Richard Staton (Chair of Examiners for GCSE History) will take you through our key resources to help you plan, teach and assess our new GCSE History specification. In this 75 minute briefing, he'll cover the schemes of work, guidance on the Historic Environment, our guide to assessment and more.Read more >
Module 3 in the CSA STAR Series
While the Cloud Security Alliance’s (CSA) STAR Certification has certainly raised the bar for cloud providers, any audit is still a snapshot of a point in time. What goes on between audits can still be a blind spot.
To provide greater visibility, the CSA developed the Cloud Trust Protocol (CTP), an industry initiative which will enable real time monitoring of a CSP’s security properties, as well as providing continuous transparency of services and comparability between services on core security properties. This process is now being contributed to by BSI and other industry leaders.
CTP forms part of the Governance, Risk, and Compliance stack and the Open Certification Framework as the continuous monitoring component, complementing point-in-time assessments provided by STAR certification and STAR attestation.
Join us as we discuss:
The concepts behind different evolving approaches to continuous monitoring, the next step in increasing transparency in the cloud.
Open source software and code has become common place in application development, as have the use of vulnerability assessment tools. After all, no one wants to be the victim of the next Heartbleed, Poodle or Logjam. But vulnerability assessment tools, while helpful, have blind spots. How can you ensure that you are protecting your networks and applications from newly disclosed vulnerabilities? Join Black Duck Software and (ISC)2 on March 22nd, 2016 at 1:00PM Eastern for a discussion on VA Tools, Open Source Assets and secure application development.Read more >
You’ve invested in firewalls and endpoint protection. You’ve optimized and tweaked. Your content filters and AV are updated. Your email is locked down and you’re ready for whatever attackers might throw your way. Right? That’s what the targets of many of the recent headline-grabbing breaches would have said too.
Every organization can use an extra set of eyes – Audits should be a regular part of any security plan, but they can be expensive and time consuming. Enter the Fortinet Cyber Threat Assessment, a free evaluation of your existing security infrastructure that helps you:
•Evaluate potential security risks from the edge to the endpoint and everywhere in between
•Determine areas where security infrastructure is compromising performance and how to eliminate bottlenecks while still protecting your network
•Find often overlooked vulnerabilities and learn about risks both within and outside your organization.
Assessing your HR function can be a painful and time draining task... but it doesn’t have to be. You may spend countless hours focused on compliance and at the end of the day – what have you really learned? The key to a productive assessment is to outline meaningful goals and communicate your expected deliverables to leadership. The assessment process can be used to create internal relationships and move your HR career forward. Our customized process will align the assessment with your strategic goals allowing you to create meaningful new initiatives on the findings. Creation of action plans that address the concerns of top stakeholders is critical to a successful program, as is selling the initiatives within the organization.
Partcipants will walk away being able too…
*Understand the value of an HR assessment
*Align the assessment with organizational strategic plan
*Build internal bridges with other leaders in the organization
*Create action plans to ensure the assessment has internal value
*Deal with compliance issues uncovered during the assessment
Learn our 7 key steps to making the HR assessment a success and use it to enhace the HR leadership position within your own organization.
Our webinar has been specifically designed in response to the feedback that you’ve provided to us and the questions that our customer support team receive. Progressing through a new specification can be challenging so log in to our webinar to get the answers to your questions.Read more >
This year has brought profound changes to the security landscape, especially in the area of Distributed Denial of Service (DDoS) attacks. Aside from the traditional saturation objectives of such assaults, DDoS attacks are increasingly used as cyber “smokescreens” to mask more intrusive and more destructive penetration operations. Join Neustar and media leader, Cox Communications, in a forward-looking discussion on what you should consider to safeguard your business in 2015.
During this session, you’ll hear about:
• 2014 security trends and lessons
• 2015 DDoS threat assessments
• Real-world approaches to help keep you safe
Lee Smith (Dee Smith & Associates) and David Cuthbertson (SMS) will cover their approach and methods of assessing existing data centre facilities and management processes. Rapid changes in both IT and data centre technologies often mean that facilities and management techniques fail to evolve fast enough, with the data centre potentially being the weak link in the delivery chain of all IT services. Achieving a baseline through an assessment is critical for any improvement or transformation activity - but is not so easy to do in practice.Read more >
Jared Pfost gives an overview of our Assessment Manager.Read more >
Bill Wildprett shows us how to conduct a HIPAA/HITECH risk assessment using Caliber Security's Security Process Management Suite (SPM).Read more >
With multiple mandates, constantly changing IT environments and a vast and evolving threat landscape—maintaining compliance requires measurable and enforceable controls. Now you can reduce risk and continuously comply with internal policies and external regulations.
Join us for this webcast to learn how a comprehensive and automated controls assessment can help you quickly and easily demonstrate due diligence about securing your IT assets through:
• System-hardening controls—selecting host and app settings to check for each policy
• Deep assessment—automatically scanning and analyzing your entire network
Today’s workforce embraces the idea that with mobile technology, we can work anywhere. Risk and compliance professionals are challenged to complete assessments that require location or site-specific information. Physical security, facility site and self-assessments require them to collect data and evidence while they are away from their desks, and organizations are turning to mobile to help them accomplish these tasks more efficiently.
During this webcast, you will learn how to develop and implement a mobile strategy for your GRC assessments to more efficiently capture risk and compliance assessment information on-site. By transforming time-consuming operational chores into efficient, value-added processes, you can significantly reduce potential data entry errors and delays in sharing this critical risk data.
Join us to learn more about:
• Considerations for determining what GRC use cases are best suited for the mobile environment
• How customers are utilizing RSA Archer GRC Mobile
• Using RSA Archer GRC Mobile to conduct audit, risk and compliance assessments via a product demonstration
Corporate data volumes are exploding exponentially, but legal budgets and court imposed deadlines are not keeping pace. It doesn't take Sherlock Holmes to recognize that reducing your time to knowledge can yield big dividends in cost containment and risk mitigation.
We can help you to see the bigger picture and better prepare for strategic project management, meaningful discovery negotiations, and informed proportionality arguments.
Our webinar will show you how you can use common investigative techniques to:
- Perform timeline and gap analysis
- Identify anomalies and trends
- Reduce the noise quickly and efficiently
- Find connections.
This webinar will review minimum EPA requirements and best practice for assessment and reporting on the integrity of retaining structures such as bunds (tank bunds, pallet bunds, bunded drum storage, etc..) and effluent pipelines and identify common areas where improvements can be made. The EPA would also welcome questions as part of this webinar and time will be allowed at the end of the webinar for this.Read more >
Internal auditors are increasingly under pressure to provide value and meet the needs of key stakeholders. Join us for a complimentary Protiviti webinar to address:
• Requirements of IIA Standards for Quality Assessment & Improvement Program
• Changes to the IIA QAR Manual
• Innovative Internal Audit Practices
• Improvement opportunities and emerging trends
CPE will be provided to qualifying attendees
In this two hour briefing Richard Staton, Chair of Examiners for GCSE History, will explain the assessment details for our newly accredited GCSE History specification. He’ll talk you through our approach to question setting and mark schemes. You’ll also have the opportunity to learn more about our forthcoming support and post questions.Read more >
Key Learning Objectives
- Get an introduction to Six Sigma metrics
- Learn what Six Sigma metrics are and how can they help the laboratory
- See how laboratory tests perform on a Six Sigma scale
- Learn about assessment tools for quality control strategy
All regulatory requirements (HIPAA, PCI, etc.) include a mandate for assessing vulnerabilities in systems that manage or store sensitive data. Organizations often opt to conduct vulnerability assessments on an annual, quarterly, or even monthly basis. But while vulnerability assessment tools can identify unpatched or misconfigured code bases, these tools overlook a large portion of an organization’s attack surface: known vulnerabilities in applications that are built in-house. These applications will not have public updates, nor will the thousands of open source components they utilize be included in public disclosures. This is concerning because over 6,000 vulnerabilities in open source projects have been reported since 2014. Register for this webinar to discover how to protect yourself.Read more >
Risk assessments are a critical activity for the organization to perform to prioritize the areas that should be reviewed. In the absence of an IT audit risk assessment, are critical IT components and process areas supporting the business being reviewed sufficiently?
Join us for this webinar to:
• Understand how an IT audit risk assessment fits into an organization’s overall internal audit activities
• Obtain a perspective on how an IT audit risk assessment can be used to develop an IT audit plan
• Take away ideas and concepts that you can use to improve an existing IT audit risk assessment process
CPE will be provided to qualifying participants.