/abbr\u003e credits per year\u003c\/strong\u003e\n\u003c\/li\u003e\n\u003cli\u003eComply with ISC2's Code of Professional Ethics\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eAttendees can self-submit our courses for the following \u003ca href=\"https:\/\/www.isc2.org\/CPE-Portal-Questions\" title=\"CPE Portal Questions | (ISC)² Home\" rel=\"nofollow noopener\" target=\"_blank\"\u003eCPE credit\u003c\/a\u003e:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cstrong\u003eGroup A credits \u003c\/strong\u003efor attending any of our cybersecurity courses, and\u003c\/li\u003e\n\u003cli\u003e\n\u003cstrong\u003eGroup B General Education credits \u003c\/strong\u003efor any other Learning Tree course they attend.\u003c\/li\u003e\n\u003cli\u003eOr ISC2 members can submit CPE credits directly to the \u003ca href=\"https:\/\/www.isc2.org\/CPE-Portal-Questions\" title=\"CPE Portal Questions | ISC2\" target=\"_blank\" rel=\"nofollow noopener\"\u003eCPE portal\u003c\/a\u003e in the Members section of the \u003ca href=\"https:\/\/www.isc2.org\/\" title=\"Cybersecurity and IT Security Certifications and Training | ISC2\" target=\"_blank\" rel=\"nofollow noopener\"\u003eISC2 website\u003c\/a\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eCGRC Training and Certification Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eDomain 1: Information Security Risk Management Program\u003c\/h4\u003e\n\u003cp\u003e1.1 - Understand the foundation of an organization's information security risk management program\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePrinciples of information security\u003c\/li\u003e\n\u003cli\u003eRisk management frameworks (e.g., National Institute of Standards and Technology (NIST), cyber security framework, Control Objectives for Information and Related Technology (COBIT), International Organization for Standardization (ISO) 27001, International Organization for Standardization (ISO) 31000)\u003c\/li\u003e\n\u003cli\u003eSystem Development Life Cycle (SDLC)\u003c\/li\u003e\n\u003cli\u003eInformation system boundary requirements\u003c\/li\u003e\n\u003cli\u003eSecurity controls and practices\u003c\/li\u003e\n\u003cli\u003eRoles and responsibilities in the authorization\/approval process\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e1.2 - Understand the risk management program process\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eSelect program management controls\u003c\/li\u003e\n\u003cli\u003ePrivacy requirements\u003c\/li\u003e\n\u003cli\u003eDetermine third-party hosted information systems\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e1.3 - Understand regulatory and legal requirements\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eFamiliarize with governmental, organizational and international regulatory security and privacy requirements (e.g., International Organization for Standardization (ISO) 27001, Federal Information Security Modernization Act (FISMA), Federal Risk and Authorization Management Program (FedRAMP), General Data Protection Regulation (GDPR), Health Insurance Portability and Accountability Act (HIPAA))\u003c\/li\u003e\n\u003cli\u003eFamiliarize with other applicable security-related mandates\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eDomain 2: Scope of the Information System\u003c\/h4\u003e\n\u003cp\u003e2.1 - Define the information system\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDetermine the scope of the information system\u003c\/li\u003e\n\u003cli\u003eDescribe the architecture (e.g., data flow, internal and external interconnections)\u003c\/li\u003e\n\u003cli\u003eDescribe the information system's purpose and functionality\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e2.2 - Determine the categorization of the information system\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eIdentify the information types processed, stored or transmitted by the information system\u003c\/li\u003e\n\u003cli\u003eDetermine the impact level on confidentiality, integrity, and availability for each information type (e.g., Federal Information Processing Standards (FIPS) 199, International Organization for Standardization\/International Electrotechnical Commission (ISO\/IEC) 27002, data protection impact assessment)\u003c\/li\u003e\n\u003cli\u003eDetermine information system categorization and document results\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eDomain 3: Selection and Approval of Security and Privacy Controls\u003c\/h4\u003e\n\u003cp\u003e3.1 - Identify and document baseline and inherited controls\u003c\/p\u003e\n\u003cp\u003e3.2 - Select and tailor controls to the system\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDetermine the applicability of recommended baseline and inherited controls\u003c\/li\u003e\n\u003cli\u003eDetermine appropriate use of control enhancements (e.g., security practices, overlays, countermeasures)\u003c\/li\u003e\n\u003cli\u003eDocument control applicability\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e3.3 - Develop continuous control monitoring strategy (e.g., implementation, timeline, effectiveness)\u003c\/p\u003e\n\u003cp\u003e3.4 - Review and approve security plan\/Information Security Management System (ISMS)\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eDomain 4: Implementation of Security and Privacy Controls\u003c\/h4\u003e\n\u003cp\u003e4.1 - Implement selected controls\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDetermine mandatory configuration settings and verify implementation following current industry standards (e.g., Technical Security Standard for Information Technology (TSSIT), Technical Guideline for Minimum Security Measures, United States Government Configuration Baseline (USGCB), National Institute of Standards and Technology (NIST) checklists, Security Technical Implementation Guides (STIGs), Center for Internet Security (CIS) benchmarks, General Data Protection Regulation (GDPR))\u003c\/li\u003e\n\u003cli\u003eEnsure that the implementation of controls is consistent with the organizational architecture and associated security and privacy architecture\u003c\/li\u003e\n\u003cli\u003eCoordinate implementation of inherited controls with control providers\u003c\/li\u003e\n\u003cli\u003eDetermine and implement compensating\/alternate security controls\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e4.2 - Document control implementation\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDocument inputs to the planned controls, their expected behavior and expected outputs or deviations\u003c\/li\u003e\n\u003cli\u003eVerify the documented details of the controls meet the purpose, scope and risk profile of the information system\u003c\/li\u003e\n\u003cli\u003eObtain and document implementation details from appropriate organization entities (e.g., physical security, personnel security, privacy)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eDomain 5: Assessment\/Audit of Security and Privacy Controls\u003c\/h4\u003e\n\u003cp\u003e5.1 - Prepare for assessment\/audit\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDetermine assessor\/auditor requirements\u003c\/li\u003e\n\u003cli\u003eEstablish objectives and scope\u003c\/li\u003e\n\u003cli\u003eDetermine methods and level of effort\u003c\/li\u003e\n\u003cli\u003eDetermine necessary resources and logistics\u003c\/li\u003e\n\u003cli\u003eCollect and review artifacts (e.g., previous assessments\/audits, system documentation, policies)\u003c\/li\u003e\n\u003cli\u003eFinalize the assessment\/audit plan\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e5.2 - Conduct assessment\/audit\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eCollect and document assessment\/audit evidence\u003c\/li\u003e\n\u003cli\u003eAssess\/audit implementation and validate compliance using approved assessment methods (e.g., interview, test, and examine)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e5.3 - Prepare the initial assessment\/audit report\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAnalyze assessment\/audit results and identify vulnerabilities\u003c\/li\u003e\n\u003cli\u003ePropose remediation actions\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e5.4 - Review the initial assessment\/audit report and perform remediation actions\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDetermine risk responses\u003c\/li\u003e\n\u003cli\u003eApply remediations\u003c\/li\u003e\n\u003cli\u003eReassess and validate the remediated controls\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e5.5 - Develop final assessment\/audit report\u003c\/p\u003e\n\u003cp\u003e5.6 - Develop remediation plan\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAnalyze identified residual vulnerabilities or deficiencies\u003c\/li\u003e\n\u003cli\u003ePrioritize responses based on risk level\u003c\/li\u003e\n\u003cli\u003eIdentify resources (e.g., financial, personnel and technical) and determine the appropriate timeframe\/schedule required to remediate deficiencies\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eDomain 6: Authorization\/Approval of Information System\u003c\/h4\u003e\n\u003cp\u003e6.1 - Compile security and privacy authorization\/approval documents\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eCompile required security and privacy documentation to support authorization\/approval decisions by the designated official\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e6.2 - Determine information system risk\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEvaluate information system risk\u003c\/li\u003e\n\u003cli\u003eDetermine risk treatment options (i.e., accept, avoid, transfer, mitigate, share)\u003c\/li\u003e\n\u003cli\u003eDetermine residual risk\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e6.3 - Authorize\/approve information system\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDetermine terms of authorization\/approval\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eDomain 7: Continuous Monitoring\u003c\/h4\u003e\n\u003cp\u003e7.1 - Determine the impact of changes to information systems and the environment\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eIdentify potential threats and impacts to the operation of information systems and the environment\u003c\/li\u003e\n\u003cli\u003eAnalyze risk due to proposed changes accounting for organizational risk tolerance\u003c\/li\u003e\n\u003cli\u003eApprove and document proposed changes (e.g., Change Control Board (CCB), Technical Review Board)\u003c\/li\u003e\n\u003cli\u003eImplement proposed changes\u003c\/li\u003e\n\u003cli\u003eValidate changes have been correctly implemented\u003c\/li\u003e\n\u003cli\u003eEnsure change management tasks are performed\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e7.2 - Perform ongoing assessments\/audits based on organizational requirements\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eMonitor network, physical and personnel activities (e.g., unauthorized assets, personnel and related activities)\u003c\/li\u003e\n\u003cli\u003eEnsure vulnerability scanning activities are performed\u003c\/li\u003e\n\u003cli\u003eReview automated logs and alerts for anomalies (e.g., security orchestration, automation and response)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e7.3 - Review supply chain risk analysis monitoring activities (e.g., cyber threat reports, agency reports, news reports)\u003c\/p\u003e\n\u003cp\u003e7.4 - Actively participate in response planning and communication of a cyber event\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEnsure response activities are coordinated with internal and external stakeholders\u003c\/li\u003e\n\u003cli\u003eUpdate documentation, strategies and tactics incorporating lessons learned\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e7.5 - Revise monitoring strategies based on changes to industry developments introduced through legal, regulatory, supplier, security and privacy updates\u003c\/p\u003e\n\u003cp\u003e7.6 - Keep designated officials updated about the risk posture for continuous authorization\/approval\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDetermine ongoing information system risk\u003c\/li\u003e\n\u003cli\u003eUpdate risk register, risk treatment, and remediation plan\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e7.7 - Decommission information system\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDetermine information system decommissioning requirements\u003c\/li\u003e\n\u003cli\u003eCommunicate decommissioning of information system\u003c\/li\u003e\n\u003cli\u003eRemove information system from operations\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"266A16CN \/ 2026-06-08T09:00:00 \/ Online","offer_id":47534198227163,"sku":"US-2061-IL","price":2590.0,"currency_code":"USD","in_stock":true},{"title":"267B51US \/ 2026-07-20T09:00:00 \/ Herndon, VA","offer_id":47534198292699,"sku":"US-2061-IL","price":2590.0,"currency_code":"USD","in_stock":true},{"title":"268B16US \/ 2026-08-17T09:00:00 \/ New York","offer_id":47534198325467,"sku":"US-2061-IL","price":2590.0,"currency_code":"USD","in_stock":true},{"title":"267A83CN \/ 2026-07-06T09:00:00 \/ Toronto","offer_id":48216574591195,"sku":"US-2061-IL","price":2590.0,"currency_code":"USD","in_stock":true},{"title":"26AC13US \/ 2026-10-19T09:00:00 \/ Aurora, CO","offer_id":48216574623963,"sku":"US-2061-IL","price":2590.0,"currency_code":"USD","in_stock":true},{"title":"26AC14US \/ 2026-10-26T09:00:00 \/ San Francisco","offer_id":48216574656731,"sku":"US-2061-IL","price":2590.0,"currency_code":"USD","in_stock":true},{"title":"26BA38CN \/ 2026-11-02T09:00:00 \/ Ottawa","offer_id":48216574689499,"sku":"US-2061-IL","price":2590.0,"currency_code":"USD","in_stock":true},{"title":"26BA39CN \/ 2026-11-30T09:00:00 \/ Toronto","offer_id":48216574918875,"sku":"US-2061-IL","price":2590.0,"currency_code":"USD","in_stock":true},{"title":"26BC73US \/ 2026-11-16T09:00:00 \/ Austin","offer_id":48216574951643,"sku":"US-2061-IL","price":2590.0,"currency_code":"USD","in_stock":true},{"title":"26CB81US \/ 2026-12-14T09:00:00 \/ Herndon, VA","offer_id":48216574984411,"sku":"US-2061-IL","price":2590.0,"currency_code":"USD","in_stock":true},{"title":"271C60US \/ 2027-01-11T09:00:00 \/ New York","offer_id":48216575017179,"sku":"US-2061-IL","price":2590.0,"currency_code":"USD","in_stock":true},{"title":"274A32CN \/ 2027-04-05T09:00:00 \/ Ottawa","offer_id":48556119883995,"sku":"US-2061-IL","price":2590.0,"currency_code":"USD","in_stock":true},{"title":"274C11US \/ 2027-04-19T09:00:00 \/ Austin","offer_id":48612310745307,"sku":"US-2061-IL","price":2590.0,"currency_code":"USD","in_stock":true},{"title":"274C12US \/ 2027-04-26T09:00:00 \/ Aurora, CO","offer_id":48669324509403,"sku":"US-2061-IL","price":2590.0,"currency_code":"USD","in_stock":true},{"title":"275A30CN \/ 2027-05-03T09:00:00 \/ Toronto","offer_id":48736209076443,"sku":"US-2061-IL","price":2590.0,"currency_code":"USD","in_stock":true},{"title":"275C52US \/ 2027-05-10T09:00:00 \/ Bellevue, WA","offer_id":48758116221147,"sku":"US-2061-IL","price":2590.0,"currency_code":"USD","in_stock":true},{"title":"275C53US \/ 2027-05-17T09:00:00 \/ Herndon, VA","offer_id":48778587701467,"sku":"US-2061-IL","price":2590.0,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0691\/4143\/0491\/files\/CS-Collection.png?v=1724772310"},{"product_id":"certified-professional-cmmc-training-ccp","title":"Certified Professional CMMC Training (CCP)","description":"\u003cdiv\u003e\u003cp\u003e\u003cimg alt=\"ATP Designation\" width=\"150px\" style=\"float: left;\" src=\"https:\/\/cdn.buttercms.com\/jEuu6pDQS8au7MkZsvab\"\u003eThe CMMC Certified Professional™ (CCP™) is the foundational certification for anyone seeking to work within the implementation and assessment ecosystem of the US Department of War’s (DoW) Cybersecurity Maturity Model Certification (CMMC) program. It validates that you are ready to help organizations achieve assessment-ready cybersecurity programs or participate in a CMMC Assessment Team during official CMMC assessments. Plus, CCP is the required first step toward becoming a CCA, providing a clear advancement pathway into assessment and higher-level consulting roles.\u003c\/p\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eCertified Professional CMMC Training (CCP) Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp style=\"margin-right: 0in; margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', serif;\"\u003e\u003cstrong\u003e\u003cspan style=\"font-family: Calibri, sans-serif;\"\u003eImportant Information\u003c\/span\u003e\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEach student will be responsible for purchasing the CCP Exam through ISACA. Using the following link, you will click “Register” to purchase your respective exam.\n\u003cul\u003e\n\u003cli\u003eCCP: \u003ca href=\"https:\/\/www.isaca.org\/credentialing\/ccp\"\u003ehttps:\/\/www.isaca.org\/credentialing\/ccp\u003c\/a\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003eLearners must confirm they have completed the mandatory training prior to registering for the exam. ISACA validates this confirmation against the training data submitted by your training provider, to ensure a valid application.\u003c\/li\u003e\n\u003cli\u003e\u003ca href=\"https:\/\/www.isaca.org\/-\/media\/files\/isacadp\/project\/isaca\/certification\/exam-candidate-guides\/cca-ccp_exam_candidates_guide.pdf\"\u003ehttps:\/\/www.isaca.org\/-\/media\/files\/isacadp\/project\/isaca\/certification\/exam-candidate-guides\/cca-ccp_exam_candidates_guide.pdf\u003c\/a\u003e\u003c\/li\u003e\n\u003cli\u003eAfter passing the exam you will submit your application with ISACA for the certification and will pay the required $200 fee at that time.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this CMMC Certification Training Course, you will learn how to:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eIdentify the threats to the defense supply chain and the established regulations and standards for managing the risk.\u003c\/li\u003e\n\u003cli\u003eIdentify the sensitive information that needs to be protected within the defense supply chain and how to manage it.\u003c\/li\u003e\n\u003cli\u003eDescribe how the CMMC Model ensures compliance with federal acquisition regulations.\u003c\/li\u003e\n\u003cli\u003eIdentify the responsibilities of the CMMC Certified  Professional, including appropriate ethical behavior.\u003c\/li\u003e\n\u003cli\u003eEstablish the Certification and Assessment scope boundaries for evaluating the systems that protect regulated information.\u003c\/li\u003e\n\u003cli\u003ePrepare the OSC (Organizations Seeking Certification) for an Assessment by evaluating readiness.\u003c\/li\u003e\n\u003cli\u003eUse the CMMC Assessment Guides to determine and assess the Evidence for practices.\u003c\/li\u003e\n\u003cli\u003eImplement and evaluate practices required to meet CMMC Level 1.\u003c\/li\u003e\n\u003cli\u003eIdentify the practices required to meet CMMC Level 2.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eWho Should Attend:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eDoW Suppliers Preparing For CMMC Compliance\u003c\/li\u003e\n\u003cli\u003eIt\/Security Managers at DIB Companies\u003c\/li\u003e\n\u003cli\u003eGrc\/Compliance Leads Driving Cmmc Programs\u003c\/li\u003e\n\u003cli\u003eAspiring CMMC Assessors\u003c\/li\u003e\n\u003cli\u003eEarly-Career Professionals Entering DIB Cyber Compliance\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cb\u003eCMMC Certification Training Prerequisites\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003eTo ensure success on this course, you should have some foundational education or experience in cybersecurity. Therefore, ISACA and Cyber AB have established prerequisites for those who wish to apply for CCP certification, such as: \u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eFavorable background checks. Additional citizenship and clearance credentials are also required to perform higher-level duties, such as participating as an ML-2 (Maturity Level 2) assessment team member. \u003c\/li\u003e\n\u003cli\u003eHave college degree in a cyber or information technical field, or 2+ years of related education experience, or 2+ years of related experience (including military) in a cyber, information technology, or assessment field.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eCMMC Certification Training Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 1:  Managing Risk within the Defense Supply Chain\u003c\/h4\u003e\n\u003cp\u003eTopic A:Identify Threats to the Defense Supply Chain \u003c\/p\u003e\n\u003cp\u003eTopic B:Identify Regulatory Responses against Threats \u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 2: Handling Sensitive Information\u003c\/h4\u003e\n\u003cp\u003eTopic A: Identify Sensitive Information\u003c\/p\u003e\n\u003cp\u003e\u003cb\u003eTopic B: Manage Sensitive Information\u003c\/b\u003e\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 3: Ensuring Compliance through CMMC\u003c\/h4\u003e\n\u003cp\u003eTopic A: Describe the CMMC Model Architecture\u003c\/p\u003e\n\u003cp\u003e\u003cb\u003eTopic B: Define the CMMC Program and Its Ecosystem\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003eTopic C: Define Self-Assessments\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 4: Performing CCP Responsibilities\u003c\/h4\u003e\n\u003cp\u003eTopic A: Identify Responsibilities of the CCP\u003c\/p\u003e\n\u003cp\u003e\u003cb\u003eTopic B: Demonstrate Appropriate Ethics and Behavior\u003c\/b\u003e\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 5: Scoping Certification and Assessment Boundaries\u003c\/h4\u003e\n\u003cp\u003eTopic A: Use the CMMC Assessment Scope Documentation\u003c\/p\u003e\n\u003cp\u003e\u003cb\u003eTopic B: Get Oriented to the OSC Environment\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003eTopic C: Determine How Sensitive Information Moves\u003c\/p\u003e\n\u003cp\u003eTopic D: Identify Systems in Scope\u003c\/p\u003e\n\u003cp\u003eTopic E: Limit Scope\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 6: Preparing the OSC\u003c\/h4\u003e\n\u003cp\u003eTopic A: Foster a Mature Cybersecurity Culture\u003c\/p\u003e\n\u003cp\u003e\u003cb\u003eTopic B: Evaluate Readiness\u003c\/b\u003e\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 7: Determining and Assessing Evidence\u003c\/h4\u003e\n\u003cp\u003eTopic A: Determine Evidence\u003c\/p\u003e\n\u003cp\u003e\u003cb\u003eTopic B: Assess the Practices Using the CMMC Assessment Guides\u003c\/b\u003e\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 8: Implementing and Evaluating Level 1\u003c\/h4\u003e\n\u003cp\u003eTopic A: Identify CMMC Level 1 Domains and Practices\u003c\/p\u003e\n\u003cp\u003e\u003cb\u003eTopic B: Perform a CMMC Level 1 Gap Analysis\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003eTopic C: Assess CMMC Level 1 Practices\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 9: Identifying Level 2 Practices\u003c\/h4\u003e\n\u003cp\u003eTopic A: Identify CMMC Level 2 Practices \u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 10: Working through an Assessment\u003c\/h4\u003e\n\u003cp\u003eTopic A: Identify Assessment Roles and Responsibilities\u003c\/p\u003e\n\u003cp\u003e\u003cb\u003eTopic B: Plan and Prepare the Assessment\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003eTopic C: Conduct the Assessment\u003c\/p\u003e\n\u003cp\u003eTopic D: Report on the Assessment Results\u003c\/p\u003e\n\u003cp\u003eTopic E: Conduct the CMMC POA\u0026amp;M (Plan of Action and Milestones) Close-Out Assessment\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eCMMC Certification Training Outline Appendixes\u003c\/h4\u003e\n\u003cp\u003eAppendix A: Evidence Collection Approach for CMMC Level 1 Practices\u003c\/p\u003e\n\u003cp\u003e\u003cb\u003eAppendix B: Additional Documentation for CCPs (Certified CMMC Professionals)\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003eAppendix C: Mapping Course Content to the CCP Exam\u003c\/p\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"267B54US \/ 2026-07-21T09:00:00 \/ Online","offer_id":47534198456539,"sku":"US-2072-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"266D67US \/ 2026-06-15T09:00:00 \/ Online","offer_id":48216585961691,"sku":"US-2072-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"269A85CN \/ 2026-09-01T09:00:00 \/ Online","offer_id":48216585994459,"sku":"US-2072-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"26AC17US \/ 2026-10-13T09:00:00 \/ Online","offer_id":48216586027227,"sku":"US-2072-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"26BC77US \/ 2026-11-03T09:00:00 \/ Online","offer_id":48216586059995,"sku":"US-2072-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"26CB82US \/ 2026-12-01T09:00:00 \/ Online","offer_id":48216586092763,"sku":"US-2072-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"271A38CN \/ 2027-01-19T09:00:00 \/ Online","offer_id":48216586125531,"sku":"US-2072-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"273C05US \/ 2027-03-02T09:00:00 \/ Online","offer_id":48310906912987,"sku":"US-2072-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"273C06US \/ 2027-03-30T09:00:00 \/ Online","offer_id":48523463655643,"sku":"US-2072-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"275C55US \/ 2027-05-04T09:00:00 \/ Online","offer_id":48738853683419,"sku":"US-2072-IL","price":2512.0,"currency_code":"USD","in_stock":true}]},{"product_id":"certified-cmmc-assessor-training-cca","title":"Certified CMMC Assessor Training (CCA)","description":"\u003cdiv\u003e\n\u003cp\u003e\u003cimg src=\"https:\/\/cdn.buttercms.com\/jEuu6pDQS8au7MkZsvab\" alt=\"ATP Designation\" width=\"150px\" style=\"float: left;\"\u003e This training program equips individuals to become Certified CMMC Assessors (CCA) and prepares them for the Certified CMMC Assessor exam. It focuses on the requirements for evaluating CMMC levels and provides workflow strategies to enhance assessment efficiency.\u003c\/p\u003e\r\n\u003cp\u003eCCA’s play a vital role in ensuring that Department of Defense (DoD) suppliers and service providers meet the cybersecurity standards set by the Secretary of Defense. The CMMC program establishes a standardized framework for assessing organizations that seek to supply products and services to the DoD, requiring them to demonstrate cybersecurity compliance and competence. The course also addresses proper management of Controlled Unclassified Information (CUI).\u003c\/p\u003e\r\n\u003cp\u003eTraining is delivered through virtual instructor-led sessions and interactive classrooms in real-time, tailored to meet the specific needs of each team. This program also includes employee development training to boost overall team performance, ensuring adherence to the Defense Federal Acquisition Regulation (DFAR) cybersecurity standards.\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eCertified CMMC Assessor Training (CCA) Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this CMMC CCA course, you will:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eProtect CUI with the CMMC program.\u003c\/li\u003e\n\u003cli\u003eEstablish the key elements of your responsibilities as a professional CMMC Assessor.\u003c\/li\u003e\n\u003cli\u003eWork through an Assessment.\u003c\/li\u003e\n\u003cli\u003eValidate the context and scope of a Level 2 CMMC Assessment.\u003c\/li\u003e\n\u003cli\u003eAssess the practices in all 14 domains derived from NIST SP 800-171.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eTraining Prerequisites\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eTo ensure your success in this course and to enable you to sit for the exam:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eYou must have attained your CCP Certification.\u003c\/li\u003e\n\u003cli\u003eComplete CCA Application Process and remain in good standing with the CAICO\u003c\/li\u003e\n\u003cli\u003eEnroll in and complete CCA course with an Approved Training Provier (ATP)\u003c\/li\u003e\n\u003cli\u003ePass CCA Exam\u003c\/li\u003e\n\u003cli\u003eNEW: Obtain Tier 3 Background Investigation Eligibility Determination\u003c\/li\u003e\n\u003cli\u003eNEW: Have at least three (3) years of cybersecurity experience\u003c\/li\u003e\n\u003cli\u003eNEW: Have at least one (1) year of assessment or audit experience\u003c\/li\u003e\n\u003cli\u003eNEW: Possess at least one baseline certification* aligned to the Intermediate (minimum to meet requirements) or Advanced Proficiency Level for Career Pathway Certified Assessor 612 (Security Control Assessor) from DoD Manual 8140.03\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eCertified CMMC Assessor Training Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 1: Protecting CUI with the CMMC Program\u003c\/h4\u003e\n\u003cp\u003eTopic A: Protect Controlled Unclassified Information\u003cbr\u003eTopic B: Utilize the CMMC Source Documents\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 2: Being an Assessor\u003c\/h4\u003e\n\u003cp\u003eTopic A: Identify Assessment Roles and Responsibilities\u003cbr\u003eTopic B: Establish an Assessor Mindset\u003cbr\u003eTopic C: Determine the OSC's Cybersecurity Environment\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 3: Working Through an Assessment\u003c\/h4\u003e\n\u003cp\u003eTopic A: Identify Assessment Flow and Milestone Events\u003cbr\u003eTopic B: Prepare to Work with the OSC\u003cbr\u003eTopic C: Formalize the Plan\u003cbr\u003eTopic D: Assess the Evidence\u003cbr\u003eTopic E: Handle Non-Conformity Issues\u003cbr\u003eTopic F: Finalize the Assessment\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 4: Validating the Scope of a CMMC Assessment\u003c\/h4\u003e\n\u003cp\u003eTopic A: Define Scope Fundamentals\u003cbr\u003eTopic B: Categorize the Assets\u003cbr\u003eTopic C: Determine the OSC Context\u003cbr\u003eTopic D: Define ESPs\u003cbr\u003eTopic E: Validate the Assessment Scope\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 5: Assessing the AC Practices\u003c\/h4\u003e\n\u003cp\u003eTopic A: Evaluate the AC Practices\u003cbr\u003eTopic B: Identify AC Connections and Considerations\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 6: Assessing the AT Practices\u003c\/h4\u003e\n\u003cp\u003eTopic A: Evaluate the AT Practices\u003cbr\u003eTopic B: Identify AT Connections and Considerations\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 7: Assessing the AU Practices\u003c\/h4\u003e\n\u003cp\u003eTopic A: Evaluate the AU Practices\u003cbr\u003eTopic B: Identify AU Connections and Considerations\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 8: Assessing the CA Practices\u003c\/h4\u003e\n\u003cp\u003eTopic A: Evaluate the CA Practices\u003cbr\u003eTopic B: Identify CA Connections and Considerations\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 9: Assessing the CM Practices\u003c\/h4\u003e\n\u003cp\u003eH3: \u003cbr\u003eTopic A: Evaluate the CM Practices\u003cbr\u003eTopic B: Identify CM Connections and Considerations\u003cbr\u003e\u003cbr\u003e\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 10: Assessing the IA Practices\u003c\/h4\u003e\n\u003cp\u003eTopic A: Evaluate the IA Practices\u003cbr\u003eTopic B: Identify IA Connections and Considerations\u003cbr\u003e\u003cbr\u003e\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 11: Assessing the IR Practices\u003c\/h4\u003e\n\u003cp\u003eTopic A: Evaluate the IR Practices\u003cbr\u003eTopic B: Identify IR Connections and Considerations\u003cbr\u003e\u003cbr\u003e\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 12: Assessing the MA Practices\u003c\/h4\u003e\n\u003cp\u003eTopic A: Evaluate the MA Practices\u003cbr\u003eTopic B: Identify MA Connections and Considerations\u003cbr\u003e\u003cbr\u003e\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 13: Assessing the MP Practices\u003c\/h4\u003e\n\u003cp\u003eTopic A: Evaluate the MP Practices\u003cbr\u003eTopic B: Identify MP Connections and Considerations\u003cbr\u003e\u003cbr\u003e\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 14: Assessing the PE Practices\u003c\/h4\u003e\n\u003cp\u003eTopic A: Evaluate the PE Practices\u003cbr\u003eTopic B: Identify PE Connections and Considerations\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 15: Assessing the PS Practices\u003c\/h4\u003e\n\u003cp\u003eTopic A: Evaluate the PS Practices\u003cbr\u003eTopic B: Identify PS Connections and Considerations\u003cbr\u003e\u003cbr\u003e\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 16: Assessing the RA Practices\u003c\/h4\u003e\n\u003cp\u003eTopic A: Evaluate the RA Practices\u003cbr\u003eTopic B: Identify RA Connections and Considerations\u003cbr\u003e\u003cbr\u003e\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 17: Assessing the SC Practices\u003c\/h4\u003e\n\u003cp\u003eTopic A: Evaluate the SC Practices\u003cbr\u003eTopic B: Identify SC Connections and Considerations\u003cbr\u003e\u003cbr\u003e\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003e Lesson 18: Assessing the SI Practices\u003c\/h4\u003e\n\u003cp\u003eTopic A: Evaluate the SI Practices\u003cbr\u003eTopic B: Identify SI Connections and Considerations\u003cbr\u003e\u003cbr\u003e\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eAppendix\u003c\/h4\u003e\n\u003cp\u003eAppendix A: Evidence Collection Approach for CMMC Practices Levels 1 and 2\u003cbr\u003eAppendix B: Additional Documentation for CCAs\u003cbr\u003eAppendix C: Mapping Course Content to the CCA Exam\u003c\/p\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"267B55US \/ 2026-07-27T09:00:00 \/ Online","offer_id":47534211662043,"sku":"US-2073-IL","price":2680.0,"currency_code":"USD","in_stock":true},{"title":"26AC18US \/ 2026-10-26T09:00:00 \/ Online","offer_id":48216586453211,"sku":"US-2073-IL","price":2680.0,"currency_code":"USD","in_stock":true},{"title":"271C63US \/ 2027-01-25T09:00:00 \/ Online","offer_id":48216586485979,"sku":"US-2073-IL","price":2680.0,"currency_code":"USD","in_stock":true},{"title":"274C15US \/ 2027-04-26T09:00:00 \/ Online","offer_id":48669325197531,"sku":"US-2073-IL","price":2680.0,"currency_code":"USD","in_stock":true}]},{"product_id":"nist-training-assess-manage-risk","title":"NIST Training: Assess \u0026 Manage Risk","description":"\u003cdiv\u003e\n\u003ch3\u003e\u003cstrong\u003eRisk Assessment \u0026amp; Management Training for the US Government\u003c\/strong\u003e\u003c\/h3\u003e\r\n\u003cp\u003eThis NIST (National Institute of Standards and Technology) Cybersecurity Framework training course will teach US (United States) Government cybersecurity staff to protect their organization from unacceptable losses by effectively assessing and managing risk. Through \u003cstrong\u003eNIST training\u003c\/strong\u003e, they will learn how to employ the NIST Cybersecurity Framework defined by The NIST and ensure their organization meets the cyber security laws and regulations imposed on all US Government agencies. \u003c\/p\u003e\r\n\u003cul\u003e\r\n\u003cli\u003eAttendees receive a complete set of course notes and a workbook containing all the course workshops\u003c\/li\u003e\r\n\u003cli\u003eEvery source document used in developing the course may be downloaded from the NIST Website free of charge\u003c\/li\u003e\r\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eNIST Training: Assess \u0026amp; Manage Risk Benefits\u003c\/h3\u003e\n\u003cul\u003e\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this NIST training course, you will learn how to: \u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eImplement the NIST Risk Management Framework for assessing and managing your organization's information infrastructure risks. \u003c\/li\u003e\n\u003cli\u003eSelect and implement security controls that satisfy \u003cabbr title=\"Federal Information Security Modernization\"\u003eFISMA\u003c\/abbr\u003e, OMB (Office of Management and Budget), and Department\/Agency requirements. \u003c\/li\u003e\n\u003cli\u003eMaintain an acceptable security posture over the system life cycle. \u003c\/li\u003e\n\u003cli\u003eApply FedRAMP-compliant cloud-based solutions. \u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eNIST Training Course Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 1: Introduction to Risk Assessment and Management\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eEnsuring compliance with applicable laws, regulations, policies, and directives \u003c\/li\u003e\n\u003cli\u003eProtecting the organization from unacceptable losses \u003c\/li\u003e\n\u003cli\u003eDescribing the NIST RMF (Risk Management Framework) \u003c\/li\u003e\n\u003cli\u003eApplying NIST risk management processes \u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 2: Characterizing System Security Requirements\u003c\/h4\u003e\n\u003cp\u003eDefining the system\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePrescribing the system security boundary\u003c\/li\u003e\n\u003cli\u003ePinpointing system interconnections\u003c\/li\u003e\n\u003cli\u003eIncorporating characteristics of ICS (Industrial Control Systems) and \u003cabbr title=\"Federal Risk and Authorization Management Program\"\u003eFedRAMP\u003c\/abbr\u003e-compliant cloud-based systems\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eIdentifying security risk components\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEstimating the impact of compromises to confidentiality, integrity, and availability\u003c\/li\u003e\n\u003cli\u003eAdopting the appropriate model for categorizing system risk\u003c\/li\u003e\n\u003cli\u003eSpecialized considerations for U.S. Government classified information\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eSetting the stage for successful risk management\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDocumenting critical risk assessment and management decisions in the SSP (System Security Plan)\u003c\/li\u003e\n\u003cli\u003eAppointing qualified individuals to risk governance roles\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 3: Selecting Appropriate Security Controls\u003c\/h4\u003e\n\u003cp\u003eAssigning a security control baseline\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eInvestigating security control families\u003c\/li\u003e\n\u003cli\u003eDetermining the baseline from system security impact\u003c\/li\u003e\n\u003cli\u003eSpecialized considerations for NSS (National Security Systems)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eTailoring the baseline to fit the system\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eExamining the structure of security controls, enhancements, and parameters\u003c\/li\u003e\n\u003cli\u003eBinding control overlays to the selected baseline\u003c\/li\u003e\n\u003cli\u003eGauging the need for enhanced assurance\u003c\/li\u003e\n\u003cli\u003eDistinguishing system-specific, compensating, and non-applicable controls\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 4: Reducing Risk through Effective Control Implementation\u003c\/h4\u003e\n\u003cp\u003eSpecifying the implementation approach\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eMaximizing security effectiveness by \"building in\" security\u003c\/li\u003e\n\u003cli\u003eReducing residual risk in legacy systems via \"bolt-on\" security elements\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eApplying NIST controls\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEnhancing system robustness through selection of evaluated and validated components\u003c\/li\u003e\n\u003cli\u003eCoordinating implementation approaches to administrative, operational, and technical controls\u003c\/li\u003e\n\u003cli\u003eProviding evidence of compliance through supporting artifacts\u003c\/li\u003e\n\u003cli\u003eImplementing CNSSI-1253 for national security systems\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 5: Assessing Compliance Scope and Depth\u003c\/h4\u003e\n\u003cp\u003eDeveloping an assessment plan\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePrioritizing depth of control assessment\u003c\/li\u003e\n\u003cli\u003eOptimizing validation through sequencing and consolidation\u003c\/li\u003e\n\u003cli\u003eVerifying compliance through tests, interviews, and examinations\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eFormulating an authorization recommendation\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEvaluating overall system security risk\u003c\/li\u003e\n\u003cli\u003eMitigating residual risks\u003c\/li\u003e\n\u003cli\u003ePublishing the POA\u0026amp;M (Plan of Action and Milestones), the risk assessment and recommendation\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 6: Authorizing System Operation\u003c\/h4\u003e\n\u003cp\u003eAligning authority and responsibility\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eQuantifying organizational risk tolerance\u003c\/li\u003e\n\u003cli\u003eElevating authorization decisions in high-risk scenarios\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eForming a risk-based decision\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAppraising system operational impact\u003c\/li\u003e\n\u003cli\u003eWeighing residual risk against operational utility\u003c\/li\u003e\n\u003cli\u003eIssuing ATO (Authority to Operate)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 7: Maintaining Continued Compliance\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eJustifying continuous reauthorization\u003c\/li\u003e\n\u003cli\u003ePreserving an acceptable security posture\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"268A93US \/ 2026-08-18T09:00:00 \/ Herndon, VA","offer_id":47534210089179,"sku":"US-2051-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"267D50US \/ 2026-07-14T09:00:00 \/ Herndon, VA","offer_id":48216549949659,"sku":"US-2051-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"26BC55US \/ 2026-11-17T09:00:00 \/ Herndon, VA","offer_id":48216549982427,"sku":"US-2051-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"271C36US \/ 2027-01-12T09:00:00 \/ Herndon, VA","offer_id":48216550015195,"sku":"US-2051-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"273B88US \/ 2027-03-16T09:00:00 \/ Herndon, VA","offer_id":48377302122715,"sku":"US-2051-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"275C36US \/ 2027-05-18T09:00:00 \/ Herndon, VA","offer_id":48780664864987,"sku":"US-2051-IL","price":2512.0,"currency_code":"USD","in_stock":true}]},{"product_id":"cmmc-2-0-and-nist-sp-800-171-compliance-training","title":"CMMC 2.0 Compliance Training","description":"\u003cdiv\u003e\n\u003cp\u003eRecent sweeping updates to the U.S. Department of Defense Cybersecurity Maturity Model Certification (CMMC) requirements have left the consultants, contractors, and the Defense Industrial Base (DIB) questioning where this leaves us and how to proceed. This course is intended to address the questions of what CMMC 2.0 is all about, how certification will work under the new model, the SP 800-171 requirements that must be satisfied and how to meet them, and what this means for DoD contracting organizations.\u003c\/p\u003e\r\n\u003cp\u003eThese exact 800-171 requirements cover all Non-Federal Organizations (NFOs) that handle U.S. Federal Government controlled unclassified information. This course will also feature self-attestation guidance and will help organizations meet the external 3rd party assessments that will still be required for a subset of businesses handling protected U.S. Federal Government information.\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eCMMC 2.0 Compliance Training Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCMMC 2.0 Compliance Training Course Benefits\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eUnderstand and comply with the new CMMC 2.0 framework\u003c\/li\u003e\n\u003cli\u003eAssess CMMC 2.0 and CMMC 1.0 differences and repercussions to your organization\u003c\/li\u003e\n\u003cli\u003eMeet NIST SP 800-171 requirements\u003c\/li\u003e\n\u003cli\u003ePerform self-assessments conforming to DFARS standards and generate a SPRS score\u003c\/li\u003e\n\u003cli\u003eIdentify which contract levels are subject to independent assessments\u003c\/li\u003e\n\u003cli\u003eSatisfy third-party CMMC 2.0\/SP 800-171 assessments\u003c\/li\u003e\n\u003cli\u003eMaintain an acceptable security posture over the contract lifecycle\u003c\/li\u003e\n\u003cli\u003eContinue learning and face new challenges with after-course one-on-one instructor coaching\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCMMC 2.0 Compliance Training Course Prerequisites\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003ePrior security experience is helpful but not necessary. Critical thinking skills and the ability to make decisions are key.\u003c\/p\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eCMMC 2.0 Compliance Training Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 1 – The Nature of Protected Information\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAcknowledging the importance of protecting US Government information\u003c\/li\u003e\n\u003cli\u003eRecognizing categories of protected information\u003c\/li\u003e\n\u003cli\u003eDescribing protected information and the law\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 2 – Threats to Protected Information\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDefining types of security failures\u003c\/li\u003e\n\u003cli\u003eJudging the impact of security failures\u003c\/li\u003e\n\u003cli\u003eDefining risk\u003c\/li\u003e\n\u003cli\u003eIdentifying threats and vulnerabilities in organizational systems\u003c\/li\u003e\n\u003cli\u003eRecognizing motivations for data compromise\u003c\/li\u003e\n\u003cli\u003eIdentifying characteristics of threat actors\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 3 – Introduction to CMMC 2.0\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDescribing CMMC Goals\u003c\/li\u003e\n\u003cli\u003eSynopsizing CMMC Evolution\u003c\/li\u003e\n\u003cli\u003eDefining the model tiers\u003c\/li\u003e\n\u003cli\u003eDescribing the four CMMC 2.0 program phases\u003c\/li\u003e\n\u003cli\u003eListing assessment requirements\u003c\/li\u003e\n\u003cli\u003eExplaining model implementation\u003c\/li\u003e\n\u003cli\u003eCharting the CMMC implementation timeline\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 4 – CMMC 2.0 and NIST SP 800-171\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDescribing NIST SP 800-171, SP 800-171A, and SP 800-172\u003c\/li\u003e\n\u003cli\u003eCategorizing security controls\u003c\/li\u003e\n\u003cli\u003eIdentifying SP 800-171 control families\u003c\/li\u003e\n\u003cli\u003eDescribing SP 800-171 security control structure\u003c\/li\u003e\n\u003cli\u003eExplaining the importance of basic assumptions underlying SP 800-171\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 5 – Characterizing the Non-Federal System\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eIdentifying NARA CUI categories and markings\u003c\/li\u003e\n\u003cli\u003eVerifying confidentiality impact level\u003c\/li\u003e\n\u003cli\u003eIdentifying special considerations for classified defense information\u003c\/li\u003e\n\u003cli\u003eDetermining the organizational system boundary\u003c\/li\u003e\n\u003cli\u003eBuilding the System Security Plan\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 6 – Securing the Organizational System\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eDetermining the security control baseline\u003c\/li\u003e\n\u003cli\u003eAssessing the need for enhanced assurance\u003c\/li\u003e\n\u003cli\u003eUpdating the System Security Plan\u003c\/li\u003e\n\u003cli\u003eTailoring the security control baseline\u003c\/li\u003e\n\u003cli\u003eSelecting the approach to securing organizational systems\u003c\/li\u003e\n\u003cli\u003eImplementing security controls\u003c\/li\u003e\n\u003cli\u003eDocumenting security control implementation, compliance, and effectiveness\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 7 – Assessing System Cybersecurity Risk\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eBuilding the Security Assessment Plan\u003c\/li\u003e\n\u003cli\u003eAssessment methodologies\u003c\/li\u003e\n\u003cli\u003eAssessment optimization\u003c\/li\u003e\n\u003cli\u003eAssessing security control compliance and effectiveness\u003c\/li\u003e\n\u003cli\u003eDocumenting security control compliance\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 8 – Reporting Self-Assessment Results\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eCompleting the System Security Plan\u003c\/li\u003e\n\u003cli\u003eBuilding the Plan of Action and Milestones (POA\u0026amp;M)\u003c\/li\u003e\n\u003cli\u003eRequesting CMMC waivers\u003c\/li\u003e\n\u003cli\u003eCompiling the assessment report\u003c\/li\u003e\n\u003cli\u003ePreserving an acceptable system security posture\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"267B56US \/ 2026-07-07T09:00:00 \/ Herndon, VA","offer_id":47534211694811,"sku":"US-2074-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"26AC19US \/ 2026-10-06T09:00:00 \/ Herndon, VA","offer_id":48216550932699,"sku":"US-2074-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"271C64US \/ 2027-01-05T09:00:00 \/ Herndon, VA","offer_id":48216550965467,"sku":"US-2074-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"274C16US \/ 2027-04-06T09:00:00 \/ Herndon, VA","offer_id":48567540187355,"sku":"US-2074-IL","price":2512.0,"currency_code":"USD","in_stock":true}]},{"product_id":"microsoft-cybersecurity-architect-sc-100","title":"Microsoft Cybersecurity Architect (SC-100)","description":"\u003cdiv\u003e\n\u003cp\u003eThis is an advanced, expert-level course. This \u003cstrong\u003eMicrosoft Cybersecurity Architect (SC-100) course\u003c\/strong\u003e prepares students with the expertise to design and evaluate cybersecurity strategies in the following areas: Zero Trust, Governance Risk Compliance (GRC), security operations (SecOps), and data and applications. Students will also learn how to design and architect solutions using zero trust principles and specify security requirements for cloud infrastructure in different service models (SaaS, PaaS, IaaS).\u003c\/p\u003e\r\n\u003cp\u003eAlthough not required to attend, students are strongly encouraged to have taken and passed another associate-level certification in the security, compliance and identity portfolio (such as AZ-500, SC-200 or SC-300) before attending this class. \u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eMicrosoft Cybersecurity Architect (SC-100) Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cb\u003eBenefits of Attending\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eGain hands-on experience with CAF, WAF, MCRA, and MCSB.\u003c\/li\u003e\n\u003cli\u003eBuild a modern, proactive security posture across your organization.\u003c\/li\u003e\n\u003cli\u003eLearn how to defend against ransomware, insider risks, and supply chain attacks.\u003c\/li\u003e\n\u003cli\u003eApply strategies for SaaS, PaaS, IaaS, hybrid, and multicloud workloads.\u003c\/li\u003e\n\u003cli\u003eTranslate regulatory requirements into practical security solutions.\u003c\/li\u003e\n\u003cli\u003eDesign protections for identities, endpoints, applications, networks, and data.\u003c\/li\u003e\n\u003cli\u003eTest your skills through interactive case studies based on real-world scenarios.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePrerequisites\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eBefore attending this SC-100 course, students must have:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eHighly recommended to have attended and passed one of the associate-level certifications in the security, compliance and identity portfolio (such as AZ-500, SC-200 or SC-300).\u003c\/li\u003e\n\u003cli\u003eAdvanced experience and knowledge in identity and access, platform protection, security operations, securing data and securing applications.\u003c\/li\u003e\n\u003cli\u003eExperience with hybrid and cloud implementations.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eExam Information\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eThis course can help you prepare for the following Microsoft role-based certification exam — \u003ca href=\"https:\/\/docs.microsoft.com\/en-us\/learn\/certifications\/exams\/sc-100\" title=\"Microsoft Exam SC-100: Microsoft Cybersecurity Architect | Microsoft Learn\" rel=\"nofollow noopener\" target=\"_blank\"\u003eMicrosoft Exam SC-100: Microsoft Cybersecurity Architect\u003c\/a\u003e.\u003c\/p\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eMicrosoft Cybersecurity Architect Course Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLearning Objectives\u003c\/h4\u003e\n\u003cp\u003e\u003cb\u003eIntroduction to Zero Trust and Best Practice Frameworks\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eIntroduction to best practices\u003c\/li\u003e\n\u003cli\u003eIntroduction to Zero Trust\u003c\/li\u003e\n\u003cli\u003eZero Trust initiatives\u003c\/li\u003e\n\u003cli\u003eZero Trust technology pillars (Part 1)\u003c\/li\u003e\n\u003cli\u003eZero Trust technology pillars (Part 2)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eDesign Security Solutions that Align with CAF and WAF\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eDefine a security strategy\u003c\/li\u003e\n\u003cli\u003eCloud Adoption Framework secure methodology\u003c\/li\u003e\n\u003cli\u003eAzure Landing Zones and security design\u003c\/li\u003e\n\u003cli\u003eWell-Architected Framework and the security pillar\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eDesign Solutions that Align with MCRA and MCSB\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eMicrosoft Cybersecurity Reference Architecture and Cloud Security Benchmark\u003c\/li\u003e\n\u003cli\u003eDesign solutions with best practices for capabilities and controls\u003c\/li\u003e\n\u003cli\u003eProtect against insider, external, and supply chain attacks\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eDesign a Resiliency Strategy for Ransomware and Other Attacks\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eCommon cyberthreats and attack patterns\u003c\/li\u003e\n\u003cli\u003eSupport business resiliency\u003c\/li\u003e\n\u003cli\u003eMitigate ransomware with BCDR and privileged access\u003c\/li\u003e\n\u003cli\u003eDesign solutions for secure backup and restore\u003c\/li\u003e\n\u003cli\u003eEvaluate solutions for security updates\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eDesign Solutions for Regulatory Compliance\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eTranslate compliance requirements into security controls\u003c\/li\u003e\n\u003cli\u003eAddress compliance with Microsoft Purview\u003c\/li\u003e\n\u003cli\u003eAddress privacy requirements with Microsoft Priva\u003c\/li\u003e\n\u003cli\u003eAddress compliance and security with Azure Policy\u003c\/li\u003e\n\u003cli\u003eValidate alignment with standards using Microsoft Defender for Cloud\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eDesign Solutions for Identity and Access Management\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eDesign cloud, hybrid, and multicloud access strategies (including Microsoft Entra ID)\u003c\/li\u003e\n\u003cli\u003eDesign a solution for external identities\u003c\/li\u003e\n\u003cli\u003eDesign authentication and authorization strategies\u003c\/li\u003e\n\u003cli\u003eAlign conditional access with Zero Trust\u003c\/li\u003e\n\u003cli\u003eHarden Active Directory Domain Services (AD DS)\u003c\/li\u003e\n\u003cli\u003eManage secrets, keys, and certificates\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eDesign Solutions for Securing Privileged Access\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eThe enterprise access model\u003c\/li\u003e\n\u003cli\u003eEvaluate Microsoft Entra ID security and governance\u003c\/li\u003e\n\u003cli\u003eSecure tenant administration\u003c\/li\u003e\n\u003cli\u003ePrivileged access workstations and bastion services\u003c\/li\u003e\n\u003cli\u003eAccess review management solutions\u003c\/li\u003e\n\u003cli\u003eSecure on-premises AD DS against common attacks\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eDesign Solutions for Security Operations\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eDesign monitoring for hybrid and multicloud environments\u003c\/li\u003e\n\u003cli\u003eCentralized logging and auditing (including Purview Audit)\u003c\/li\u003e\n\u003cli\u003eSIEM and XDR solutions\u003c\/li\u003e\n\u003cli\u003eSOAR solutions\u003c\/li\u003e\n\u003cli\u003eSecurity workflows: incident response, threat hunting, and management\u003c\/li\u003e\n\u003cli\u003eThreat detection coverage with MITRE ATT\u0026amp;CK matrices\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eInteractive Case Study – Modernizing Identity and Data Security\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eApply architect skills to an identity and data security scenario\u003c\/li\u003e\n\u003cli\u003eAnalyze requirements, answer conceptual and technical questions\u003c\/li\u003e\n\u003cli\u003eDesign a solution to meet business needs\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eInteractive Case Study – Modernizing User Access Control and Threat Resilience\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eApply architect skills to an access control and resilience scenario\u003c\/li\u003e\n\u003cli\u003eAnalyze requirements, answer conceptual and technical questions\u003c\/li\u003e\n\u003cli\u003eDesign a solution to meet business needs\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eDesign Solutions for Securing Microsoft 365\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eEvaluate security posture for Exchange, SharePoint, OneDrive, and Teams\u003c\/li\u003e\n\u003cli\u003eDesign a Microsoft Defender XDR solution\u003c\/li\u003e\n\u003cli\u003eDesign operational practices for Microsoft 365\u003c\/li\u003e\n\u003cli\u003eEvaluate data security and compliance in Microsoft Copilot for Microsoft 365\u003c\/li\u003e\n\u003cli\u003eSecure data with Microsoft Purview\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eDesign Solutions for Securing Applications\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eStandards for secure application development\u003c\/li\u003e\n\u003cli\u003eEvaluate application portfolio security posture\u003c\/li\u003e\n\u003cli\u003eApplication threat modeling\u003c\/li\u003e\n\u003cli\u003eSecurity lifecycle strategy for applications\u003c\/li\u003e\n\u003cli\u003eSecure workload identities\u003c\/li\u003e\n\u003cli\u003eAPI management and security\u003c\/li\u003e\n\u003cli\u003eSecure access to applications\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eDesign Solutions for Securing an Organization’s Data\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eSolutions for data discovery and classification\u003c\/li\u003e\n\u003cli\u003eEncryption at rest and in transit (Azure Key Vault, infrastructure encryption)\u003c\/li\u003e\n\u003cli\u003eData security for Azure workloads and storage\u003c\/li\u003e\n\u003cli\u003eSecurity with Microsoft Defender for SQL and Defender for Storage\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eInteractive Case Study – Securing Apps and Data\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eApply architect skills to an app and data security scenario\u003c\/li\u003e\n\u003cli\u003eAnalyze requirements, answer conceptual and technical questions\u003c\/li\u003e\n\u003cli\u003eDesign a solution to meet business needs\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eSpecify Requirements for Securing SaaS, PaaS, and IaaS Services\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eSecurity baselines for SaaS, PaaS, and IaaS\u003c\/li\u003e\n\u003cli\u003eSecurity for IoT workloads\u003c\/li\u003e\n\u003cli\u003eSecurity for web workloads\u003c\/li\u003e\n\u003cli\u003eSecurity for containers and orchestration\u003c\/li\u003e\n\u003cli\u003eEvaluate AI services security\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eDesign Solutions for Security Posture Management in Hybrid and Multicloud Environments\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eEvaluate posture with Microsoft Cloud Security Benchmark\u003c\/li\u003e\n\u003cli\u003eDesign integrated posture management and workload protection\u003c\/li\u003e\n\u003cli\u003eEvaluate posture with Microsoft Defender for Cloud (secure score)\u003c\/li\u003e\n\u003cli\u003eCloud workload protection with Microsoft Defender for Cloud\u003c\/li\u003e\n\u003cli\u003eIntegrate environments with Azure Arc\u003c\/li\u003e\n\u003cli\u003eExternal attack surface management\u003c\/li\u003e\n\u003cli\u003eExposure management attack paths\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eDesign Solutions for Securing Server and Client Endpoints\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eServer security requirements\u003c\/li\u003e\n\u003cli\u003eMobile and client device security\u003c\/li\u003e\n\u003cli\u003eIoT and embedded device security\u003c\/li\u003e\n\u003cli\u003eSecure OT and ICS with Microsoft Defender for IoT\u003c\/li\u003e\n\u003cli\u003eBaselines for server and client endpoints\u003c\/li\u003e\n\u003cli\u003eSecure remote access\u003c\/li\u003e\n\u003cli\u003eWindows LAPS solutions\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eDesign Solutions for Network Security\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eNetwork segmentation\u003c\/li\u003e\n\u003cli\u003eTraffic filtering with NSGs\u003c\/li\u003e\n\u003cli\u003eNetwork posture management\u003c\/li\u003e\n\u003cli\u003eNetwork monitoring\u003c\/li\u003e\n\u003cli\u003eSolutions with Microsoft Entra Internet Access\u003c\/li\u003e\n\u003cli\u003eSolutions with Microsoft Entra Private Access\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eInteractive Case Study – Securing Endpoints and Infrastructure\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eApply architect skills to endpoint and infrastructure security\u003c\/li\u003e\n\u003cli\u003eAnalyze requirements, answer conceptual and technical questions\u003c\/li\u003e\n\u003cli\u003eDesign a solution to meet business needs\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Microsoft","offers":[{"title":"267A50US \/ 2026-07-14T09:00:00 \/ Herndon, VA","offer_id":47534206517467,"sku":"US-8671-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"271B68US \/ 2027-01-12T09:00:00 \/ Herndon, VA","offer_id":48216579309787,"sku":"US-8671-IL","price":2512.0,"currency_code":"USD","in_stock":true}]},{"product_id":"implement-retention-ediscovery-and-communication-compliance-in-microsoft-purview-sc-5007","title":"Implement retention, eDiscovery, and Communication compliance in Microsoft Purview (SC-5007)","description":"\u003cdiv\u003e\u003cp\u003eThis hands-on course provides compliance professionals and auditors with the skills to manage data lifecycle, records management, eDiscovery, and communication compliance using Microsoft Purview. Learn how to create and manage retention policies, conduct eDiscovery (Premium) investigations, and implement communication compliance policies to ensure regulatory adherence. Gain practical experience in preserving, analyzing, and monitoring organizational data across Microsoft 365 services.\u003c\/p\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eImplement retention, eDiscovery, and Communication compliance in Microsoft Purview (SC-5007) Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this course, you will:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eLearn how to manage data retention and enforce compliance with retention policies.\u003c\/li\u003e\n\u003cli\u003eImplement Microsoft Purview eDiscovery (Premium) to collect, review, and export case content.\u003c\/li\u003e\n\u003cli\u003eUse auto-apply retention labels to classify and manage records automatically.\u003c\/li\u003e\n\u003cli\u003eCreate and manage communication compliance policies to monitor company communications.\u003c\/li\u003e\n\u003cli\u003eGain hands-on experience in conducting eDiscovery searches and compliance investigations.\u003c\/li\u003e\n\u003cli\u003eEnsure regulatory compliance by configuring event-based retention and disposition reviews.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePrerequisites\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eBasic understanding of data governance and compliance concepts.\u003c\/li\u003e\n\u003cli\u003eFamiliarity with Microsoft Purview and its interface.\u003c\/li\u003e\n\u003cli\u003eKnowledge of data lifecycle management principles.\u003c\/li\u003e\n\u003cli\u003eExperience with eDiscovery processes.\u003c\/li\u003e\n\u003cli\u003eAwareness of communication compliance requirements.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eRetention, eDiscovery, Compliance in Purview Training Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLearning Objectives\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003eModule 1: Implement and Manage Retention with Microsoft Purview\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eOverview of retention policies and records management.\u003c\/li\u003e\n\u003cli\u003eCreating and managing adaptive and static retention policies.\u003c\/li\u003e\n\u003cli\u003eImplementing event-based retention and disposition reviews.\u003c\/li\u003e\n\u003cli\u003eAuto-applying retention labels across Microsoft 365.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eModule 2: Manage Microsoft Purview eDiscovery (Premium)\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eIntroduction to Microsoft Purview eDiscovery (Premium).\u003c\/li\u003e\n\u003cli\u003eCreating and managing eDiscovery cases and custodian data sources.\u003c\/li\u003e\n\u003cli\u003eCollecting, reviewing, and analyzing case content.\u003c\/li\u003e\n\u003cli\u003eExporting eDiscovery reports for investigations.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eModule 3: Prepare Microsoft Purview Communication Compliance\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eUnderstanding communication compliance policies and workflows.\u003c\/li\u003e\n\u003cli\u003eIdentifying and resolving communication compliance violations.\u003c\/li\u003e\n\u003cli\u003eUsing Copilot for Microsoft 365 for compliance monitoring.\u003c\/li\u003e\n\u003cli\u003eInvestigating and remediating compliance alerts.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eModule 4: Hands-On Lab – Implement Retention, eDiscovery, and Communication Compliance\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eCreating retention policies and labels for compliance.\u003c\/li\u003e\n\u003cli\u003eConducting an eDiscovery search to investigate organizational data.\u003c\/li\u003e\n\u003cli\u003eSetting up a communication compliance policy to monitor Microsoft 365 communication channels.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Microsoft","offers":[{"title":"266B14US \/ 2026-06-30T09:00:00 \/ Online","offer_id":47534213923035,"sku":"US-8742-IL","price":716.0,"currency_code":"USD","in_stock":true},{"title":"269A95US \/ 2026-09-29T09:00:00 \/ Online","offer_id":47635677282523,"sku":"US-8742-IL","price":716.0,"currency_code":"USD","in_stock":true},{"title":"26CB72US \/ 2026-12-18T09:00:00 \/ Online","offer_id":48216581800155,"sku":"US-8742-IL","price":716.0,"currency_code":"USD","in_stock":true},{"title":"273B93US \/ 2027-03-31T09:00:00 \/ Online","offer_id":48525736575195,"sku":"US-8742-IL","price":716.0,"currency_code":"USD","in_stock":true}]},{"product_id":"management-of-risk-m_o_r®-foundation-and-practitioner-certification","title":"PRINCE2® Risk Management Certification","description":"\u003cdiv\u003e\n\u003cp\u003eThe PRINCE2® Risk Management Certification course equips experienced project managers with the knowledge and skills needed to apply, analyze, and tailor the PRINCE2® Risk Management framework across organizational contexts.\u003c\/p\u003e\r\n\u003cp\u003eAligned to M_o_R Practitioner version 4, the course emphasizes risk-informed decision making that both creates and protects value across strategic, portfolio, programme, project, product, and operational levels. Participants will work with realistic scenarios to practice applying principles, perspectives, people considerations, and the full risk management process cycle.\u003c\/p\u003e\r\n\u003cp\u003eThis course prepares attendees for the PRINCE2® Risk Management Practitioner exam, currently titled the Management of Risk (M_o_R®) 4 Practitioner exam, administered by PeopleCert.\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003ePRINCE2® Risk Management Certification Benefits\u003c\/h3\u003e\n\u003cul\u003e\u003cli\u003e\n\u003cp\u003e\u003cb\u003eCourse Benefits\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eOfficial PeopleCert training materials and M_o_R version 4 Practitioner exam voucher included\u003c\/li\u003e\n\u003cli\u003eExam-focused coverage of all syllabus learning outcomes\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eAudience \u0026amp; Prerequisites\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cb\u003eWho Should Attend: \u003c\/b\u003eThis course is intended for professionals who manage, support, or advise on risk, including: Project, programme, and portfolio managers; Risk and enterprise risk professionals; PMO leaders and analysts; Business change, service, and operational managers; Consultants and governance or assurance professionals.\u003c\/li\u003e\n\u003cli\u003e\n\u003cb\u003eOfficial Prerequisites:\u003c\/b\u003e There are no formal PeopleCert prerequisites, but this is a Practitioner-level certification course.\u003c\/li\u003e\n\u003cli\u003e\n\u003cb\u003eRecommended Knowledge:\u003c\/b\u003e Participants should have prior exposure to risk management concepts and experience working in project, programme, or operational environments.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eCertification \u0026amp; Exam Information\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cb\u003eCertification Alignment: \u003c\/b\u003eThis course prepares participants for the PRINCE2® Risk Management Practitioner certification, assessed via the Management of Risk (M_o_R®) 4 Practitioner exam.\u003c\/li\u003e\n\u003cli\u003e\n\u003cb\u003eCertification Expectations: \u003c\/b\u003eSome study outside of course hours will be required. Exam success depends on prior experience, preparation, and comfort navigating the Official Book.\u003c\/li\u003e\n\u003cli\u003e\n\u003cb\u003eM_o_R® 4 Practitioner Exam Details\u003c\/b\u003e\n\u003cul style=\"list-style-type: circle;\"\u003e\n\u003cli\u003e\n\u003cb\u003eExam Name:\u003c\/b\u003e Management of Risk (M_o_R®) 4 Practitioner\u003c\/li\u003e\n\u003cli\u003e\n\u003cb\u003eExam Duration:\u003c\/b\u003e 2 hours 15 minutes\u003c\/li\u003e\n\u003cli\u003e\n\u003cb\u003eNumber of Questions:\u003c\/b\u003e 65\u003c\/li\u003e\n\u003cli\u003e\n\u003cb\u003ePassing Score:\u003c\/b\u003e 33 out of 65\u003c\/li\u003e\n\u003cli\u003e\n\u003cb\u003eExam Style:\u003c\/b\u003e Multiple choice, scenario-based\u003c\/li\u003e\n\u003cli\u003e\n\u003cb\u003eOpen Book:\u003c\/b\u003e Yes – PRINCE2® Risk Management Official Book only\u003c\/li\u003e\n\u003cli\u003e\n\u003cb\u003eExam Delivery:\u003c\/b\u003e Online via PeopleCert web proctoring\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eWhat to Expect\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cb\u003eExam Prep Course\u003c\/b\u003e: This course is designed to help you prepare for both the foundation and practitioner certification exams. You can expect coverage of all exam learning objectives, with a focus on understanding key concepts, terminology, and how they’re assessed.\u003c\/li\u003e\n\u003cli\u003e\n\u003cb\u003eContent Volume\u003c\/b\u003e: Certification courses cover a large amount of material in a short time. Instructors prioritize content tied to exam objectives. Supplementary topics will be addressed as time allows.\u003c\/li\u003e\n\u003cli\u003e\n\u003cb\u003eClass Pace\u003c\/b\u003e: Certification courses are fast-paced and adhere to a strict schedule, ensuring all exam objectives are covered. While discussions and examples are included, the focus remains on certification readiness.\u003c\/li\u003e\n\u003cli\u003e\n\u003cb\u003eOutside of Class Study Time:\u003c\/b\u003e Plan for self-study outside of class, especially if the concepts are new to you. Passing the exam is not guaranteed.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003ePRINCE2 Risk Management Certification Training Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLearning objectives:\u003c\/h4\u003e\n\u003cp\u003e\u003cb\u003eRequired Pre-Course Preparation\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eReview all pre-course communication from Learning Tree before class to understand how to access all your course materials.\u003c\/li\u003e\n\u003cli\u003eEnsure you have access to your My Learning Tree portals before the start of class. Reach out to Learning Tree customer service if you are having trouble.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 1: PRINCE2® Risk Management Overview\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eDescribe risk, uncertainty, and the purpose of risk management\u003c\/li\u003e\n\u003cli\u003eDistinguish risks from issues\u003c\/li\u003e\n\u003cli\u003eUnderstand how risk management supports governance and enterprise risk management\u003c\/li\u003e\n\u003cli\u003eApply the principles of PRINCE2® Risk Management\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 2: Risk Management Perspectives\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eUnderstand risk management across organizational perspectives\u003c\/li\u003e\n\u003cli\u003eApply risk management at strategic, portfolio, programme, project, product, and operational levels\u003c\/li\u003e\n\u003cli\u003eAnalyze how perspective influences risk appetite and decision-making \u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 3: People and Culture\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eUnderstand how people and culture influence risk management effectiveness\u003c\/li\u003e\n\u003cli\u003eIdentify decision biases and common risk management challenges\u003c\/li\u003e\n\u003cli\u003eApply techniques to build and sustain an effective risk culture\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 4: The Risk Management Process Cycle – Part 1\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003e\u003cb\u003eApply the identify and assess processes\u003c\/b\u003e\u003c\/li\u003e\n\u003cli\u003e\n\u003cb\u003eUnderstand inputs\u003c\/b\u003e, outputs, techniques, roles, and documentation\u003c\/li\u003e\n\u003cli\u003eAnalyze risk exposure and prioritization\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 5: The Risk Management Process Cycle – Part 2\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eApply \u003cb\u003ethe plan responses, implement responses, and monitor and report progress processes\u003c\/b\u003e\n\u003c\/li\u003e\n\u003cli\u003e\u003cb\u003eUnderstand contingency, escalation, and reporting practices\u003c\/b\u003e\u003c\/li\u003e\n\u003cli\u003e\n\u003cb\u003eTailor responses to different\u003c\/b\u003e organizational contexts\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 6: Review, Adapt, and Consolidate Learning\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eApply the review and adapt process\u003c\/li\u003e\n\u003cli\u003eUnderstand how risk management evolves over time\u003c\/li\u003e\n\u003cli\u003eConsolidate learning across principles, perspectives, people, and processes\u003c\/li\u003e\n\u003cli\u003ePrepare for the M_o_R® 4 Practitioner exam, including exam technique and open-book strategy\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"268A40US \/ 2026-08-12T09:00:00 \/ Herndon, VA","offer_id":47534221623515,"sku":"US-1846-IL","price":2396.0,"currency_code":"USD","in_stock":true},{"title":"26BB34US \/ 2026-11-04T09:00:00 \/ Herndon, VA","offer_id":48216588714203,"sku":"US-1846-IL","price":2396.0,"currency_code":"USD","in_stock":true},{"title":"275B21US \/ 2027-05-12T09:00:00 \/ Herndon, VA","offer_id":48762853589211,"sku":"US-1846-IL","price":2396.0,"currency_code":"USD","in_stock":true}]},{"product_id":"isaca-advanced-in-ai-audit-aaia-certification","title":"ISACA Advanced in AI Audit (AAIA) Certification","description":"\u003cdiv\u003e\u003cp\u003eThis two-day, instructor-led course provides IS auditors with the foundational knowledge and background of AI solutions to evaluate their proper governance, design, development, and security to apply their expertise in audit and assurance activities in the enterprise. The course is structured to align with the job practice and features a variety of knowledge check questions, case studies, activities, and discussions designed to apply the concepts to real-life business scenarios.\u003c\/p\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eISACA Advanced in AI Audit (AAIA) Certification Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this course, you will:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eExplain the principles of AI Governance and Risk Management\u003c\/li\u003e\n\u003cli\u003eImplement effective AI Operations practices\u003c\/li\u003e\n\u003cli\u003eUtilize AI Auditing Tools and Techniques\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cb\u003ePrerequisites\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003eIT Audit professionals with a CISA, CIA, or CPA certification looking to enhance their expertise in navigating AI-driven challenges while upholding the highest industry standards.\u003c\/p\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eISACA AI Audit Certification Course Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLearning Objectives\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003eDomain 1. AI Governance and Risk\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eLearning Objectives:\u003c\/p\u003e\n\u003cp\u003eWithin this domain, the AI auditor should be able to:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEvaluate impacts, opportunities, and risk when integrating AI solutions within the audit process.\u003c\/li\u003e\n\u003cli\u003eEvaluate AI solutions to advise on impact, opportunities, and risk to organization.\u003c\/li\u003e\n\u003cli\u003eEvaluate the impact of AI solutions on system interactions, environment, and humans.\u003c\/li\u003e\n\u003cli\u003eEvaluate the role and impact of AI decision-making systems on the organization and stakeholders.\u003c\/li\u003e\n\u003cli\u003eEvaluate the organization’s AI policies and procedures, including compliance with legal and regulatory requirements.\u003c\/li\u003e\n\u003cli\u003eEvaluate the monitoring and reporting of metrics (e.g., KPIs, KRIs) specific to AI.\u003c\/li\u003e\n\u003cli\u003eEvaluate whether the organization has defined ownership of AI-related risk, controls, procedures, decisions, and standards.\u003c\/li\u003e\n\u003cli\u003eEvaluate the organization’s data governance program specific to AI.\u003c\/li\u003e\n\u003cli\u003eEvaluate the organization’s privacy program specific to AI.\u003c\/li\u003e\n\u003cli\u003eEvaluate the organization’s problem and incident management programs specific to AI.\u003c\/li\u003e\n\u003cli\u003eEvaluate the organization’s change management program specific to AI.\u003c\/li\u003e\n\u003cli\u003eEvaluate the organization’s configuration management program specific to AI.\u003c\/li\u003e\n\u003cli\u003eEvaluate the organization’s threat and vulnerability management programs specific to AI.\u003c\/li\u003e\n\u003cli\u003eEvaluate the organization’s identity and access management program specific to AI.\u003c\/li\u003e\n\u003cli\u003eEvaluate vendors and supply chain management program specific to AI solutions.\u003c\/li\u003e\n\u003cli\u003eEvaluate the design and effectiveness of controls specific to AI.\u003c\/li\u003e\n\u003cli\u003eEvaluate data inputs requirements for AI models (e.g., data appropriateness, bias, and privacy).\u003c\/li\u003e\n\u003cli\u003eEvaluate system\/business requirements for AI solutions to ensure alignment with enterprise architecture.\u003c\/li\u003e\n\u003cli\u003eEvaluate AI solution life cycle (e.g., design, development, deployment, monitoring, and decommissioning) and inputs\/outputs for compliance and risk.\u003c\/li\u003e\n\u003cli\u003eEvaluate algorithms and models to ensure AI solutions are aligned to business objectives, policies, and procedures.\u003c\/li\u003e\n\u003cli\u003eAnalyze the impact of AI on the workforce to advise stakeholders on how to address AI-related workforce impacts, training, and education.\u003c\/li\u003e\n\u003cli\u003eEvaluate that awareness programs align to the organization’s AI-related policies and procedures.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e \u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eSection A. AI Models, Considerations, and Requirements\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e1. Types of AI\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eGenerative\u003c\/li\u003e\n\u003cli\u003ePredictive\u003c\/li\u003e\n\u003cli\u003eNarrow\u003c\/li\u003e\n\u003cli\u003eGeneral\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e2. Machine learning\/AI Models\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eBasic models\u003c\/li\u003e\n\u003cli\u003eNeural networks\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e3. Algorithms\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eClasses of Algorithms\u003c\/li\u003e\n\u003cli\u003eAdditional AI Considerations (technical terms and concepts relevant to the IS auditor)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e4. AI Lifecycle Overview\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePlan and Design\u003c\/li\u003e\n\u003cli\u003eCollect and Process Data\u003c\/li\u003e\n\u003cli\u003eBuild and\/or Adapt Model(s)\u003c\/li\u003e\n\u003cli\u003eTest, Evaluate, Verify, and Validate\u003c\/li\u003e\n\u003cli\u003eMake Available for Use\/Deploy\u003c\/li\u003e\n\u003cli\u003eOperate and Monitor\u003c\/li\u003e\n\u003cli\u003eRetire\/Decommission\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e5. Business Considerations\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eBusiness Use Cases, Needs, Scope, and Objectives\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cul\u003e\n\u003cli\u003eCost-Benefit Analysis\u003c\/li\u003e\n\u003cli\u003eReturn on Investment\u003c\/li\u003e\n\u003cli\u003eInternal vs. Cloud Hosting\u003c\/li\u003e\n\u003cli\u003eVendors\u003c\/li\u003e\n\u003cli\u003eShared Responsibility\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e \u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eSection B. AI Governance and Program Management\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e1. AI Strategy\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eStrategies\u003c\/li\u003e\n\u003cli\u003eOpportunities\u003c\/li\u003e\n\u003cli\u003eVision and Mission\u003c\/li\u003e\n\u003cli\u003eValue Alignment\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e2. AI-related Roles and Responsibilities\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eCategories, Focuses, and Common Examples\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e3. AI-related Policies and Procedures\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eUsage Policies\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e4. AI Training and Awareness\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eSkills, Knowledge, and Competencies\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e5. Program metrics\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eExamples of Metrics with Objectives and Definitions\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e \u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eSection C. AI Risk Management\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e1. AI-related Risk Identification\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAI Threat Landscape\u003c\/li\u003e\n\u003cli\u003eAI Risks\u003c\/li\u003e\n\u003cli\u003eChallenges for AI Risk Management\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e2. Risk Assessment\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eRisk Assessment\u003c\/li\u003e\n\u003cli\u003eRisk Appetite and Tolerance\u003c\/li\u003e\n\u003cli\u003eRisk Mitigation and Prioritization\u003c\/li\u003e\n\u003cli\u003eRemediation Plans\/Best Practices\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e3. Risk Monitoring\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eContinuous Improvement\u003c\/li\u003e\n\u003cli\u003eRisk and Performance Metrics\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e \u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eSection D. Privacy and Data Governance Programs\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e1. Data Governance\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eData Classification\u003c\/li\u003e\n\u003cli\u003eData Clustering\u003c\/li\u003e\n\u003cli\u003eData Licensing\u003c\/li\u003e\n\u003cli\u003eData Cleansing and Retention\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e2. Privacy Considerations\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eData Privacy\u003c\/li\u003e\n\u003cli\u003eData Ownership (Governance and Privacy)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e3. Privacy Regulatory Considerations\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eData Consent\u003c\/li\u003e\n\u003cli\u003eCollection, Use, and Disclosure\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e \u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eSection E. Leading Practices, Ethics, Regulations, and Standards for AI\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e1. Standards, Frameworks, and Regulations Related to AI\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eBest Practices\u003c\/li\u003e\n\u003cli\u003eIndustry Standards and Frameworks\u003c\/li\u003e\n\u003cli\u003eLaws and Regulations\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e2. Ethical Considerations\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEthical Use\u003c\/li\u003e\n\u003cli\u003eBias and Fairness\u003c\/li\u003e\n\u003cli\u003eTransparency and Explainability\u003c\/li\u003e\n\u003cli\u003eTrust and Safety\u003c\/li\u003e\n\u003cli\u003eIP Considerations\u003c\/li\u003e\n\u003cli\u003eHuman Rights\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e \u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eDomain 2. AI Operations\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eLearning Objectives:\u003c\/p\u003e\n\u003cp\u003eWithin this domain, the AI auditor should be able to:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEvaluate impacts, opportunities, and risk when integrating AI solutions within the audit process.\u003c\/li\u003e\n\u003cli\u003eEvaluate AI solutions to advise on impact, opportunities, and risk to organization.\u003c\/li\u003e\n\u003cli\u003eEvaluate the impact of AI solutions on system interactions, environment, and humans.\u003c\/li\u003e\n\u003cli\u003eEvaluate the role and impact of AI decision-making systems on the organization and stakeholders.\u003c\/li\u003e\n\u003cli\u003eEvaluate the organization’s AI policies and procedures, including compliance with legal and regulatory requirements.\u003c\/li\u003e\n\u003cli\u003eEvaluate the monitoring and reporting of metrics (e.g., KPIs, KRIs) specific to AI.\u003c\/li\u003e\n\u003cli\u003eEvaluate whether the organization has defined ownership of AI-related risk, controls, procedures, decisions, and standards.\u003c\/li\u003e\n\u003cli\u003eEvaluate the organization’s data governance program specific to AI.\u003c\/li\u003e\n\u003cli\u003eEvaluate the organization’s privacy program specific to AI.\u003c\/li\u003e\n\u003cli\u003eEvaluate the organization’s problem and incident management programs specific to AI.\u003c\/li\u003e\n\u003cli\u003eEvaluate the organization’s change management program specific to AI.\u003c\/li\u003e\n\u003cli\u003eEvaluate the organization’s configuration management program specific to AI.\u003c\/li\u003e\n\u003cli\u003eEvaluate the organization’s threat and vulnerability management programs specific to AI.\u003c\/li\u003e\n\u003cli\u003eEvaluate the organization’s identity and access management program specific to AI.\u003c\/li\u003e\n\u003cli\u003eEvaluate vendors and supply chain management program specific to AI solutions.\u003c\/li\u003e\n\u003cli\u003eEvaluate the design and effectiveness of controls specific to AI.\u003c\/li\u003e\n\u003cli\u003eEvaluate data inputs requirements for AI models (e.g., data appropriateness, bias, and privacy).\u003c\/li\u003e\n\u003cli\u003eEvaluate system\/business requirements for AI solutions to ensure alignment with enterprise architecture.\u003c\/li\u003e\n\u003cli\u003eEvaluate AI solution life cycle (e.g., design, development, deployment, monitoring, and decommissioning) and inputs\/outputs for compliance and risk.\u003c\/li\u003e\n\u003cli\u003eEvaluate algorithms and models to ensure AI solutions are aligned to business objectives, policies, and procedures.\u003c\/li\u003e\n\u003cli\u003eAnalyze the impact of AI on workforce to advise stakeholders to address AI-related workforce impacts, training, and education.\u003c\/li\u003e\n\u003cli\u003eEvaluate that awareness programs align to the organization’s AI-related policies and procedures.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e \u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eSection A. Data Management Specific to AI\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e1. Data Collection\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eConsent\u003c\/li\u003e\n\u003cli\u003eFit for Purpose\u003c\/li\u003e\n\u003cli\u003eData Lag\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e2. Data Classification\u003c\/p\u003e\n\u003cp\u003e3. Data Confidentiality\u003c\/p\u003e\n\u003cp\u003e4. Data Quality\u003c\/p\u003e\n\u003cp\u003e5. Data Balancing\u003c\/p\u003e\n\u003cp\u003e6. Data Scarcity\u003c\/p\u003e\n\u003cp\u003e7. Data Security\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eData Encoding\u003c\/li\u003e\n\u003cli\u003eData Access\u003c\/li\u003e\n\u003cli\u003eData Secrecy\u003c\/li\u003e\n\u003cli\u003eData Replication\u003c\/li\u003e\n\u003cli\u003eData Backup\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e \u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eSection B. AI Solution Development Methodologies and Lifecycle\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e1. AI Solution Development Life Cycle\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eUse Case Development\u003c\/li\u003e\n\u003cli\u003eDesign\u003c\/li\u003e\n\u003cli\u003eDevelopment\u003c\/li\u003e\n\u003cli\u003eDeployment\u003c\/li\u003e\n\u003cli\u003eMonitoring and Maintenance\u003c\/li\u003e\n\u003cli\u003eDecommission\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e2. Privacy and Security by Design\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eExplainability\u003c\/li\u003e\n\u003cli\u003eRobustness\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e \u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eSection C. Change Management Specific to AI\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e1. Change Management Considerations\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eData Dependency\u003c\/li\u003e\n\u003cli\u003eAI Model\u003c\/li\u003e\n\u003cli\u003eRegulatory and Societal Impact\u003c\/li\u003e\n\u003cli\u003eEmergency Changes\u003c\/li\u003e\n\u003cli\u003eConfiguration Management\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSection D. Supervision of AI Solutions\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e1. AI Agency\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eLogging and Monitoring\u003c\/li\u003e\n\u003cli\u003eAI Observability\u003c\/li\u003e\n\u003cli\u003eHuman in the Loop (HITL)\u003c\/li\u003e\n\u003cli\u003eHallucination\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSection E. Testing Techniques for AI Solutions\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e1. Conventional Software Testing Techniques\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eA\/B Testing\u003c\/li\u003e\n\u003cli\u003eUnit and Integration Testing\u003c\/li\u003e\n\u003cli\u003eObjective Verification\u003c\/li\u003e\n\u003cli\u003eCode Reviews\u003c\/li\u003e\n\u003cli\u003eBlack Box Testing\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e2. AI-Specific Testing Techniques\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eModel Cards\u003c\/li\u003e\n\u003cli\u003eBias Testing\u003c\/li\u003e\n\u003cli\u003eAdversarial Testing\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e \u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eSection F. Threats and Vulnerabilities Specific to AI\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e1. Types of AI-related Threats\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eTraining Data Leakage\u003c\/li\u003e\n\u003cli\u003eData Poisoning\u003c\/li\u003e\n\u003cli\u003eModel Poisoning\u003c\/li\u003e\n\u003cli\u003eModel Theft\u003c\/li\u003e\n\u003cli\u003ePrompt Injections\u003c\/li\u003e\n\u003cli\u003eModel Evasion\u003c\/li\u003e\n\u003cli\u003eModel Inversion\u003c\/li\u003e\n\u003cli\u003eThreats for Using Vendor Supplied AI\u003c\/li\u003e\n\u003cli\u003eAI Solution Disruption\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e2. Controls for AI-related Threats\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eThreat and Vulnerability Identification\u003c\/li\u003e\n\u003cli\u003ePrompt Templates\u003c\/li\u003e\n\u003cli\u003eDefensive Distillation\u003c\/li\u003e\n\u003cli\u003eRegularization\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e \u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eSection G. Incident Response Management Specific to AI\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e1. Prepare\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePolicies, Procedures, and Model Documentation\u003c\/li\u003e\n\u003cli\u003eIncident Response Team\u003c\/li\u003e\n\u003cli\u003eTabletop Exercises\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e2. Identify and Report\u003c\/p\u003e\n\u003cp\u003e3. Assess\u003c\/p\u003e\n\u003cp\u003e4. Respond\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eContainment\u003c\/li\u003e\n\u003cli\u003eEradication\u003c\/li\u003e\n\u003cli\u003eRecovery\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e \u003c\/p\u003e\n\u003cp\u003e5. Post-Incident Review\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eDomain 3. AI Auditing Tools and Techniques\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eLearning Objectives:\u003c\/p\u003e\n\u003cp\u003eWithin this domain, the AI auditor should be able to:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEvaluate impacts, opportunities, and risk when integrating AI solutions within the audit process.\u003c\/li\u003e\n\u003cli\u003eUtilize AI solutions to enhance audit processes, including planning, execution, and reporting.\u003c\/li\u003e\n\u003cli\u003eEvaluate the monitoring and reporting of metrics (e.g., KPIs, KRIs) specific to AI.\u003c\/li\u003e\n\u003cli\u003eEvaluate data input requirements for AI models (e.g., data appropriateness, bias, and privacy).\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e \u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eSection A. Audit Planning and Design\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e1. Identification of AI Assets and Controls\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eInventory Objective and Procedure\u003c\/li\u003e\n\u003cli\u003eInventory and Data Gathering Methods\u003c\/li\u003e\n\u003cli\u003eDocumentation\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cul\u003e\n\u003cli\u003eSurveys\u003c\/li\u003e\n\u003cli\u003eInterviews\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e2. Types of AI Controls\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eExamples including Control Categories, Controls, and Explanations\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e3. Audit Use Cases\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eLarge Language Models\u003c\/li\u003e\n\u003cli\u003eAudit Process Improvement\u003c\/li\u003e\n\u003cli\u003eGenerative AI\u003c\/li\u003e\n\u003cli\u003eAudit-Specific AI Applications\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e4. Internal Training for AI Use\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eKey Components for Auditor Knowledge\u003c\/li\u003e\n\u003cli\u003ePractical Skills Development\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e \u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eSection B. Audit Testing and Sampling Methodologies\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e1. Designing an AI Audit\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAI Audit Objectives\u003c\/li\u003e\n\u003cli\u003eAudit Scoping and Resources\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e2. AI Audit Testing Methodologies\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAI Systems Overall Testing\u003c\/li\u003e\n\u003cli\u003eFinancial Models\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e3. AI Sampling\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eJudgmental sampling\u003c\/li\u003e\n\u003cli\u003eAI sampling\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e4. Outcomes of AI testing\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eReduce false positives\u003c\/li\u003e\n\u003cli\u003eReduce workforce needs\u003c\/li\u003e\n\u003cli\u003eOutliers\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e \u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eSection C. Audit Evidence Collection Techniques\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e1. Data Collection\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eTraining and Testing Data\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cul\u003e\n\u003cli\u003eUnstructured and Structured Data Collection\u003c\/li\u003e\n\u003cli\u003eExtract, Transform, and Load\u003c\/li\u003e\n\u003cli\u003eData Manipulation\u003c\/li\u003e\n\u003cli\u003eScraping\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e2. Walkthroughs and interviews\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDesign Interview Questions\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e3. AI Collection Tools\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eUsing AI to Collect Logs\u003c\/li\u003e\n\u003cli\u003eAI agents to create outputs\u003c\/li\u003e\n\u003cli\u003eVoice to Speech\u003c\/li\u003e\n\u003cli\u003eOptimal Character Recognition\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e \u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eSection D. Audit Data Quality and Data Analytics\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e1. Data Quality\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eOptimization\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e2. Data Analytics\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eSentiment Analysis\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cul\u003e\n\u003cli\u003eRun Data Analytics\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e3. Data Reporting\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eReports\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cul\u003e\n\u003cli\u003eDashboards\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e \u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eSection E. AI Audit Outputs and Reports\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e1. Reports\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eReport Types (examples and details)\u003c\/li\u003e\n\u003cli\u003eAdvisory Reports\u003c\/li\u003e\n\u003cli\u003eCharts and Visualizations\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e2. Audit Follow-up\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAutomated follow-up\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e3. Quality Assurance and mitigate risk.\u003c\/p\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"267A85US \/ 2026-07-13T09:00:00 \/ Online","offer_id":47534214512859,"sku":"US-2020-IL","price":2396.0,"currency_code":"USD","in_stock":true},{"title":"26AB40US \/ 2026-10-13T09:00:00 \/ Herndon, VA","offer_id":48216540643547,"sku":"US-2020-IL","price":2396.0,"currency_code":"USD","in_stock":true},{"title":"271B58US \/ 2027-01-11T09:00:00 \/ Herndon, VA","offer_id":48216540676315,"sku":"US-2020-IL","price":2396.0,"currency_code":"USD","in_stock":true},{"title":"274B26US \/ 2027-04-12T09:00:00 \/ Herndon, VA","offer_id":48586417275099,"sku":"US-2020-IL","price":2396.0,"currency_code":"USD","in_stock":true}]},{"product_id":"ai-compliance-eu-ai-act-certification","title":"AI Compliance (EU AI Act) Certification","description":"\u003cdiv\u003e\n\u003cp\u003eThe A4Q AI Compliance certification (Certified Professional for AI Compliance – EU AI Act) validates essential knowledge and practical competencies required to interpret, apply, and evidence compliance with the \u003ca href=\"https:\/\/digital-strategy.ec.europa.eu\/en\/policies\/regulatory-framework-ai\" title=\"AI Act | Shaping Europe’s digital future | European Commission\" rel=\"nofollow noopener\" target=\"_blank\"\u003eEU AI Act\u003c\/a\u003e across the full AI system lifecycle. The certification confirms a comprehensive understanding of the Act’s core requirements, including risk-based classification, governance, documentation, transparency, and audit readiness - key capabilities for responsible and compliant AI deployment.\u003c\/p\u003e\r\n\u003cp\u003eCertificate holders demonstrate their ability to classify AI systems by risk level, apply high-risk obligations, support FRIA processes, contribute to post-market monitoring, and align AI governance with ISO\/IEC 42001, ISO\/IEC 23894, and relevant international frameworks. The certification also reflects an understanding of the global regulatory context influencing AI deployment in international environments.\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eAI Compliance (EU AI Act) Certification Benefits\u003c\/h3\u003e\n\u003cul\u003e\u003cli\u003e\n\u003cp\u003e\u003cb\u003eCourse Benefits\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003eFor Individuals:\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eGain an internationally recognized certification in AI compliance\u003c\/li\u003e\n\u003cli\u003eDemonstrate understanding of AI compliance principles applicable across industries\u003c\/li\u003e\n\u003cli\u003eLearn how to interpret and apply AI regulatory frameworks and standards\u003c\/li\u003e\n\u003cli\u003eBuild awareness of organizational processes and technology relevant to AI governance\u003c\/li\u003e\n\u003cli\u003ePrepare to contribute to AI compliance initiatives within your team or organization\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eFor Organizations:\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eEquip teams with a shared understanding of AI compliance requirements\u003c\/li\u003e\n\u003cli\u003eSupport adherence to regulatory frameworks, including AI-specific compliance guidelines\u003c\/li\u003e\n\u003cli\u003eFacilitate responsible adoption of AI technologies in line with organizational policies\u003c\/li\u003e\n\u003cli\u003eStrengthen internal capabilities to manage AI governance and compliance without sole reliance on external consultants\u003c\/li\u003e\n\u003cli\u003ePrepare staff to participate in AI risk management, audits, and policy implementation\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003ePrerequisites\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003eThere are no prerequisites. The certification is accessible to both technical and non-technical professionals. A general interest in AI, governance, regulation, or digital transformation is helpful but not required.\u003c\/p\u003e\n\u003c\/li\u003e\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eEU AI Act Compliance Certification Course Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLearning Objectives\u003c\/h4\u003e\n\u003cp\u003e\u003cb\u003eModule 1: Introduction to AI Compliance \u0026amp; the EU AI Act\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eWhat Is Artificial Intelligence in the Regulatory Context\u003c\/li\u003e\n\u003cli\u003eOverview of the EU AI Act\u003c\/li\u003e\n\u003cli\u003eImplementation Timeline (2024 – 2027)\u003c\/li\u003e\n\u003cli\u003eKey Statement\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 2: Risk-Based Approach \u0026amp; Classification\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eFundamental Principle of the Risk-Based Approach\u003c\/li\u003e\n\u003cli\u003eAnnex III – Automatically High-Risk AI Systems\u003c\/li\u003e\n\u003cli\u003eCriteria for Risk Classification\u003c\/li\u003e\n\u003cli\u003eObligations and Measures by Risk Level\u003c\/li\u003e\n\u003cli\u003eRisk Dynamics and Re-Assessments\u003c\/li\u003e\n\u003cli\u003eRisk-Based Prioritization of Measures\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModel 3: Global and Sectoral Regulatory Landscape\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eGlobal AI Regulation: Status and Trends\u003c\/li\u003e\n\u003cli\u003eComparison: EU AI Act ↔ International Regulations\u003c\/li\u003e\n\u003cli\u003eSectoral AI Regulation and Interfaces\u003c\/li\u003e\n\u003cli\u003eHarmonization and Strategies for Global AI Projects\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModel 4: Prohibited AI Practices (Art. 5 EU AI Act)\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eOverview of Prohibited Practices\u003c\/li\u003e\n\u003cli\u003eLegal and Fundamental Rights Basis\u003c\/li\u003e\n\u003cli\u003eExceptions under Article 5(2)–(3)\u003c\/li\u003e\n\u003cli\u003ePractical Awareness Measures\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModel 5: High-Risk AI Systems and Obligations (Arts. 6–51 EU AI Act)\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eIdentification of High-Risk AI Systems\u003c\/li\u003e\n\u003cli\u003eCore Obligations for High-Risk AI Systems\u003c\/li\u003e\n\u003cli\u003eImplementation within Organizations\u003c\/li\u003e\n\u003cli\u003eDocumentation and Evidence Obligations (Audit Readiness)\u003c\/li\u003e\n\u003cli\u003eExample – Applying High-Risk AI Obligations in Practice\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 12: Risk Management and Quality Management Systems\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eCore Principles of AI Risk Management\u003c\/li\u003e\n\u003cli\u003eThe Risk Management Cycle According to ISO\/IEC 23894 and the EU AI Act\u003c\/li\u003e\n\u003cli\u003eIntegration into Existing Management Systems\u003c\/li\u003e\n\u003cli\u003eDocumentation and Evidence Obligations\u003c\/li\u003e\n\u003cli\u003eGovernance, Roles, and Responsibilities\u003c\/li\u003e\n\u003cli\u003eImportance of Integration for Compliance and Quality\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 13: Conformity Assessment and CE Marking\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eFundamentals of Conformity Assessment (Art. 43 EU AI Act)\u003c\/li\u003e\n\u003cli\u003eContents of the Technical Documentation (Articles 11 \u0026amp; Annex IV)\u003c\/li\u003e\n\u003cli\u003eCE Marking Procedure (Article 49 EU AI Act)\u003c\/li\u003e\n\u003cli\u003eRole of Notified Bodies\u003c\/li\u003e\n\u003cli\u003eRegistration in the EU Database for High-Risk AI Systems (Article 71)\u003c\/li\u003e\n\u003cli\u003eHandling of Substantial Modifications (Article 43(4))\u003c\/li\u003e\n\u003cli\u003eLink to Quality and Management Systems\u003c\/li\u003e\n\u003cli\u003ePractical Example: Conformity Route of an HR Screening Tool\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 14: Transparency Obligations for Limited-Risk Systems (Art. 52 EU AI Act)\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eArticle 52 EU AI Act – Transparency Obligations\u003c\/li\u003e\n\u003cli\u003eApplication Areas and Labeling Obligations\u003c\/li\u003e\n\u003cli\u003eDesign Recommendations for Interfaces and Labeling\u003c\/li\u003e\n\u003cli\u003eOrganizational Implementation in Companies\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"267C91US \/ 2026-07-29T09:00:00 \/ Herndon, VA","offer_id":48101401428187,"sku":"US-1289-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"269C04US \/ 2026-09-16T09:00:00 \/ Herndon, VA","offer_id":48101401460955,"sku":"US-1289-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"26AA33US \/ 2026-10-28T09:00:00 \/ Herndon, VA","offer_id":48101401493723,"sku":"US-1289-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"26CA25US \/ 2026-12-16T09:00:00 \/ Herndon, VA","offer_id":48101401526491,"sku":"US-1289-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"271A22US \/ 2027-01-27T09:00:00 \/ Herndon, VA","offer_id":48190721163483,"sku":"US-1289-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"273A17US \/ 2027-03-17T09:00:00 \/ Herndon, VA","offer_id":48377300091099,"sku":"US-1289-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"274A14US \/ 2027-04-28T09:00:00 \/ Herndon, VA","offer_id":48696390418651,"sku":"US-1289-IL","price":2228.0,"currency_code":"USD","in_stock":true}]},{"product_id":"comptia-secai","title":"CompTIA SecAI+ Certification","description":"\u003cdiv\u003e\n\u003cp\u003eCompTIA SecAI+ enables a safer digital future by empowering IT and cybersecurity talent worldwide to meet the emerging challenges and opportunities at the intersection of AI and security.\u003c\/p\u003e\r\n\u003cp\u003eCompTIA SecAI+ is the global IT industry’s first comprehensive “expansion” certification focused on the security of artificial intelligence systems and the secure application of AI in cybersecurity operations. This certification equips professionals with critical, vendor-neutral skills to understand, defend, and ethically deploy AI technologies within any organization.\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eCompTIA SecAI+ Certification Benefits\u003c\/h3\u003e\n\u003cul\u003e\u003cli\u003e\n\u003cp\u003e\u003cb\u003eCourse Benefits\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eApply foundational and advanced AI concepts to strengthen organizational cybersecurity.\u003c\/li\u003e\n\u003cli\u003eImplement robust security controls and best practices for protecting AI systems and data.\u003c\/li\u003e\n\u003cli\u003eLeverage AI-driven tools to enhance threat detection, response, and automation of security operations.\u003c\/li\u003e\n\u003cli\u003eNavigate global governance, risk, and compliance frameworks to ensure responsible AI adoption.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003ePrerequisites\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003eThis is equivalent to 3–4 years of IT experience with approximately 2 years of hands-on cybersecurity experience.\u003c\/p\u003e\n\u003c\/li\u003e\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eCompTIA SecAI+ AI Security Training Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLearning Objectives\u003c\/h4\u003e\n\u003cp\u003e\u003cb\u003eModule 1 — AI and Data Concepts for Cybersecurity\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eAI concepts and core AI types\u003c\/li\u003e\n\u003cli\u003eGenerative AI and transformers\u003c\/li\u003e\n\u003cli\u003eMachine learning and deep learning\u003c\/li\u003e\n\u003cli\u003eNatural language processing\u003c\/li\u003e\n\u003cli\u003eAI model training approaches\u003c\/li\u003e\n\u003cli\u003ePrompt engineering fundamentals\u003c\/li\u003e\n\u003cli\u003eModel security considerations\u003c\/li\u003e\n\u003cli\u003eAI data types and data security techniques\u003c\/li\u003e\n\u003cli\u003eRAG (Retrieval Augmented Generation) concepts\u003c\/li\u003e\n\u003cli\u003eData integrity and processing controls\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 2 — Threat Modeling and Securing AI Systems\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eAI threat modeling fundamentals\u003c\/li\u003e\n\u003cli\u003eThreat modeling processes and prerequisites\u003c\/li\u003e\n\u003cli\u003eAI threat modeling frameworks\u003c\/li\u003e\n\u003cli\u003eAI security control types\u003c\/li\u003e\n\u003cli\u003eModel guardrails and prompt templates\u003c\/li\u003e\n\u003cli\u003eGateway and interface controls\u003c\/li\u003e\n\u003cli\u003eUsage quotas and limitation controls\u003c\/li\u003e\n\u003cli\u003eSecurity control testing\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 3 — Access Controls for AI\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eAI access control principles and models\u003c\/li\u003e\n\u003cli\u003eModel and agent access controls\u003c\/li\u003e\n\u003cli\u003eAPI and network access security\u003c\/li\u003e\n\u003cli\u003eAI data security controls\u003c\/li\u003e\n\u003cli\u003eEncryption and data safety measures\u003c\/li\u003e\n\u003cli\u003eMonitoring and logging AI systems\u003c\/li\u003e\n\u003cli\u003ePerformance and cost monitoring\u003c\/li\u003e\n\u003cli\u003eAI auditing and compliance monitoring\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 4 — AI Threats and Compensating Controls\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eAI lifecycle security\u003c\/li\u003e\n\u003cli\u003eEthical AI design considerations\u003c\/li\u003e\n\u003cli\u003eAI attack types and techniques\u003c\/li\u003e\n\u003cli\u003eBackdoor and trojan model attacks\u003c\/li\u003e\n\u003cli\u003eModel poisoning and inversion\u003c\/li\u003e\n\u003cli\u003eModel theft risks\u003c\/li\u003e\n\u003cli\u003eCompensating control strategies\u003c\/li\u003e\n\u003cli\u003ePost-incident AI analysis\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 5 — Leveraging AI in Security Operations\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eAI-enabled security tools\u003c\/li\u003e\n\u003cli\u003eAI use cases in detection and analysis\u003c\/li\u003e\n\u003cli\u003eAI for vulnerability assessment\u003c\/li\u003e\n\u003cli\u003eAI-enhanced attack vectors\u003c\/li\u003e\n\u003cli\u003eAI for social engineering and deception\u003c\/li\u003e\n\u003cli\u003eAI reconnaissance techniques\u003c\/li\u003e\n\u003cli\u003eAI-driven automation\u003c\/li\u003e\n\u003cli\u003eAI in DevSecOps workflows\u003c\/li\u003e\n\u003cli\u003eAI scripting and summarization\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 6 — AI Governance, Risk, and Compliance\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eAI governance structures\u003c\/li\u003e\n\u003cli\u003eAI organizational roles\u003c\/li\u003e\n\u003cli\u003eResponsible AI principles\u003c\/li\u003e\n\u003cli\u003eAI risk identification and assessment\u003c\/li\u003e\n\u003cli\u003eAI regulatory themes\u003c\/li\u003e\n\u003cli\u003eCompliance frameworks for AI\u003c\/li\u003e\n\u003cli\u003eOrganizational AI policy design\u003c\/li\u003e\n\u003cli\u003eCompliance reporting\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"266B04CN \/ 2026-06-10T09:00:00 \/ Online","offer_id":48230032834779,"sku":"US-2078-IL","price":1800.0,"currency_code":"USD","in_stock":true},{"title":"267D53US \/ 2026-07-29T09:00:00 \/ Herndon, VA","offer_id":48230032867547,"sku":"US-2078-IL","price":1800.0,"currency_code":"USD","in_stock":true},{"title":"269A97CN \/ 2026-09-09T09:00:00 \/ Ottawa","offer_id":48230032900315,"sku":"US-2078-IL","price":1800.0,"currency_code":"USD","in_stock":true},{"title":"26AC21US \/ 2026-10-28T09:00:00 \/ Herndon, VA","offer_id":48230032933083,"sku":"US-2078-IL","price":1800.0,"currency_code":"USD","in_stock":true},{"title":"26CA42CN \/ 2026-12-09T09:00:00 \/ Ottawa","offer_id":48230032965851,"sku":"US-2078-IL","price":1800.0,"currency_code":"USD","in_stock":true},{"title":"271C65US \/ 2027-01-27T09:00:00 \/ Herndon, VA","offer_id":48230032998619,"sku":"US-2078-IL","price":1800.0,"currency_code":"USD","in_stock":true},{"title":"273A58CN \/ 2027-03-10T09:00:00 \/ Ottawa","offer_id":48334732951771,"sku":"US-2078-IL","price":1800.0,"currency_code":"USD","in_stock":true},{"title":"274C18US \/ 2027-04-28T09:00:00 \/ Herndon, VA","offer_id":48696395595995,"sku":"US-2078-IL","price":1800.0,"currency_code":"USD","in_stock":true}]},{"product_id":"ai-powered-cmmc-audit-automation-course","title":"AI-Powered CMMC Audit Automation Course","description":"\u003cdiv\u003e\n\u003cp\u003eThis intensive one-day program equips Defense Industrial Base organizations with practical AI tools and strategies to automate CMMC audit preparation, reduce compliance costs, and accelerate certification readiness. Drawing from proven AI cybersecurity methodologies, participants will learn how to leverage machine learning, neural networks, natural language processing, and generative AI technologies to streamline evidence collection, automate risk assessments, and enhance continuous monitoring for CMMC Level 1 and Level 2 requirements.\u003c\/p\u003e\r\n\u003cp\u003eThe course covers discriminative and generative AI approaches, foundation models, and large language models specifically applied to compliance automation challenges facing defense contractors.\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eAI-Powered CMMC Audit Automation Course Benefits\u003c\/h3\u003e\n\u003cul\u003e\u003cli\u003e\n\u003cp\u003e\u003cb\u003eUpon completing this course, students should be able to:\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eDeploy AI tools to automate CMMC evidence collection and documentation\u003c\/li\u003e\n\u003cli\u003eImplement AI-driven risk assessment frameworks for continuous compliance monitoring\u003c\/li\u003e\n\u003cli\u003eLeverage generative AI to accelerate policy creation and security awareness training\u003c\/li\u003e\n\u003cli\u003eUtilize AI-powered security operations tools for real-time threat detection and incident response\u003c\/li\u003e\n\u003cli\u003eApply AI governance frameworks to ensure responsible AI adoption while maintaining CMMC compliance\u003c\/li\u003e\n\u003cli\u003eDesign an AI implementation roadmap for sustainable CMMC audit automation\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003ePrerequisites\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003eAttendees should have foundational knowledge of CMMC requirements and process\u003c\/p\u003e\n\u003c\/li\u003e\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eAI-Powered CMMC Audit Automation Course Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLearning Objectives\u003c\/h4\u003e\n\u003cp\u003e\u003cb\u003eModule 1 – AI Foundations for CMMC Automation\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEvolution of AI technology: machine learning, deep neural networks, and NLP in compliance\u003c\/li\u003e\n\u003cli\u003eAI architectures for security: CNNs, RNNs, and transformers in CMMC automation\u003c\/li\u003e\n\u003cli\u003eFoundation models vs. large language models for compliance documentation\u003c\/li\u003e\n\u003cli\u003eMapping AI technologies to automated evidence collection and control verification\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003ePractical Focus\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAutomating CMMC Level 1 and Level 2 control verification with AI\u003c\/li\u003e\n\u003cli\u003eIdentifying high-value automation opportunities across the 110 CMMC controls\u003c\/li\u003e\n\u003cli\u003eContinuous AI-powered compliance monitoring and status tracking\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eLab Exercise\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eInvestigating Discriminative and Generative AI\u003c\/li\u003e\n\u003cli\u003eHands-on exploration of how different AI approaches automate CMMC compliance tasks.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 2 – AI Risk Management in CMMC Environments\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity, privacy, and compliance risks of AI implementations in defense contracting\u003c\/li\u003e\n\u003cli\u003eEthical AI deployment aligned with DoD responsible AI principles\u003c\/li\u003e\n\u003cli\u003eRisks introduced by generative AI and mitigation strategies\u003c\/li\u003e\n\u003cli\u003eDefending against AI-enhanced social engineering and deepfake attacks\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eCMMC-Specific Focus\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eBalancing AI risk mitigation with compliance objectives\u003c\/li\u003e\n\u003cli\u003eHuman autonomy vs. automated system autonomy in compliance monitoring\u003c\/li\u003e\n\u003cli\u003eData governance for AI systems handling CUI and FCI\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eLab Exercises\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eProtecting Sensitive Data with DLP – Implementing DLP in AI-powered compliance systems\u003c\/li\u003e\n\u003cli\u003eConducting an AI Risk Assessment – Evaluating AI risks in defense contractor environments\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 3 – AI-Enhanced Security Operations for CMMC\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecOps automation using AI-based monitoring and response\u003c\/li\u003e\n\u003cli\u003eManaging hybrid IT and cloud AI environments in defense contracting\u003c\/li\u003e\n\u003cli\u003eAI security tooling: Google AI SecOps, Microsoft Cybersecurity Copilot, SIEM\/SOAR integration\u003c\/li\u003e\n\u003cli\u003eAIOps, AI networking, and telemetry-driven day-2 operations\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eHands-On Tools\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eGoogle AI SecOps Unified Data Model for evidence collection\u003c\/li\u003e\n\u003cli\u003eMicrosoft Cybersecurity Copilot for investigations and documentation\u003c\/li\u003e\n\u003cli\u003eAI-driven orchestration for automated incident response and compliance validation\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eLab Exercise\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDefending Security with AI\u003cbr\u003eImplementing AI-powered monitoring and automated response for CMMC control verification.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 4 – AI Vulnerabilities and Attack Vectors\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAI algorithms, datasets, and models as attack surfaces\u003c\/li\u003e\n\u003cli\u003eOWASP Top 10 risks for AI-powered systems\u003c\/li\u003e\n\u003cli\u003ePrompt engineering threats and injection attack defenses\u003c\/li\u003e\n\u003cli\u003eAI-enhanced social engineering and deepfake exploitation\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eDefense Contractor Focus\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecuring AI used in CMMC compliance automation\u003c\/li\u003e\n\u003cli\u003eProtecting intellectual property from AI-enabled reconnaissance\u003c\/li\u003e\n\u003cli\u003eAI red teaming to validate secure CMMC implementations\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eLab Exercises\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePenetration Testing an AI System – Identifying vulnerabilities in AI compliance tools\u003c\/li\u003e\n\u003cli\u003eEnhancing Hacking with GenAI – Understanding attacker AI techniques targeting defense contractors\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 5 – AI Governance and CMMC Framework Integration\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eRegulatory landscape: EU AI Act and NIST AI Risk Management Framework\u003c\/li\u003e\n\u003cli\u003eOWASP governance checklist for secure AI deployment\u003c\/li\u003e\n\u003cli\u003eResponsible AI and secure AI frameworks for ethical implementation\u003c\/li\u003e\n\u003cli\u003eFederated learning and zero-trust generative AI architectures\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003ePractical Implementation\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEstablishing AI governance policies for defense contractors\u003c\/li\u003e\n\u003cli\u003eManaging generative AI risk while enabling automation\u003c\/li\u003e\n\u003cli\u003eIntegrating AI with existing CMMC compliance management platforms\u003c\/li\u003e\n\u003cli\u003eEvaluating vendors and assessing AI security tool risk\u003c\/li\u003e\n\u003cli\u003eEvolution of AI Technology: Machine Learning, Deep Neural Networks, and NLP applications in compliance\u003c\/li\u003e\n\u003cli\u003eAI Architectures for Security: CNNs, RNNs, Transformers and their role in CMMC automation\u003c\/li\u003e\n\u003cli\u003eFoundation Models vs. Large Language Models: Understanding capabilities for compliance documentation\u003c\/li\u003e\n\u003cli\u003eCMMC-Specific Applications: Mapping AI technologies to automated evidence collection and control verification\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003ePractical Focus:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eUnderstanding AI capabilities for automating CMMC Level 1 and Level 2 control verification\u003c\/li\u003e\n\u003cli\u003eIdentifying which of the 110 CMMC controls benefit most from AI automation\u003c\/li\u003e\n\u003cli\u003eAI-powered continuous monitoring for compliance status tracking\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eLab Exercise\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003ci\u003eInvestigating Discriminative and Generative AI\u003c\/i\u003e - Hands-on exploration of how different AI approaches can automate CMMC compliance tasks\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"267D58US \/ 2026-07-27T09:00:00 \/ Online","offer_id":48833428095195,"sku":"US-4901-IL","price":716.0,"currency_code":"USD","in_stock":true},{"title":"26AC23US \/ 2026-10-26T09:00:00 \/ Online","offer_id":48833428127963,"sku":"US-4901-IL","price":716.0,"currency_code":"USD","in_stock":true},{"title":"271C67US \/ 2027-01-25T09:00:00 \/ Online","offer_id":48833428160731,"sku":"US-4901-IL","price":716.0,"currency_code":"USD","in_stock":true},{"title":"274C20US \/ 2027-04-26T09:00:00 \/ Online","offer_id":48833428193499,"sku":"US-4901-IL","price":716.0,"currency_code":"USD","in_stock":true}]},{"product_id":"isaca-advanced-in-ai-risk-aair-certification","title":"ISACA Advanced in AI Risk (AAIR) Certification","description":"\u003cdiv\u003e\u003cp\u003eThe ISACA\u003csup\u003e®\u003c\/sup\u003e Advanced in AI Security Management\u003csup\u003e™\u003c\/sup\u003e (AAIR\u003csup\u003e™\u003c\/sup\u003e) certification validates risk professionals’ expertise and experience in managing AI-specific risks while harnessing AI’s transformative potential for strategic advantage. This credential builds upon established risk management best practices, focusing on the evolving AI landscape to effectively assess and manage risk profiles within organizations. By fostering cross-functional collaboration, it equips professionals to communicate AI risk comprehensively and ensure ethical and regulatory compliance.\u003c\/p\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eISACA Advanced in AI Risk (AAIR) Certification Benefits\u003c\/h3\u003e\n\u003cul\u003e\u003cli\u003e\n\u003cp\u003e\u003cb\u003eCourse Benefits\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eReduce operational and reputational risk with improved model controls, monitoring and third-party oversight\u003c\/li\u003e\n\u003cli\u003eStrengthen regulatory readiness and demonstrate responsible AI practices across the enterprise\u003c\/li\u003e\n\u003cli\u003eUpskill existing risk teams quickly without needing to hire scarce specialized talent\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003ePrerequisites\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003eCandidates must possess one of the following certifications:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eCISA \u003cem\u003esee Certified Information Systems Auditor (CISA) Training\u003c\/em\u003e\n\u003c\/li\u003e\n\u003cli\u003eCISM \u003cem\u003eseeCISM Certified Information Security Manager\u003c\/em\u003e\n\u003c\/li\u003e\n\u003cli\u003eCRISC \u003cem\u003eseeCertified Risk and Information Systems Control (CRISC) Training\u003c\/em\u003e\n\u003c\/li\u003e\n\u003cli\u003eCGEIT \u003cem\u003eseeCGEIT Certification Training\u003c\/em\u003e\n\u003c\/li\u003e\n\u003cli\u003eCDPSE \u003cem\u003esee{course:2041}\u003c\/em\u003e\n\u003c\/li\u003e\n\u003cli\u003eCGRC \u003cem\u003eseeCGRC® Training and Certification\u003c\/em\u003e\n\u003c\/li\u003e\n\u003cli\u003eCISSP \u003cem\u003eseeCISSP® Training and Certification Prep Course\u003c\/em\u003e\n\u003c\/li\u003e\n\u003cli\u003ePMI-RMP \u003cem\u003esee {course:3602}\u003c\/em\u003e\n\u003c\/li\u003e\n\u003cli\u003eCRMP, CRCM, CRMA, or CERP\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eWho Should Attend:\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003eMid-to-late career risk professionals who hold the prerequisite certifications.\u003c\/p\u003e\n\u003c\/li\u003e\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eISACA AI Risk Certification Training Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLearning Objectives\u003c\/h4\u003e\n\u003cp\u003e\u003cb\u003eModule 1: AI Risk Governance and Framework Integration\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cb\u003eAI Models, Frameworks, Strategies, and Use Cases\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eTypes of AI\u003c\/li\u003e\n\u003cli\u003eAI Frameworks\u003c\/li\u003e\n\u003cli\u003eBusiness Use Case and AI Use Case Review\u003c\/li\u003e\n\u003cli\u003eAI Business Strategies\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eAI Organizational Processes and Alignment\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAI Governance Fundamentals\u003c\/li\u003e\n\u003cli\u003eAlignment to Existing Organizational Structures\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e \u003c\/b\u003e\u003cb\u003eAI Ownership, Oversight, and Accountability\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAI-related Roles and Responsibilities\u003c\/li\u003e\n\u003cli\u003eAccountability and AI\u003c\/li\u003e\n\u003cli\u003eRACI for AI Solutions\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eAI Policies, Procedures, and Organizational Training\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAI Acceptable Use Policy\u003c\/li\u003e\n\u003cli\u003eAI Policy Development\u003c\/li\u003e\n\u003cli\u003eAI Procedures and Manuals\u003c\/li\u003e\n\u003cli\u003eOrganizational Culture and AI Risk Governance\u003c\/li\u003e\n\u003cli\u003eElements of Effective AI Training and Awareness\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eAI Regulatory Compliance and Legal Considerations\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eCompliance With Laws and Regulations\u003c\/li\u003e\n\u003cli\u003eGaps in Regulatory Coverage\u003c\/li\u003e\n\u003cli\u003eMapping Legal Requirements for AI\u003c\/li\u003e\n\u003cli\u003eAssessing Legal Exposure and Liability for AI Actions\u003c\/li\u003e\n\u003cli\u003eIntellectual Property Considerations in AI\u003c\/li\u003e\n\u003cli\u003eVendor Contract Review\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eAI Trustworthiness, Ethical and Societal Implications\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eResponsible Use of AI Systems 68\u003c\/li\u003e\n\u003cli\u003eBias and Fairness\u003c\/li\u003e\n\u003cli\u003eTransparency and Explainability\u003c\/li\u003e\n\u003cli\u003eTrust and Safety\u003c\/li\u003e\n\u003cli\u003eHuman Rights and Societal Impact\u003c\/li\u003e\n\u003cli\u003eEnvironmental Impact\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e \u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cb\u003eModule 2: AI Life Cycle Risk Management\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cb\u003eAI Design, Development, Procurement, and \u003c\/b\u003e\u003cb\u003eDocumentation\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePlan and Design\u003c\/li\u003e\n\u003cli\u003eData Requirements for AI Models\u003c\/li\u003e\n\u003cli\u003eProcurement of AI Solutions\u003c\/li\u003e\n\u003cli\u003eBuild, Adapt, and Document Models\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eAI Model Training, Testing and Validation\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eSourcing Datasets\u003c\/li\u003e\n\u003cli\u003eValidating the Data\u003c\/li\u003e\n\u003cli\u003eModel Training\u003c\/li\u003e\n\u003cli\u003eModel Testing and Validation\u003c\/li\u003e\n\u003cli\u003eModel Performance and Fine Tuning\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eAI Implementation, Maintenance, and \u003c\/b\u003e\u003cb\u003eDecommissioning\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAI Deployment and Implementation\u003c\/li\u003e\n\u003cli\u003eRobustness and Scalability Considerations\u003c\/li\u003e\n\u003cli\u003eMonitoring and Managing Model Drift\u003c\/li\u003e\n\u003cli\u003eChange Management in AI Systems\u003c\/li\u003e\n\u003cli\u003eDecommissioning AI Solutions\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eAI Data and Asset Management\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAI Asset Inventory\u003c\/li\u003e\n\u003cli\u003eData Collection for AI\u003c\/li\u003e\n\u003cli\u003eData Classification\u003c\/li\u003e\n\u003cli\u003eData Confidentiality\u003c\/li\u003e\n\u003cli\u003eData Quality\u003c\/li\u003e\n\u003cli\u003eData Balancing\u003c\/li\u003e\n\u003cli\u003eData Scarcity\u003c\/li\u003e\n\u003cli\u003eData Security\u003c\/li\u003e\n\u003cli\u003eData Preparation and Normalization\u003c\/li\u003e\n\u003cli\u003eData Minimization and Privacy Considerations\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e \u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cb\u003eModule 3: AI Risk Program Management\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cb\u003eAI Risk Scenario Identification and Assessment\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAI Threat Landscape\u003c\/li\u003e\n\u003cli\u003eAI Threat Modeling\u003c\/li\u003e\n\u003cli\u003eDevelopment of AI Risk Scenarios\u003c\/li\u003e\n\u003cli\u003eAI Risk Classification\u003c\/li\u003e\n\u003cli\u003eAI Risk Assessment\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eAI Risk Treatment Strategies\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAccept\u003c\/li\u003e\n\u003cli\u003eAvoid\u003c\/li\u003e\n\u003cli\u003eMitigation\u003c\/li\u003e\n\u003cli\u003eTransfer\/Share\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eAI Controls Management\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAI Control Types and Control Frameworks\u003c\/li\u003e\n\u003cli\u003eAI Control Selection and Validation\u003c\/li\u003e\n\u003cli\u003eControl Performance\u003c\/li\u003e\n\u003cli\u003eControls Specific to AI Solutions\u003c\/li\u003e\n\u003cli\u003eUse of AI in Control Management\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eAI Risk Metrics, Monitoring, and Reporting\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eRisk and Performance Metrics\u003c\/li\u003e\n\u003cli\u003eAI Risk Reportings\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eAI Supply Chain Risk Management\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAI Vendor Management\u003c\/li\u003e\n\u003cli\u003eAI Shared Responsibility Model\u003c\/li\u003e\n\u003cli\u003eAI Software Supply Chain Risk\u003c\/li\u003e\n\u003cli\u003eCloud Computing Risk in AI Supply Chains\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eAI Incident Response, BIA, Business Continuity, and \u003c\/b\u003e\u003cb\u003eDisaster Recovery\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAI Business Impact Analysis\u003c\/li\u003e\n\u003cli\u003ePrepare\u003c\/li\u003e\n\u003cli\u003eIdentify and Report\u003c\/li\u003e\n\u003cli\u003eAssess\u003c\/li\u003e\n\u003cli\u003eRespond\u003c\/li\u003e\n\u003cli\u003ePost-incident Review\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"267D90US \/ 2026-07-13T09:00:00 \/ Herndon, VA","offer_id":48833430225115,"sku":"US-2018-IL","price":2396.0,"currency_code":"USD","in_stock":true},{"title":"268B10CN \/ 2026-08-24T09:00:00 \/ Ottawa","offer_id":48833430257883,"sku":"US-2018-IL","price":2396.0,"currency_code":"USD","in_stock":true},{"title":"26AC34US \/ 2026-10-05T09:00:00 \/ Herndon, VA","offer_id":48833430290651,"sku":"US-2018-IL","price":2396.0,"currency_code":"USD","in_stock":true},{"title":"26BA66CN \/ 2026-11-30T09:00:00 \/ Ottawa","offer_id":48833430323419,"sku":"US-2018-IL","price":2396.0,"currency_code":"USD","in_stock":true},{"title":"271C79US \/ 2027-01-11T09:00:00 \/ Herndon, VA","offer_id":48833430356187,"sku":"US-2018-IL","price":2396.0,"currency_code":"USD","in_stock":true},{"title":"272A50CN \/ 2027-02-22T09:00:00 \/ Ottawa","offer_id":48833430388955,"sku":"US-2018-IL","price":2396.0,"currency_code":"USD","in_stock":true},{"title":"274C31US \/ 2027-04-12T09:00:00 \/ Herndon, VA","offer_id":48833430421723,"sku":"US-2018-IL","price":2396.0,"currency_code":"USD","in_stock":true},{"title":"275A54CN \/ 2027-05-17T09:00:00 \/ Ottawa","offer_id":48833430454491,"sku":"US-2018-IL","price":2396.0,"currency_code":"USD","in_stock":true}]},{"product_id":"ai-risk-management-implementing-the-nist-ai-rmf-in-practice","title":"AI Risk Management: Implementing the NIST AI RMF","description":"\u003cdiv\u003e\n\u003cp\u003eThis course provides a practical, enterprise-focused approach to managing the risks associated with artificial intelligence systems by applying the NIST AI Risk Management Framework (AI RMF) in real-world environments. Students will develop a structured understanding of how AI systems introduce unique risks—including bias, model drift, adversarial manipulation, model theft, and lack of transparency—and how those risks differ from traditional IT and cybersecurity challenges.\u003c\/p\u003e\r\n\u003cp\u003eThe course explores how to operationalize AI governance by integrating the AI RMF with existing enterprise frameworks, including ISO\/IEC 42001 Artificial Intelligence Management System and NIST Risk Management Framework SP 800-37. Learners will examine how to establish AI system inventories, classify risk, implement controls, and build governance processes that align with regulatory expectations and organizational risk tolerance. The course also introduces emerging high-assurance security concepts for AI systems, including architectural isolation, secure model handling, and advanced threat models inspired by frontier AI environments.\u003c\/p\u003e\r\n\u003cp\u003eThrough hands-on labs using open-source tools, students will assess model bias, evaluate explainability, detect model drift, and simulate real-world AI risk scenarios, including architecture design decisions around system exposure, isolation, and secure deployment models. The course emphasizes not just identifying risks, but implementing measurable controls, producing audit-ready evidence, and enabling continuous monitoring of AI systems in production environments.\u003c\/p\u003e\r\n\u003cp\u003eBy the end of the course, participants will be equipped to design, implement, and operate an AI risk management program that supports secure, compliant, and trustworthy AI adoption across the enterprise.\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eAI Risk Management: Implementing the NIST AI RMF Benefits\u003c\/h3\u003e\n\u003cul\u003e\u003cli\u003e\n\u003cp\u003e\u003cb\u003eCourse Benefits\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eApply the NIST AI Risk Management Framework to real-world AI systems\u003c\/li\u003e\n\u003cli\u003eIdentify and classify AI systems and their associated risks\u003c\/li\u003e\n\u003cli\u003eImplement controls to address bias, drift, and adversarial threats\u003c\/li\u003e\n\u003cli\u003eIntegrate AI governance into enterprise risk management programs\u003c\/li\u003e\n\u003cli\u003eMonitor and audit AI systems using practical tools and techniques\u003c\/li\u003e\n\u003cli\u003eEvaluate AI system architectures to reduce exposure and align with high-assurance security principles\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003ePrerequisites\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003eAttendees should have foundational knowledge in cybersecurity, risk management, or governance frameworks. Familiarity with machine learning concepts is helpful but not required.\u003c\/p\u003e\n\u003c\/li\u003e\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eNIST AI RMF Risk Management Training Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLearning Objectives\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003eChapter 1: The AI Risk Landscape\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eAI adoption trends across enterprise and government environments\u003c\/li\u003e\n\u003cli\u003eDifferences between AI systems and traditional software systems\u003c\/li\u003e\n\u003cli\u003eAI system lifecycle: data collection, training, deployment, monitoring\u003c\/li\u003e\n\u003cli\u003eRisk amplification through scale, automation, and data dependency\u003c\/li\u003e\n\u003cli\u003eGenerative AI and large language model (LLM) risk considerations\u003c\/li\u003e\n\u003cli\u003eDecision automation risks and impacts on business processes\u003c\/li\u003e\n\u003cli\u003eEthical, legal, operational, and reputational risk categories\u003c\/li\u003e\n\u003cli\u003eReal-world examples of AI failures and unintended consequences\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eChapter 2: The NIST AI Risk Management Framework\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eOverview of AI RMF core functions: Govern, Map, Measure, Manage\u003c\/li\u003e\n\u003cli\u003eEstablishing AI governance structures and accountability models\u003c\/li\u003e\n\u003cli\u003eRisk categorization aligned to business and mission impact\u003c\/li\u003e\n\u003cli\u003eAI system inventory and asset management strategies\u003c\/li\u003e\n\u003cli\u003eRisk measurement techniques and qualitative vs quantitative methods\u003c\/li\u003e\n\u003cli\u003eContinuous monitoring and lifecycle risk management\u003c\/li\u003e\n\u003cli\u003eCommunication of AI risk to stakeholders and leadership\u003c\/li\u003e\n\u003cli\u003eIntegration of AI RMF into existing governance frameworks\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eChapter 3: Mapping Traditional RMF to AI Systems\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eAligning NIST Risk Management Framework SP 800-37 with AI RMF\u003c\/li\u003e\n\u003cli\u003eTranslating Prepare, Categorize, Select, Implement, Assess, Authorize, Monitor\u003c\/li\u003e\n\u003cli\u003eCategorizing AI systems based on sensitivity and impact\u003c\/li\u003e\n\u003cli\u003eSelecting controls specific to AI models and data pipelines\u003c\/li\u003e\n\u003cli\u003eImplementing controls across the AI lifecycle\u003c\/li\u003e\n\u003cli\u003eAssessing AI systems for performance, fairness, and security\u003c\/li\u003e\n\u003cli\u003eAuthorization processes for AI deployment\u003c\/li\u003e\n\u003cli\u003eContinuous monitoring and reassessment strategies\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eChapter 4: AI Governance and Organizational Controls\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eEstablishing AI governance boards and risk committees\u003c\/li\u003e\n\u003cli\u003eDefining roles and responsibilities across stakeholders\u003c\/li\u003e\n\u003cli\u003eDeveloping AI policies, standards, and procedures\u003c\/li\u003e\n\u003cli\u003eModel lifecycle governance and approval workflows\u003c\/li\u003e\n\u003cli\u003eDocumentation requirements (model cards, data sheets, audit artifacts)\u003c\/li\u003e\n\u003cli\u003eRisk registers and accountability tracking\u003c\/li\u003e\n\u003cli\u003eAligning AI governance with enterprise risk management (ERM)\u003c\/li\u003e\n\u003cli\u003ePreparing for regulatory and compliance requirements\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eChapter 5: AI Risk Identification and Control Implementation\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eIdentifying AI-specific risks: bias, drift, hallucinations, adversarial threats\u003c\/li\u003e\n\u003cli\u003eData quality and training data risk considerations\u003c\/li\u003e\n\u003cli\u003eModel asset protection, including risks related to model weights and intellectual property\u003c\/li\u003e\n\u003cli\u003eAI supply chain risks including third-party models, datasets, and dependencies\u003c\/li\u003e\n\u003cli\u003eBias detection and mitigation strategies\u003c\/li\u003e\n\u003cli\u003eModel validation and robustness testing\u003c\/li\u003e\n\u003cli\u003eExplainability and interpretability requirements\u003c\/li\u003e\n\u003cli\u003eTechnical controls vs governance controls vs operational controls\u003c\/li\u003e\n\u003cli\u003eControl mapping to risks and measurable outcomes\u003c\/li\u003e\n\u003cli\u003eCreating audit-ready evidence and documentation\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eChapter 6: Explainability, Transparency, and Trust\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eImportance of transparency in AI decision-making\u003c\/li\u003e\n\u003cli\u003eBlack-box vs interpretable model trade-offs\u003c\/li\u003e\n\u003cli\u003eFeature importance and decision traceability\u003c\/li\u003e\n\u003cli\u003eExplainability techniques such as SHAP and LIME\u003c\/li\u003e\n\u003cli\u003eCommunicating model behavior to technical and non-technical audiences\u003c\/li\u003e\n\u003cli\u003eSupporting audit, compliance, and legal requirements\u003c\/li\u003e\n\u003cli\u003eBuilding trust with stakeholders and end users\u003c\/li\u003e\n\u003cli\u003eLimitations and risks of explainability methods\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eChapter 7: AI Security and Adversarial Risks\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eData poisoning and model poisoning attack vectors\u003c\/li\u003e\n\u003cli\u003eAdversarial machine learning techniques and evasion attacks\u003c\/li\u003e\n\u003cli\u003eModel extraction and inference attacks\u003c\/li\u003e\n\u003cli\u003eModel weight protection and risks associated with model theft and misuse\u003c\/li\u003e\n\u003cli\u003eSecuring AI pipelines, datasets, and training environments\u003c\/li\u003e\n\u003cli\u003eSecure AI architecture patterns including isolation, restricted interfaces, and controlled environments\u003c\/li\u003e\n\u003cli\u003eThreat modeling for AI systems\u003c\/li\u003e\n\u003cli\u003eIntegrating AI risks into existing security operations\u003c\/li\u003e\n\u003cli\u003eDetection and response strategies for AI-specific threats\u003c\/li\u003e\n\u003cli\u003eIntroduction to high-assurance AI security models and emerging practices for protecting sensitive AI systems\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eChapter 8: AI Monitoring, Operations, and ISO 42001 Integration\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eDetecting model drift and data drift in production systems\u003c\/li\u003e\n\u003cli\u003eMonitoring performance degradation and reliability issues\u003c\/li\u003e\n\u003cli\u003eEstablishing retraining triggers and lifecycle management processes\u003c\/li\u003e\n\u003cli\u003eObservability and logging for AI systems\u003c\/li\u003e\n\u003cli\u003eOverview of ISO\/IEC 42001 Artificial Intelligence Management System\u003c\/li\u003e\n\u003cli\u003eAligning AI RMF with ISO 42001 control areas\u003c\/li\u003e\n\u003cli\u003eAI risk maturity models and progression from standard controls to high-assurance environments\u003c\/li\u003e\n\u003cli\u003eEvaluating when increased isolation and restricted architectures are appropriate\u003c\/li\u003e\n\u003cli\u003eContinuous improvement and governance maturity models\u003c\/li\u003e\n\u003cli\u003eBuilding and sustaining an enterprise AI risk management program\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"268D35US \/ 2026-08-05T09:00:00 \/ Herndon, VA","offer_id":48833432223963,"sku":"US-2079-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"269B09CN \/ 2026-09-16T09:00:00 \/ Ottawa","offer_id":48833432256731,"sku":"US-2079-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"26BC93US \/ 2026-11-04T09:00:00 \/ Herndon, VA","offer_id":48833432289499,"sku":"US-2079-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"26CA48CN \/ 2026-12-16T09:00:00 \/ Ottawa","offer_id":48833432322267,"sku":"US-2079-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"272B97US \/ 2027-02-03T09:00:00 \/ Herndon, VA","offer_id":48833432355035,"sku":"US-2079-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"273A66CN \/ 2027-03-17T09:00:00 \/ Ottawa","offer_id":48833432387803,"sku":"US-2079-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"275C71US \/ 2027-05-05T09:00:00 \/ Herndon, VA","offer_id":48833432420571,"sku":"US-2079-IL","price":2228.0,"currency_code":"USD","in_stock":true}]}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0691\/4143\/0491\/collections\/lRAtAaY7S7CMg1F4mszm_22b2dd50-78f4-4ca6-9561-c8088d717030.webp?v=1780655662","url":"https:\/\/learningtreeinternational-dirinfosec-hhs.myshopify.com\/collections\/governance-risk-compliance.oembed","provider":"Learning Tree International","version":"1.0","type":"link"}