Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Certified in Governance Risk Management & Compliance (CGRC) Part 2
Module 1: Risk Management & Governance
M.1.1.1 Agenda (0:49)
M.1.1.2 Introduction to Risk & Definitions (6:24)
M.1.1.3 IT Risk & IT Risk Categories (2:18)
M.1.1.4 Risk Management & Risk Management Considerations (5:40)
M.1.1.5 Risk Management Principles (3:22)
M.1.1.6 RM Framework, RM Process, RM Approach (11:15)
M.1.1.7 Risk Assessment & Risk Identification (10:49)
M.1.1.8 Risk Analysis & Risk Evaluation (6:02)
M.1.1.9 Risk Treatment (4:58)
M.1.1.10 Monitoring & Review (1:36)
M.1.1.11 Residual Risk (1:36)
M.1.1.12 NIST Cybersecurity Framework (10:12)
M.1.1.13 Cost Benefit Analysis (1:18)
M.1.1.14 Governance (2:47)
M.1.1.15 CISO & CISO's Responsibilities (1:28)
M.1.1.16 Policies, Procedures & Information Security Strategy (10:08)
M.1.1.17 Security Awareness (10:42)
M.1.1 Risk Management & Governance (PDF)
Risk Management Quiz
Test Your Learning
Module 2: Information Security Management System (ISMS)
M.2.1.1 Agenda (1:33)
M.2.1.2 Introduction to ISMS (1:55)
M.2.1.3 Need for an ISMS and its Benefits (2:32)
M.2.1.4 ISO 27001 (6:57)
M2_Section1_5_Understanding Controls (3:45)
M.2.1.6. Introduction to ISO 27001:2013 standard (2:38)
M.2.1.7 Understanding the Structure of the Standard (3:13)
M.2.1.8 ISO 27001:2013 Domains (2:31)
M.2.1.9 Overview of Controls (9:00)
M.2.1.10 Control Objective-5 (9:22)
M.2.1.11 Control Objective-6 (12:50)
M.2.1.12 Control Objective-7 (8:46)
M.2.1.13 Control Objective-8 (18:47)
M.2.1.14 Control Objective-9 (18:55)
M.2.1.15 Control Objective-10 (5:45)
M.2.1.16 Control Objective-11 (15:11)
M.2.1.17 Control Objective-12 (18:46)
M.2.1.18 Control Objective-13 (8:53)
M.2.1.19 Control Objective-14 (18:01)
M.2.1.20 Control Objective-15 (9:03)
M.2.1.21 Control Objective-16 (8:35)
M.2.1.22 Control Objective-17 (5:37)
M.2.1.23 Control Objective-18 (10:17)
M.2.1.24 Overview of ISMS implementation (6:02)
M.2.1.25 Risk Assessment & Treatment (4:35)
M.2.1.26 ISMS Documentation Review (4:13)
M.2.1.27 ISMS Training (5:06)
M.2.1.28 ISMS Documentation (4:22)
M.2.1.29 Definitions (1:12)
M.2.1.30 Audit, Certification, IAF, LI, LA (7:47)
M.2.1.31 Audit Programme (4:03)
M.2.1.32 Audit Activities (3:03)
M.2.1.33 Audit Plan & Audit Checklist (2:13)
M.2.1.34 Audit Findings & Audit Report (1:03)
M.2.1.35 Opportunity For Improvement (OFI) & Non-Conformity (NC) (0:43)
M.2.1 ISMS (PDF)
ISMS Quiz
Test Your Learning
Module 3: General Data Protection Regulation (GDPR)
M.3.1.1. Agenda (2:03)
M.3.1.2. Introduction to GDPR (3:29)
M.3.1.3. Subject Matter, Objectives, Scope (5:04)
M.3.1.4. Definitions (Part I) (4:58)
M.3.1.5. Definitions (Part II) (4:51)
M.3.1.6 GDPR Structure & Applicability (1:16)
M.3.1.7 GDPR Principles-1 (8:03)
M.3.1.8 GDPR Principles - 2 (3:40)
M.3.1.9 GDPR Principles-3 (9:03)
M.3.1.10 Data Subject Rights - 1 (7:11)
M.3.1.11 Data Subject Rights - 2 (3:24)
M.3.1.12 Data Subject Rights-3 (3:32)
M.3.1.13 Data Subject Rights-4 (4:44)
M.3.1.14 Responsibility of Controller & Data Protection by Design & Default (3:59)
M.3.1.15 Data Protection Impact Assessment (DPIA) (6:43)
M.3.1.16 Data Protection Officer (DPO) (4:20)
M.3.1.17 Codes of Conduct (2:26)
M.3.1.18 Certification (3:06)
M.3.1.19 Transfer of Personal Data to Third Country (5:23)
M.3.1.20 General Principles for Transfers (7:56)
M.3.1.21 Personal Data Beach, Liabilities & Penalties (2:43)
M.3.1.22 Steps to comply with GDPR, Documents Required for GDPR & GDPR compliance (5:54)
M.3.1 GDPR (PDF)
GDPR Quiz
Test Your Learning
Module 3, Part 2: Health Information Portability And Accountability Act (HIPAA)
M.3.2.1 Agenda (0:46)
M.3.2.2 Introduction to HIPAA (2:17)
M.3.2.3 Who is Covered by Privacy Rule? (9:33)
M.3.2.4 Protected Health Information (PHI) and Electronic Protected Health Information (ePHI) (5:12)
M.3.2.5 Difference Between Protected Health Information and Consumer Health Information (1:24)
M.3.2.6 Health Information Exchange (HIE) & eHealth exchange (4:38)
M.3.2.7 Administrative Safeguards (2:20)
M.3.2.8 Physical Safeguards (1:48)
M.3.2.9 Technical Safeguards (2:05)
M.3.2.10 HIPAA Violations (2:45)
M.3.2.11 HIPAA Dos and Don'ts (2:16)
M.3.2.12 Breach and Data Breaches (7:05)
M.3.2.13 Documentation and HIPAA Requirements (2:39)
M.3.2 HIPAA (PDF)
HIPAA Quiz
Test Your Learning
Module 4: Payment Card Security Data Security Standards (PCI DSS)
M.4.1.1 Agenda (2:28)
M.4.1.2 Introduction to PCI DSS (2:50)
M.4.1.3 Common terms related to PCI DSS (1:12)
M.4.1.4 Entities Involved in Payment Card Transactions (2:10)
M.4.1.5 Some more details about Payment Card (23:14)
M.4.1.6 Consequences of Compromised Payment Card Data (1:02)
M.4.1.7 Need and Application of PCI DSS (2:59)
M.4.1.8 Steps for Adhering to PCI DSS (0:51)
M.4.1.9 Scoping & Network Segmentation (7:09)
M.4.1.10 Compliance Requirements for PCI DSS (18:52)
M.4.1.11 Levels of PCI Compliance (2:02)
M.4.1.12 Do’s and Don’ts for Payment Card Security (6:02)
M.4.1.13 SAQ and QSA (5:09)
M.4.1.14 PA-DSS and its Requirements (16:46)
M.4.1.15 Pin Transaction Security (PTS) (1:36)
M.4.1.16 Payment Card Data Breaches and Myths (4:53)
M.4.1.17 ROC, AOC & COC (20:48)
M.4.1.18 PA QSA, QPA & ASV (3:38)
M.4.1.19 Payment Card Attacks (5:23)
M.4.1 PCI DSS (PDF)
PCI DSS Quiz
Test Your Learning
Module 5: Business Continuity Management System (BCM)
M.5.1.1 Agenda (2:00)
M.5.1.2 Introduction to BCM (5:43)
M.5.1.3 Business Continuity Planning (3:49)
M.5.1.4 Issues in BCM (1:52)
M.5.1.5 Risk Control Options (3:50)
M.5.1.6 Disaster Recovery Plan (5:20)
M.5.1.7 Maintenance of BCM Plan (3:32)
M.5.1.8 Business Impact Analysis (5:59)
M.5.1.9 Backup Sites (8:24)
M.5.1.10 Backup Considerations and Backup Types (9:25)
M.5.1.11 ISO 22301 and ISO 22301 Requirements (11:36)
M.5.1.12 Mandatory Documents of ISO 22301 and Benefits (2:34)
M.5.1 BCM (PDF)
BCM Quiz
Test Your Learning
Module 6: Information Technology Infrastructure Library (ITIL)
M.6.1.1 Agenda (1:15)
M.6.1.2 Introduction to ITIL (2:32)
M.6.1.3 ITIL History, Versions and Objectives (4:46)
M.6.1.4 Definitions-1 (8:49)
M.6.1.5 Definitions-2 (6:00)
M.6.1.6 Definitions-3 (2:15)
M.6.1.7 Service & Process (5:46)
M.6.1.8 Service Design - Service Level Management (4:06)
M.6.1.9 Service Design - Availability & Capacity Management (4:01)
M.6.1.10 Service Design - Information Security & IT Service Continuity Management (3:47)
M.6.1.11 Service Design - Supplier Management (2:18)
M.6.1.12 Service Transition - Change Management (10:06)
M.6.1.13 Service Operation - Incident & Event Management (3:47)
M.6.1.14 Service Operation - Demand & Patch Management (3:55)
M.6.1.15 Service Operation - Problem Management (2:50)
M.6.1.16 Service Operation - Request & Access Management (2:33)
M.6.1.17 Functions - Service Desk (6:11)
M.6.1.18 Functions - Technical Management (3:10)
M.6.1.19 Functions - Application Management (1:32)
M.6.1.20 Functions - IT Operation Management (6:04)
M.6.1 ITIL (PDF)
ITIL Quiz
Test Your Learning
Module 7, Part 1: IT Act
M.7.1.1 Agenda (0:31)
M.7.1.2 Introduction to Cyber Crime & Information Technology Act (5:29)
M.7.1.3 Definitions (5:37)
M.7.1.4 Offenses (4:08)
M.7.1.5 Offenses (8:18)
M.7.1.6 Case Studies (12:04)
M.7.1.7 Other Offenses (5:00)
M.7.1 IT Act (PDF)
IT ACT Quiz
Test Your Learning
Module 7, Part 2: SOX Act
M.7.2.1 Introduction to Sarbanes Oxley Act (5:28)
M.7.2.2 11 Titles of Sarbanes Oxley Act (5:29)
M.7.2.3 Sections of SOX (4:21)
M.7.2.4 Audit & Penalties (1:50)
M.7.2 SOX Act (PDF)
SOX Act Quiz
Test Your Learning
M.2.1.6. Introduction to ISO 27001:2013 standard
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock