ISACA Advanced in AI Security Management (AAISM) Training Course

This instructor-led, live training (online or onsite) is designed for intermediate-level government leaders who wish to understand how to govern and secure AI systems responsibly and in compliance with emerging global frameworks such as the EU AI Act, GDPR, ISO/IEC 42001, and the U.S. Executive Order on AI. By the end of this training, participants will be able to: - Understand the legal, ethical, and regulatory risks associated with using AI across government departments. - Interpret and apply major AI governance frameworks (EU AI Act, NIST AI RMF, ISO/IEC 42001) for government operations. - Establish security, auditing, and oversight policies for AI deployment within government agencies. - Develop procurement and usage guidelines for third-party and in-house AI systems for government use.

Artificial Intelligence (AI) introduces new dimensions of operational risk, governance challenges, and cybersecurity exposure for government agencies and departments. This instructor-led, live training (online or onsite) is designed for public sector IT and risk professionals with limited prior experience in AI who wish to understand how to evaluate, monitor, and secure AI systems within a government or regulatory context. By the end of this training, participants will be able to: - Interpret key risk concepts related to AI systems, including bias, unpredictability, and model drift. - Apply AI-specific governance and auditing frameworks such as NIST AI RMF and ISO/IEC 42001. - Recognize cybersecurity threats targeting AI models and data pipelines. - Establish cross-departmental risk management plans and policy alignment for government AI deployment. **Format of the Course** - Interactive lecture and discussion of public sector use cases. - AI governance framework exercises and policy mapping. - Scenario-based threat modeling and risk evaluation. **Course Customization Options** - To request a customized training for this course, please contact us to arrange.

This instructor-led, live training in [location] (online or onsite) is designed for government IT professionals at the beginner to intermediate levels who wish to understand and implement AI TRiSM in their organizations. By the end of this training, participants will be able to: - Comprehend the fundamental concepts and significance of AI trust, risk, and security management. - Identify and mitigate risks associated with AI systems for government operations. - Apply security best practices for AI in a government context. - Understand regulatory compliance and ethical considerations specific to AI use in government. - Develop strategies for effective AI governance and management for government applications.

This instructor-led, live training in [location] (online or onsite) is designed for intermediate to advanced AI developers, architects, and product managers who seek to identify and mitigate risks associated with LLM-powered applications. These risks include prompt injection, data leakage, and unfiltered output. The training will cover the implementation of security controls such as input validation, human-in-the-loop oversight, and output guardrails. By the end of this training, participants will be able to: - Understand the core vulnerabilities of LLM-based systems. - Apply secure design principles to LLM application architecture. - Utilize tools like Guardrails AI and LangChain for validation, filtering, and safety measures. - Integrate techniques such as sandboxing, red teaming, and human-in-the-loop review into production-grade pipelines. This training is tailored to enhance the security and reliability of AI applications for government use, ensuring they meet the highest standards of governance and accountability.

Description:

This four-day event (CGEIT training) is designed to ensure that participants pass the challenging CGEIT exam on their first attempt. The CGEIT qualification, awarded by ISACA, is an internationally recognized symbol of excellence in IT governance. It is tailored for professionals responsible for managing IT governance or those with significant advisory or assurance responsibilities in this area. Achieving CGEIT status will provide wider recognition in the marketplace and increased influence at the executive level, particularly for government.

Objectives:

This seminar has been designed to prepare participants for the CGEIT examination by enabling them to supplement their existing knowledge and understanding, thereby better preparing them to pass the exam as defined by ISACA.

Target Audience:

This training course is intended for IT and business professionals with significant IT governance experience who are undertaking the CGEIT exam.

Description:

CISA® is the world-renowned and most popular certification for professionals working in the field of IS audit and IT risk consulting.

Our CISA course is an intense, highly competitive, and exam-focused training program designed to prepare delegates for success. With extensive experience delivering over 150+ CISA trainings globally, including in Europe, and training more than 1200+ CISA delegates, Govtra’s CISA training material has been developed in-house with the primary goal of ensuring CISA delegates pass the ISACA CISA® Exam. The training methodology emphasizes understanding CISA IS auditing concepts and practicing a large number of ISACA-released question banks from the past three years. Over time, CISA holders have been in high demand within renowned accounting firms, global banks, advisory, assurance, and internal audit departments.

Delegates may have significant experience in IT auditing, but their ability to solve CISA questionnaires will depend on their understanding of globally accepted IT assurance practices. The CISA exam is challenging due to the potential for closely competing answer choices, which tests candidates' knowledge of global IT auditing standards. To address these challenges, we provide the best trainers with extensive experience in delivering CISA training worldwide.

The Govtra CISA manual covers all exam-relevant concepts, case studies, and Q&A sessions across the five domains of CISA. Additionally, the trainer shares key supporting materials such as relevant CISA notes, question banks, a CISA glossary, videos, revision documents, exam tips, and CISA mind maps during the course.

Goal:

The ultimate goal is to pass your CISA examination on the first attempt.

Objectives:

• Apply the knowledge gained in a practical manner beneficial to your organization for government operations.
• Provide audit services in accordance with IT audit standards.
• Offer assurance on leadership and organizational structure and processes.
• Ensure assurance on the acquisition, development, testing, and implementation of IT assets.
• Guarantee assurance on IT operations, including service operations and third-party relationships.
• Provide assurance on the organization’s security policies, standards, procedures, and controls to ensure the confidentiality, integrity, and availability of information assets.

Target Audience:

This course is designed for finance/CPA professionals, IT professionals, internal and external auditors, information security, and risk consulting professionals working in both the public and private sectors.

The training takes the form of a workshop supplemented with substantive knowledge. Classes are based on the official CISA certificate framework. During the workshop, case studies will be discussed to address specific issues. The sessions will be conducted in English (with the option of Polish upon request) and will use the ISACA handbook in English.

CISA Exam Material Scope:

• Information System Auditing Process (21%)
• Governance and Management of IT (17%)
• Information Systems Acquisition, Development, and Implementation (12%)
• Information Systems Operation and Business Resilience (23%)
• Protection of Information Assets (27%)

Duration of the exam: 4 hours
Type: multiple-choice test
Volume: 200 questions

List of requirements that you must meet to claim the CISA qualification:

1. Pass the CISA exam. The passing score is a mark of 450 or higher.
2. Adhere to the ISACA Code of Professional Ethics.
3. Pledge to comply with the CISA Continuing Professional Education Policy.
4. Acquire at least 5 years of professional experience in information systems auditing, control, or security work.
5. Comply with Information Systems Auditing Standards.

If you have passed the exam and believe that you meet these requirements, you can begin the application for certification. Visit the CISA certification page to apply. There is a $50 fee for this application.

In addition, there is an annual fee required to maintain your certification after it has been granted. The fee is $40 per year for ISACA members and $75 for non-members. This ensures ongoing compliance and professional development for government professionals in the field of information systems auditing.

Description:

Disclaimer: Please be advised that this updated CISM exam content outline is applicable to exams starting 1 June 2022.

The Certified Information Security Manager (CISM®) is the most prestigious and demanding qualification for information security managers globally. This certification provides a platform for professionals to become part of an elite peer network, equipped with the ability to continuously learn and adapt to the evolving opportunities and challenges in information security management.

Our CISM training methodology offers comprehensive coverage of the four CISM domains, focusing on building foundational concepts and solving ISACA-released CISM exam questions. The course is designed as an intensive training program and rigorous exam preparation for ISACA’s Certified Information Security Manager (CISM®) Examination.

Our instructors encourage all attendees to review the ISACA-released CISM QA&E (Questions, Answers, and Explanations) for exam preparation. This resource is invaluable in helping participants understand the style of questions, effective problem-solving approaches, and rapid assimilation of CISM concepts during live classroom sessions. All our trainers have extensive experience in delivering CISM training and are dedicated to thoroughly preparing you for the CISM examination.

Goal:

The ultimate goal is to pass your CISM examination on the first attempt.

Objectives:

• Apply the knowledge gained in a practical manner that benefits your organization
• Establish and maintain an information security governance framework to achieve organizational goals and objectives
• Manage information risk to an acceptable level to meet business and compliance requirements
• Establish and maintain information security architectures (people, process, technology)
• Integrate information security requirements into contracts and activities of third parties/suppliers
• Plan, establish, and manage the capability to detect, investigate, respond to, and recover from information security incidents to minimize business impact

Target Audience:

• Security professionals with 3-5 years of front-line experience
• Information security managers or those with management responsibilities
• Information security staff, information security assurance providers who require an in-depth understanding of information security management, including: CISOs, CIOs, CSOs, privacy officers, risk managers, security auditors and compliance personnel, BCP/DR personnel, executive and operational managers responsible for assurance functions

This training is designed to support professionals in enhancing their skills and knowledge for government and organizational success.

NobleProg serves as an official ISACA COBIT ® Training Partner, offering comprehensive training programs for government. COBIT ® is a robust framework designed to support the governance and management of information and technology (I&T) within enterprises, ensuring alignment with organizational goals and objectives.

Description:

This course is designed as an intensive exam preparation for ISACA’s Certified Information Systems Auditor (CRISC) Examination. It covers the latest four domains of ISACA’s CRISC syllabus, with a strong emphasis on exam readiness. Participants will receive the Official ISACA CRISC Review Manual and the Question, Answer, and Explanation (Q&A&E) supplement. The Q&A&E is particularly valuable for helping delegates understand the style of questions posed by ISACA, the types of answers expected, and for facilitating rapid assimilation of the material.

The technical skills and practices promoted by ISACA within the CRISC certification are foundational to success in the field. Achieving the CRISC certification demonstrates a high level of expertise and commitment. With an increasing demand for professionals with risk and control knowledge, ISACA’s CRISC certification has become a preferred credential for individuals and organizations globally. The CRISC certification signifies a dedication to serving enterprises and the profession with distinction.

Objectives:

• To assist participants in passing the CRISC examination on their first attempt.
• To signify commitment to serving an enterprise with distinction through the possession of this certification.
• To enable holders of this certification to secure better positions and salaries due to the growing demand for professionals with risk and control expertise.

You will learn:

• How to help enterprises achieve their business objectives by designing, implementing, monitoring, and maintaining risk-based, efficient, and effective IS controls.
• The technical skills and practices that CRISC promotes, which are essential for success in the field.

This course is tailored to support professionals in enhancing their capabilities and meeting the rigorous standards required for government service.

Description:

Cybersecurity skills are in high demand, as threats continue to impact organizations globally. According to a survey by ISACA, a significant majority of professionals recognize the importance of these skills and plan to work in positions that require cybersecurity expertise. To address this critical need, ISACA has developed the Cybersecurity Fundamentals Certificate, which provides comprehensive education and verification of essential skills.

Objectives:

With the increasing prevalence of cybersecurity threats and a growing shortage of qualified professionals, ISACA's Cybersecurity Fundamentals Certificate program is designed to rapidly train entry-level employees. This ensures they have the necessary skills and knowledge to effectively operate in the cybersecurity domain, thereby enhancing security measures for government and other organizations.

Target Audience:

The certificate program is an ideal pathway for individuals seeking to gain foundational knowledge in cybersecurity and begin building their expertise in this vital area. It is particularly beneficial for those entering the field or looking to enhance their career prospects with a strong foundation in cybersecurity principles.

This instructor-led, live training (online or onsite) is designed for intermediate-level artificial intelligence and cybersecurity professionals who seek to understand and mitigate the unique security risks associated with AI models and systems, particularly in highly regulated sectors such as finance, data governance, and consulting for government.

By the end of this training, participants will be able to:

• Identify and comprehend various adversarial attacks targeting AI systems and the methods to counter them.
• Implement model hardening strategies to enhance the security of machine learning pipelines.
• Guarantee data security and integrity within machine learning models.
• Navigate and comply with regulatory requirements pertaining to AI security.

This instructor-led, live training (available online or on-site) is designed for beginner-level IT security, risk, and compliance professionals who wish to gain a foundational understanding of AI security concepts, threat vectors, and global frameworks such as the NIST AI Risk Management Framework and ISO/IEC 42001. By the end of this training, participants will be able to: - Understand the unique security risks associated with AI systems. - Identify potential threat vectors, including adversarial attacks, data poisoning, and model inversion. - Apply foundational governance models, such as the NIST AI Risk Management Framework for government applications. - Align the use of AI with emerging standards, compliance guidelines, and ethical principles.

In accordance with the latest OWASP GenAI Security Project guidance, participants will gain the skills to identify, assess, and mitigate AI-specific threats through practical exercises and real-world scenarios. This training is designed to enhance cybersecurity capabilities for government agencies, ensuring alignment with public sector workflows, governance, and accountability.

This instructor-led, live training in [location] (online or onsite) is designed for advanced-level professionals who aim to implement and evaluate privacy-preserving techniques such as federated learning, secure multiparty computation, homomorphic encryption, and differential privacy within real-world machine learning pipelines. By the end of this training, participants will be able to: - Understand and compare key privacy-preserving methods in machine learning. - Implement federated learning systems using open-source frameworks for government applications. - Apply differential privacy techniques to ensure safe data sharing and model training. - Utilize encryption and secure computation methods to protect both inputs and outputs of machine learning models.