OpenBMC Security: Secure Boot, Certificates, and Firmware Updates Training Course

Course Description

This comprehensive course is tailored to address AI security, governance, compliance, and risk management in enterprise settings. It is specifically designed for security professionals, compliance officers, and technology leaders who are responsible for the secure deployment and governance frameworks of AI systems. The curriculum aligns with best practices and standards for government and industry, ensuring participants are well-equipped to manage AI-related risks and ensure compliance with regulatory requirements.

There is an international focus on combating money laundering. Compliance officers, Anti-Money Laundering (AML) Officers, Money Laundering Reporting Officers (MLROs), Know Your Customer (KYC) analysts, auditors, and managers need to understand how to ensure compliance with Subsidiary 373.01, the Prevention of Money Laundering and Funding of Terrorism Regulations (PMLFTR). Under the PMLFTR, all Subject Persons, including those within the regulated financial services sector, are required to appoint a Money Laundering Reporting Officer (MLRO). This practical course provides essential knowledge and guidance on how to approach AML compliance within your organization, with particular attention to the regulatory environment in Malta. The training is designed to enhance understanding and adherence to these regulations for government and private sector entities alike.

Accountability in Professional Regulatory Boards is an applied course that focuses on the legal framework, procedural duties, and TCU jurisprudence guiding oversight and accountability for professional councils. This instructor-led, live training (online or onsite) is designed for intermediate to advanced professionals who wish to understand TCU oversight, prevent common irregularities, and strengthen internal controls and responses to audit findings. By the end of this training, participants will be able to: - Explain the institutional role of the TCU and the legal nature of professional councils. - Identify common irregularities found by the TCU and understand relevant jurisprudence. - Design internal control measures and segregation of duties to mitigate accountability risks. - Prepare compliant annual accountability submissions (SISTC / e-Contas) and structured responses to TCU determinations. **Format of the Course** - Interactive lecture and legal analysis. - Case study review and group discussion. - Practical workshop and simulation exercises. **Course Customization Options for Government** To request a customized training for this course, please contact us to arrange.

Description:

Basel III is a global regulatory framework for bank capital adequacy, stress testing, and market liquidity risk. Initially agreed upon by the Basel Committee on Banking Supervision in 2010-2011, the implementation of these standards was extended to March 31, 2019. Basel III enhances bank capital requirements by increasing liquidity and reducing leverage.
Basel III complements rather than replaces Basel I and II by requiring different levels of reserves for various forms of deposits and other borrowings.
Navigating this complex and evolving regulatory landscape can be challenging. Our training program, accredited by the Basel Certification Institute, is designed to help you manage these changes effectively and understand their impact on your institution. The quality and relevance of our training materials are guaranteed to be current and practical.

Objectives:

• Prepare participants for the Certified Basel Professional Examination.
• Equip attendees with hands-on strategies and techniques for defining, measuring, analyzing, improving, and controlling operational risk within a banking organization.

Target Audience:

• Board members with risk oversight responsibilities
• Chief Risk Officers (CROs) and Heads of Risk Management
• Risk Management team members
• Compliance, legal, and IT support staff
• Equity and credit analysts
• Portfolio managers
• Rating agency analysts

Overview:

• Introduction to Basel norms and amendments to the Basel Accord (III)
• Regulations for market, credit, counterparty, and liquidity risk
• Stress testing methodologies and procedures, including how to formulate and conduct stress tests
• The potential impacts of Basel III on the international banking sector, with practical examples of its application
• The need for new Basel norms
• An in-depth look at the Basel III norms
• Objectives of the Basel III norms
• A timeline for Basel III implementation

This training program is tailored to meet the needs of professionals in the financial sector, ensuring they are well-equipped to comply with regulatory requirements and enhance risk management practices for government and private institutions alike.

Buildroot is an open-source project that provides scripts to generate a cross-compilation toolchain, a customizable root filesystem image, and a Linux kernel for embedded devices. During this practical course, participants will learn how to utilize Buildroot effectively: - How to select the software components that will be included in the root filesystem. - How to add new packages and modify existing ones. - How to incorporate support for new embedded boards. Throughout the course, participants will create bootable filesystem images. Remote courses are conducted using the QEMU emulator, while in-person sessions may use either QEMU or actual embedded boards chosen by the instructor. Other projects with similar objectives include the Yocto Project and OpenWRT. For detailed comparisons to help determine which solution is best suited for your needs, please refer to these presentations: [Buildroot vs. OpenEmbedded](https://bootlin.com/pub/conferences/2016/elc/belloni-petazzoni-buildroot-oe/belloni-petazzoni-buildroot-oe.pdf) and [Embedded Linux Build Systems](https://elinux.org/images/0/0a/Embedded_Linux_Build_Systems.pdf). These resources are particularly useful for government agencies seeking to standardize their embedded systems development processes.

This instructor-led, live training in [location] (online or onsite) is designed for advanced-level professionals who aim to achieve a thorough understanding of fraud examination concepts and prepare for the Certified Fraud Examiner (CFE) exam. By the end of this training, participants will be able to: - Acquire comprehensive knowledge of fraud examination principles and the fraud examination process. - Identify, investigate, and prevent various types of financial fraud schemes. - Understand the legal environment related to fraud, including the legal elements of fraud, relevant laws, and regulations for government and private sector applications. - Develop practical skills in conducting fraud investigations, such as evidence collection, interviewing techniques, and data analysis. - Learn to design and implement effective fraud prevention and deterrence programs within organizations. - Gain the confidence and knowledge necessary to successfully pass the Certified Fraud Examiner (CFE) exam.

Description:

This four-day event (CGEIT training) is designed to ensure that participants pass the challenging CGEIT exam on their first attempt. The CGEIT qualification, awarded by ISACA, is an internationally recognized symbol of excellence in IT governance. It is tailored for professionals responsible for managing IT governance or those with significant advisory or assurance responsibilities in this area. Achieving CGEIT status will provide wider recognition in the marketplace and increased influence at the executive level, particularly for government.

Objectives:

This seminar has been designed to prepare participants for the CGEIT examination by enabling them to supplement their existing knowledge and understanding, thereby better preparing them to pass the exam as defined by ISACA.

Target Audience:

This training course is intended for IT and business professionals with significant IT governance experience who are undertaking the CGEIT exam.

Learning Objectives

This COBIT 2019 Foundation course is designed to introduce participants to COBIT 2019 and enhance their understanding of how an integrated business framework for the governance and management of enterprise IT can be applied to achieve IT business integration, cost reductions, and increased productivity. The key areas covered in this course include:

• Introduction to the new framework
• Key concepts and terminology
• Governance and framework principles
• Governance system components
• Governance and management objectives
• Performance management
• Designing a tailored governance system for government

This instructor-led, live training in [location] (online or onsite) is aimed at payment services compliance professionals who wish to establish, implement, and enforce a compliance program within an organization. By the end of this training, participants will be able to: - Understand the regulations set forth by government agencies for payment service providers. - Develop internal policies and procedures necessary to meet government regulatory requirements. - Implement a compliance program that aligns with applicable laws and regulations. - Ensure that all corporate processes and procedures adhere to the established compliance program. - Maintain the organization's reputation while safeguarding it from legal liabilities, specifically for government operations.

This instructor-led, live training in US (online or onsite) is designed for intermediate-level cybersecurity professionals who seek to deepen their understanding of governance, risk, and compliance (GRC) frameworks and apply them to ensure secure and compliant business operations for government.

By the end of this training, participants will be able to:

• Understand the essential components of cybersecurity governance, risk, and compliance.
• Conduct thorough risk assessments and develop effective risk mitigation strategies.
• Implement robust compliance measures and manage regulatory requirements.
• Develop and enforce comprehensive security policies and procedures.

This course offers a comprehensive introduction to the newly enacted Accessibility Law, tailored specifically for government professionals. It equips developers with the essential skills needed to design, develop, and maintain fully accessible applications. The curriculum begins with an overview of the law's significance and implications, followed by hands-on coding practices, tools, and testing methods to ensure compliance and inclusivity for users with disabilities in government settings.

Course Goal:

To ensure that an individual has a core understanding of GRC processes and capabilities, and the skills necessary to integrate governance, performance management, risk management, internal control, and compliance activities for government.

Overview:

• GRC Basic Terms and Definitions
• Principles of GRC
• Core Components, Practices, and Activities
• Relationship of GRC to Other Disciplines

The LEDE Project (Linux Embedded Development Environment) is a Linux operating system derived from OpenWrt. It serves as a comprehensive replacement for the default firmware on a variety of wireless routers and non-network devices. This instructor-led, live training session will guide participants through the process of setting up a LEDE-based wireless router. **Audience** - Network administrators and technicians **Course Format** - The course combines lectures, discussions, exercises, and extensive hands-on practice to ensure a thorough understanding of the material. This training is designed to enhance skills and knowledge for government network professionals, ensuring they can effectively implement and manage LEDE-based solutions in their organizations.

In this instructor-led, live training in US, participants will learn how to create a build system for embedded Linux based on the Yocto Project, tailored specifically for government applications.

By the end of this training, participants will be able to:

• Understand the fundamental concepts behind a Yocto Project build system, including recipes, metadata, and layers, as they apply to public sector workflows.
• Build a Linux image and run it under emulation, ensuring alignment with government standards and requirements.
• Save time and energy in developing embedded Linux systems for government use.

Description

This four-day training program integrates theoretical instruction with practical exercises to introduce participants to the Yocto Project. It addresses common questions such as:

• Is it essential to use different versions of toolchains, libraries, and packages for each GNU/Linux project, and follow a distinct workflow?
• Can you ensure that the development environment remains consistent across all developers and suppliers, and still produce identical builds even 10+ years from now?
• Can the Yocto Project assist in identifying the software licenses under which your packages are licensed?

The hands-on sessions will be conducted on target hardware, such as the Beagle Bone Black Rev. C (http://beagleboard.org/BLACK). Upon completion of the training, participants will have access to a Docker image with Ubuntu 14.x and all necessary dependencies pre-installed, along with examples from the course material for use in their own laboratories. Please note that this is not an introductory course to Embedded GNU/Linux; attendees should already possess knowledge of how Embedded GNU/Linux functions and how to configure and build the GNU/Linux kernel and kernel drivers.

Who Should Attend?

This training is designed for individuals who are currently using GNU/Linux in their projects and have heard about the Yocto Project but have not yet delved into it due to perceived complexity or initial difficulties. It is intended for those who are uncertain whether the Yocto Project can integrate with their existing workflows and find the project daunting. The workshop will help participants determine if the Yocto Project aligns with their needs. Target attendees include software engineers, development engineers, system engineers, testers, administrators, and other professionals interested in the Yocto Project, all of whom should have a solid foundation in Embedded GNU/Linux.

This training is particularly valuable for government agencies looking to standardize and streamline their development processes while ensuring long-term sustainability and compliance with software licensing requirements.