Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Certified in Governance Risk Management & Compliance (CGRC) Part 2
Module 1: Risk Management & Governance
M.1.1.1 Agenda (0:49)
M.1.1.2 Introduction to Risk & Definitions (6:24)
M.1.1.3 IT Risk & IT Risk Categories (2:18)
M.1.1.4 Risk Management & Risk Management Considerations (5:40)
M.1.1.5 Risk Management Principles (3:22)
M.1.1.6 RM Framework, RM Process, RM Approach (11:15)
M.1.1.7 Risk Assessment & Risk Identification (10:49)
M.1.1.8 Risk Analysis & Risk Evaluation (6:02)
M.1.1.9 Risk Treatment (4:58)
M.1.1.10 Monitoring & Review (1:36)
M.1.1.11 Residual Risk (1:36)
M.1.1.12 NIST Cybersecurity Framework (10:12)
M.1.1.13 Cost Benefit Analysis (1:18)
M.1.1.14 Governance (2:47)
M.1.1.15 CISO & CISO's Responsibilities (1:28)
M.1.1.16 Policies, Procedures & Information Security Strategy (10:08)
M.1.1.17 Security Awareness (10:42)
M.1.1 Risk Management & Governance (PDF)
Risk Management Quiz
Test Your Learning
Module 2: Information Security Management System (ISMS)
M.2.1.1 Agenda (1:33)
M.2.1.2 Introduction to ISMS (1:55)
M.2.1.3 Need for an ISMS and its Benefits (2:32)
M.2.1.4 ISO 27001 (6:57)
M2_Section1_5_Understanding Controls (3:45)
M.2.1.6. Introduction to ISO 27001:2013 standard (2:38)
M.2.1.7 Understanding the Structure of the Standard (3:13)
M.2.1.8 ISO 27001:2013 Domains (2:31)
M.2.1.9 Overview of Controls (9:00)
M.2.1.10 Control Objective-5 (9:22)
M.2.1.11 Control Objective-6 (12:50)
M.2.1.12 Control Objective-7 (8:46)
M.2.1.13 Control Objective-8 (18:47)
M.2.1.14 Control Objective-9 (18:55)
M.2.1.15 Control Objective-10 (5:45)
M.2.1.16 Control Objective-11 (15:11)
M.2.1.17 Control Objective-12 (18:46)
M.2.1.18 Control Objective-13 (8:53)
M.2.1.19 Control Objective-14 (18:01)
M.2.1.20 Control Objective-15 (9:03)
M.2.1.21 Control Objective-16 (8:35)
M.2.1.22 Control Objective-17 (5:37)
M.2.1.23 Control Objective-18 (10:17)
M.2.1.24 Overview of ISMS implementation (6:02)
M.2.1.25 Risk Assessment & Treatment (4:35)
M.2.1.26 ISMS Documentation Review (4:13)
M.2.1.27 ISMS Training (5:06)
M.2.1.28 ISMS Documentation (4:22)
M.2.1.29 Definitions (1:12)
M.2.1.30 Audit, Certification, IAF, LI, LA (7:47)
M.2.1.31 Audit Programme (4:03)
M.2.1.32 Audit Activities (3:03)
M.2.1.33 Audit Plan & Audit Checklist (2:13)
M.2.1.34 Audit Findings & Audit Report (1:03)
M.2.1.35 Opportunity For Improvement (OFI) & Non-Conformity (NC) (0:43)
M.2.1 ISMS (PDF)
ISMS Quiz
Test Your Learning
Module 3: General Data Protection Regulation (GDPR)
M.3.1.1. Agenda (2:03)
M.3.1.2. Introduction to GDPR (3:29)
M.3.1.3. Subject Matter, Objectives, Scope (5:04)
M.3.1.4. Definitions (Part I) (4:58)
M.3.1.5. Definitions (Part II) (4:51)
M.3.1.6 GDPR Structure & Applicability (1:16)
M.3.1.7 GDPR Principles-1 (8:03)
M.3.1.8 GDPR Principles - 2 (3:40)
M.3.1.9 GDPR Principles-3 (9:03)
M.3.1.10 Data Subject Rights - 1 (7:11)
M.3.1.11 Data Subject Rights - 2 (3:24)
M.3.1.12 Data Subject Rights-3 (3:32)
M.3.1.13 Data Subject Rights-4 (4:44)
M.3.1.14 Responsibility of Controller & Data Protection by Design & Default (3:59)
M.3.1.15 Data Protection Impact Assessment (DPIA) (6:43)
M.3.1.16 Data Protection Officer (DPO) (4:20)
M.3.1.17 Codes of Conduct (2:26)
M.3.1.18 Certification (3:06)
M.3.1.19 Transfer of Personal Data to Third Country (5:23)
M.3.1.20 General Principles for Transfers (7:56)
M.3.1.21 Personal Data Beach, Liabilities & Penalties (2:43)
M.3.1.22 Steps to comply with GDPR, Documents Required for GDPR & GDPR compliance (5:54)
M.3.1 GDPR (PDF)
GDPR Quiz
Test Your Learning
Module 3, Part 2: Health Information Portability And Accountability Act (HIPAA)
M.3.2.1 Agenda (0:46)
M.3.2.2 Introduction to HIPAA (2:17)
M.3.2.3 Who is Covered by Privacy Rule? (9:33)
M.3.2.4 Protected Health Information (PHI) and Electronic Protected Health Information (ePHI) (5:12)
M.3.2.5 Difference Between Protected Health Information and Consumer Health Information (1:24)
M.3.2.6 Health Information Exchange (HIE) & eHealth exchange (4:38)
M.3.2.7 Administrative Safeguards (2:20)
M.3.2.8 Physical Safeguards (1:48)
M.3.2.9 Technical Safeguards (2:05)
M.3.2.10 HIPAA Violations (2:45)
M.3.2.11 HIPAA Dos and Don'ts (2:16)
M.3.2.12 Breach and Data Breaches (7:05)
M.3.2.13 Documentation and HIPAA Requirements (2:39)
M.3.2 HIPAA (PDF)
HIPAA Quiz
Test Your Learning
Module 4: Payment Card Security Data Security Standards (PCI DSS)
M.4.1.1 Agenda (2:28)
M.4.1.2 Introduction to PCI DSS (2:50)
M.4.1.3 Common terms related to PCI DSS (1:12)
M.4.1.4 Entities Involved in Payment Card Transactions (2:10)
M.4.1.5 Some more details about Payment Card (23:14)
M.4.1.6 Consequences of Compromised Payment Card Data (1:02)
M.4.1.7 Need and Application of PCI DSS (2:59)
M.4.1.8 Steps for Adhering to PCI DSS (0:51)
M.4.1.9 Scoping & Network Segmentation (7:09)
M.4.1.10 Compliance Requirements for PCI DSS (18:52)
M.4.1.11 Levels of PCI Compliance (2:02)
M.4.1.12 Do’s and Don’ts for Payment Card Security (6:02)
M.4.1.13 SAQ and QSA (5:09)
M.4.1.14 PA-DSS and its Requirements (16:46)
M.4.1.15 Pin Transaction Security (PTS) (1:36)
M.4.1.16 Payment Card Data Breaches and Myths (4:53)
M.4.1.17 ROC, AOC & COC (20:48)
M.4.1.18 PA QSA, QPA & ASV (3:38)
M.4.1.19 Payment Card Attacks (5:23)
M.4.1 PCI DSS (PDF)
PCI DSS Quiz
Test Your Learning
Module 5: Business Continuity Management System (BCM)
M.5.1.1 Agenda (2:00)
M.5.1.2 Introduction to BCM (5:43)
M.5.1.3 Business Continuity Planning (3:49)
M.5.1.4 Issues in BCM (1:52)
M.5.1.5 Risk Control Options (3:50)
M.5.1.6 Disaster Recovery Plan (5:20)
M.5.1.7 Maintenance of BCM Plan (3:32)
M.5.1.8 Business Impact Analysis (5:59)
M.5.1.9 Backup Sites (8:24)
M.5.1.10 Backup Considerations and Backup Types (9:25)
M.5.1.11 ISO 22301 and ISO 22301 Requirements (11:36)
M.5.1.12 Mandatory Documents of ISO 22301 and Benefits (2:34)
M.5.1 BCM (PDF)
BCM Quiz
Test Your Learning
Module 6: Information Technology Infrastructure Library (ITIL)
M.6.1.1 Agenda (1:15)
M.6.1.2 Introduction to ITIL (2:32)
M.6.1.3 ITIL History, Versions and Objectives (4:46)
M.6.1.4 Definitions-1 (8:49)
M.6.1.5 Definitions-2 (6:00)
M.6.1.6 Definitions-3 (2:15)
M.6.1.7 Service & Process (5:46)
M.6.1.8 Service Design - Service Level Management (4:06)
M.6.1.9 Service Design - Availability & Capacity Management (4:01)
M.6.1.10 Service Design - Information Security & IT Service Continuity Management (3:47)
M.6.1.11 Service Design - Supplier Management (2:18)
M.6.1.12 Service Transition - Change Management (10:06)
M.6.1.13 Service Operation - Incident & Event Management (3:47)
M.6.1.14 Service Operation - Demand & Patch Management (3:55)
M.6.1.15 Service Operation - Problem Management (2:50)
M.6.1.16 Service Operation - Request & Access Management (2:33)
M.6.1.17 Functions - Service Desk (6:11)
M.6.1.18 Functions - Technical Management (3:10)
M.6.1.19 Functions - Application Management (1:32)
M.6.1.20 Functions - IT Operation Management (6:04)
M.6.1 ITIL (PDF)
ITIL Quiz
Test Your Learning
Module 7, Part 1: IT Act
M.7.1.1 Agenda (0:31)
M.7.1.2 Introduction to Cyber Crime & Information Technology Act (5:29)
M.7.1.3 Definitions (5:37)
M.7.1.4 Offenses (4:08)
M.7.1.5 Offenses (8:18)
M.7.1.6 Case Studies (12:04)
M.7.1.7 Other Offenses (5:00)
M.7.1 IT Act (PDF)
IT ACT Quiz
Test Your Learning
Module 7, Part 2: SOX Act
M.7.2.1 Introduction to Sarbanes Oxley Act (5:28)
M.7.2.2 11 Titles of Sarbanes Oxley Act (5:29)
M.7.2.3 Sections of SOX (4:21)
M.7.2.4 Audit & Penalties (1:50)
M.7.2 SOX Act (PDF)
SOX Act Quiz
Test Your Learning
M.3.2.4 Protected Health Information (PHI) and Electronic Protected Health Information (ePHI)
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock