Security & Risk Management

ISO 27001, ISO 27701, ISO 27005, ISO 27032, Lead Cloud Security Manager, GDPR, ISO 31000, CRISC, CISM, CISSP, SABSA

and also, ISO/IEC 27002 Information Security Controls, PECB Chief Information Security Officer, Cybersecurity Management, Ethical Hacking, Penetration Testing, SCADA, Computer Forensics, ISO/IEC 27033 Network Security, Cybersecurity Maturity Model Certification (CMMC), NIS 2 Directive, Risk Assessment Methods, Operational Risk Management in Financial Institutions

We also deliver all our courses online through live interactive video sessions. Discover our Certifying Training Options.

We have advised more than 400 companies and trained over 1500 professionals. Will you be next?

ACTAGIS delivers trainings at University of Paris I: Panthéon-Sorbonne

Training the new generation in Cybersecurity, IT Governance, Business Continuity and Quality Management is our passionate commitment. Our Lead Trainer Jeff Primus, with 14 years of experience at University of Paris I: Panthéon-Sorbonne, contributes to the development of future leaders and innovators. At ACTAGIS, we value this contribution and are committed to continuing with excellence and integrity.

Course dates can be based on your requirements. Please contact us for the corresponding in-house or public session trainings, so that we can propose sessions taking into account your availability.

ACTAGIS, as the official and exclusive partner of the ISACA Swiss Chapter in the French part of Switzerland, proposes learning and preparation classes for all ISACA certifications (also worldwide for in-house training).

ACTAGIS, as an official PECB training partner proposes in Switzerland, Europe and Asia Minor, learning and preparation classes for all PECB certifications.

Analysis

Embark on a comprehensive journey in cybersecurity and industrial control systems with our courses. Master Computer Forensics for digital evidence, become an Ethical Hacker to fortify organizations, delve into Penetration Testing for robust security, and specialize as a SCADA Security Manager for industrial oversight. Our programs empower professionals with essential skills, ethical principles, and cutting-edge knowledge, positioning you as a leader in cybersecurity and technological defense. Elevate your expertise and innovate in the digital realm with our transformative courses.

Computer Forensics

Lead Forensics Examiner

What is Computer Forensics?

Computer Forensics, also known as Cyber Forensics refers to the analysis of information in the computer systems, with the objective of finding any digital evidence that can be used for legal proceedings, but also to discover the cause of an incident. Computer forensics is the process of extracting data and information from computer systems to function as digital evidence for civic purposes, or in most cases to prove and legally impeach cybercrime.

The purpose of computer forensics is to provide forensic practices, legal processes, and ethical principles to assure reliable and detailed digital evidence that can be used for the courtroom needs. The objective of computer forensics is to guarantee a well-structured investigation and a follow-up of processes in order to resolve incidents and malfunctions in an organization. 

Ethical Hacking

What is Ethical Hacking?

Ethical Hackers are also known as White Hat Hackers because they use their expertise in hacking in order to improve the security of organizations by decreasing the number of vulnerabilities and security breaches. With the increase of the number of cyber-attacks, the global demand for ethical hacking services is constantly increasing as well. Globally known organizations chose to include ethical hacking in their security strategies, increasing the demand for Ethical Hackers across various industries. Moreover, experienced Ethical Hackers earn higher salaries than other professionals.

Penetration Testing

Penetration Testing Professional

What is Penetration Testing?

A penetration test is a practice of assessing the security of an IT infrastructure by securely trying to exploit vulnerabilities that may exist in operating systems, inappropriate configurations, application errors, or end-user behavior. The penetration testing is an attempt to test the efficiency of security measures and discover any potential exploits or backdoors that may be present in computer systems; which hackers and cyber criminals can gain unauthorized access or conduct malicious activities. In addition, penetration testing is an advanced tool to detect, analyze and set protective constraints to the IT infrastructure, in order to reduce remediation of financial losses against malicious activities.      

SCADA

SCADA Security Manager

What is a SCADA system?

SCADA – Supervisory Control and Data Acquisition is an industrial system framework that includes both hardware and software architecture to control, monitor and analyze an industrial process. SCADA is an application software that enables managers, engineers, and industry operators, to supervise and communicate effectively with the working environment.

As an application software, SCADA is designed to assist industry experts in maintaining and improving industrial processes. Hence, the objective of SCADA is to collect real-time data, and store, process and generate reports for the complex industrial processes.

Cybersecurity

Embark on a cybersecurity journey with three essential courses. Learn to lead as a Cybersecurity Manager, master the Cybersecurity Maturity Model Certification (CMMC), and explore ISO/IEC 27032 for comprehensive cyberspace security. Equip yourself with the skills to safeguard critical systems, protect sensitive information, and navigate the evolving cybersecurity landscape. Elevate your expertise with our transformative programs and stay ahead in the field of cybersecurity.

Cybersecurity Management

Lead Cybersecurity Manager

What Is Cybersecurity? 

Cybersecurity refers to a set of practices established to protect critical systems, networks, devices, programs, and data. Cybersecurity involves implementing measures and techniques aiming to ensure the confidentiality, integrity, and availability of information and resources in cyberspace. It encompasses a range of strategies and practices focused on safeguarding information technology systems from cyber threats, such as phishing, scams, cyberattacks, hacking, and other malicious activities. 

A comprehensive cybersecurity management program is crucial for organizations to protect their digital assets and sensitive information, and ensure business continuity in the event of a security breach. By implementing robust cybersecurity measures, organizations can proactively mitigate risks and effectively respond to cybersecurity incidents. 

Cybersecurity Maturity Model Certification

CMMC Certified Professional

What is CMMC?

The Cybersecurity Maturity Model Certification (CMMC) framework is a verification mechanism designed to measure the organizations’ maturity regarding the protection of unclassified information such as Federal Contract Information (FCI) and Controlled Unclassified Information (CUI). CMMC is a new set of cybersecurity standards that encompasses various cybersecurity standards, references, and other best practices. It comprises a number of processes and practices which are mapped across five cumulative certification levels. 

The CMMC model is developed and managed by the Department of Defense (DoD) and is considered to be the DoD’s response to potential compromises of sensitive information that resides on Defense Industrial Base (DIB) systems and networks. CMMC Accreditation Body (AB), on the other hand, is the sole authoritative source for the operationalization of CMMC assessments and training.

Cybersecurity

The term ISO/IEC 27032 refers to ‘Cybersecurity’ or ‘Cyberspace security,’ which is defined as the protection of privacy, integrity, and accessibility of data information in the Cyberspace. Therefore, Cyberspace is acknowledged as an interaction of persons, software and worldwide technological services.

The international standard ISO/IEC 27032 is intended to emphasize the role of different securities in the Cyberspace, regarding information security, network and internet security, and critical information infrastructure protection (CIIP). ISO/IEC 27032 as an international standard provides a policy framework to address the establishment of trustworthiness, collaboration, exchange of information, and technical guidance for system integration between stakeholders in the cyberspace.

Governance

Embark on excellence in IS management and governance with our CISM and CRISC courses. CISM, globally recognized, focuses on five domains, 37 tasks, and 60 knowledge statements, integrating COBIT processes. CRISC, renowned for risk management, covers five domains, 39 tasks, and 71 knowledge statements aligned with COBIT. Both courses, organized by ACTAGIS with the Swiss Chapter of ISACA, ensure a high industry standard. Elevate your expertise, prepare for exams, and lead in IS management and governance.

IS security and governance

CISM is the only globally recognized certification in the fields of IS management and governance. It has earned a great reputation internationally for many years, as it sets a high and consistent standard worldwide. 

The CISM Job Practice Area consists of five “domains”, 37 “tasks” and 60 “knowledge statements”. Because the different tasks refer to the relevant COBIT processes, COBIT is an integral part of the CISM training and certification.

This training is organized by ACTAGIS SA in collaboration with Swiss Chapter of ISACA (www.isaca.ch).

Risk management

CRISC is the only globally recognized certification in the fields of IS management and governance. It has earned a great reputation internationally for many years, as it sets a high and consistent standard worldwide.

The CRISC Job Practice Area consists of five “domains”, 39 “tasks” and 71 “knowledge statements”. Because the different tasks refer to the relevant COBIT processes, COBIT is an integral part of the CRISC training and certification.

This training is organized by ACTAGIS in collaboration with Swiss Chapter of ISACA (www.isaca.ch).

Privacy

Master data protection with our courses. The GDPR program equips you to lead implementation and compliance, delving into its requirements. Explore our ISO 27701 courses for Privacy Information Management. Whether as a Lead Implementer mastering PIMS implementation or a Lead Auditor excelling in PIMS audits, these courses empower global professionals in privacy information management. Elevate your skills, navigate data protection complexities, and become a leader in privacy management. Explore our transformative courses for comprehensive learning.

Data Protection

Obtain all the competences and knowledge necessary to lead all the processes for implementing and complying with the requirements of the General Data Protection Regulation (GDPR) in an organization.

Privacy information management

Privacy information management is definitely a very important issue that concerns all professionals around the world.
Lead Implementer: Master the implementation and management of Privacy Information Management
System (PIMS)
Lead Auditor: Master the Audit of Privacy Information Management System (PIMS)

Risk Management

Master risk management with our courses. ISO 27005 focuses on information security risk management, while Operational Risk Management in Financial Institutions offers three certification levels. Learn effective risk assessment methods—OCTAVE, EBIOS, and MEHARI—to identify and assess risks in your organization. Elevate your skills with our comprehensive courses.

Risk Management

Organizations are required to assess the security risks associated with their information systems as a prelude to treating them in various ways.

Our information security risk management training courses will help you learn how to deal with the highest risks in your information security management system.

Operational Risk Management in Financial Institutions

What is an Operational Risk Management (ORM) in Financial Institutions Certification?

An ORM in Financial Institutions certification demonstrates that operational risk managers have acquired the necessary competencies to exercise their function effectively. There are three levels of certification: Foundation, Manager, and Lead Manager. The content of these training courses cover various published sources, field standards, general market practices, as well as findings from recent research. Each level of certification provides a comprehensive view of ORM standards and theory and elaborates the best practices of the field. 

Risk Assessment Methods

What are Risk Assessment Methods?

Understanding how to effectively assess risk may be a challenge for many industries. The risk assessment methods: OCTAVE, EBIOS, and MEHARI, will provide you with the sufficient knowledge on how to successfully identify and assess risk in your organization.

OCTAVE – Operationally Critical Threat, Asset, and Vulnerability Evaluation were developed by the Computer Emergency Response Team (CERT), and it was funded by the US Department of Defense. This risk assessment tool is used to help prepare organizations for security strategic assessments and planning for their information.

EBIOS – Expression des Besoins et Identification des Objectifs de Sécurité, was developed by the French Central Information Systems Security Division. The goal of this risk assessment tool is to assess and treat risks with an IS, which would result in assisting the management decision-making, and guide stakeholders to find a mutual set of discussions.

MEHARI – Methode Harmonisee d’Analyse de Risques, was developed by CLUSIF, a non-profit Information Security organization. The goal of this risk assessment tool is to mostly to provide guidelines for ISO/IEC 27005 Implementation and analyze scenario-based risks landscapes for short-long term security management.

Security

Elevate your expertise with our comprehensive security courses. Begin with CISM, the globally recognized standard in IS management and governance. Dive into CISSP for information systems security and ISO 27001 for information security implementation. Explore ISO/IEC 27002, ISO/IEC 27033, ISO 31000, and Lead Cloud Security Manager for risk management strategies. Navigate NIS 2 Directive for EU-wide cybersecurity compliance. PECB Chief Information Security Officer covers a broad spectrum of information security principles. Conclude with SABSA, a 5-day course combining “Foundation” and “Architecture” modules for a deep dive into security architecture framework. Enrich your skills, navigate complexities, and excel with our transformative courses.

IS security and governance

CISM is the only globally recognized certification in the fields of IS management and governance. It has earned a great reputation internationally for many years, as it sets a high and consistent standard worldwide. 

The CISM Job Practice Area consists of five “domains”, 37 “tasks” and 60 “knowledge statements”. Because the different tasks refer to the relevant COBIT processes, COBIT is an integral part of the CISM training and certification.

This training is organized by ACTAGIS SA in collaboration with Swiss Chapter of ISACA (www.isaca.ch).

Information Systems Security

This 5-day training is composed of theory modules covering the 8 CISSP domains which were updated in April 2015, interlaced with exam questions, offering the participant an optimal preparation for the certification exam.

Information Security

Information Security is definitely one of the most important issues that concern all professionals around the world.
Lead Implementer: Mastering the implementation and management of an Information Security Management System (ISMS)
Lead Auditor: Mastering the audit of an Information Security Management System (ISMS)

ISO/IEC 27002 Information Security Controls

ISO/IEC 27002 Lead Manager
ISO/IEC 27002 Manager

What Is ISO/IEC 27002?

ISO/IEC 27002 is an international standard that provides guidelines for selecting and implementing information security controls and for implementing information security standards and practices. It is applicable to organizations of all industries or sizes. ISO/IEC 27002 can be used to develop information security management guidelines tailored to the specific context of an organization.

Originally published in 2005 and then updated in 2013, ISO/IEC 27002 was again revised and published in 2022. This new version provides a list of information security controls generally practiced in the information security industry, along with guidelines for their implementation. ISO/IEC 27002 provides four categories of information security controls: organizational (clause 5), people (clause 6), physical (clause 7), and technological (clause 8).

ISO/IEC 27033 Lead Network Security

PECB Certified ISO/IEC 27033 Lead Network Security Manager

Network Security

Network security protects the network infrastructure and ensures confidentiality, integrity, and availability.

This training course is focused on developing the necessary knowledge to support an organization in effectively planning, implementing, managing, monitoring, and maintaining network security. It provides a comprehensive elaboration of the structure of the ISO/IEC 27033 series of standards, including network security overview and concepts, guidelines for the design and implementation of network security, and reference networking scenarios to securing the communication between networks using security gateways, VPNs, and wireless IP network access. 

Risk Management

Risk Management plays a vital role in an organization’s performance. Companies increasingly focus on identifying risks and managing them before they affect their business.

Our risk management training courses will help you learn how to deal with the highest risks in your information security management system.

What is Cloud Security?

Cloud security is a set of strategies and practices used to secure cloud environments, applications, and data. Cloud security ensures the preservation of confidentiality, integrity, availability, and privacy of information hosted in a private, public, community, or hybrid cloud deployment model. It provides multiple levels of security controls in the cloud infrastructure that ensure data protection and business continuity.

As the use of cloud computing grows constantly, so does the need to ensure cloud security. Data breaches and other forms of attacks happen mainly as a result of poor security practices, complicated controls, and misconfigurations. This makes cloud security essential to the effective operation of cloud services.

Organizations adopting cloud technology must ensure that the level of security of their cloud systems meets their requirements and complies with the applicable laws and regulations.

NIS 2 Directive

NIS 2 Directive Lead Implementer

What Is the NIS 2 Directive?

Effective January 16, 2023, the NIS 2 Directive (otherwise known as the Directive (EU) 2022/2555) has been established to enhance the security of network and information systems across the European Union. This directive specifically targets critical infrastructure operators and essential service providers, mandating the implementation of robust cybersecurity measures and the prompt reporting of incidents to relevant authorities. 

The scope of the NIS 2 Directive is broader, encompassing a wider range of organizations and sectors, while simultaneously strengthening security requirements, simplifying reporting obligations, and imposing more stringent measures and penalties. By adhering to the requirements outlined in the NIS 2 Directive, organizations can enhance their cybersecurity defenses, safeguard critical assets, and actively contribute to building a secure digital environment within the European Union.

PECB Chief Information Security Officer

What is Information Security? 

Information security refers to the processes and controls intended to protect information, whether it is electronic or physical. It determines what information needs to be protected, why should it be protected, how to protect it, and what to protect it from.

Information security covers many areas, including network security, application security, physical security, incident response, and supply chain security. Organizations establish and implement policies, frameworks, processes, and controls to secure information and support business objectives.

Information security is based on three core principles: confidentiality, integrity, and availability. A comprehensive information security strategy that integrates these three principles enables information security and privacy, access control, risk management, and incident response, among others.

It does not only mitigate risks but also builds trust among stakeholders, fostering a strong basis for effective management of operations and growth.

Security Architecture Framework

This is a 5 days course (with a choice between the “Foundation” and “Architecture” modules), which combines the SABSA levels L1 and L2. For more information on this topic: Download the SABSA flyer (PDF) here.

The training is a combination of directly applicable theory, hands-on exercises, feedback from experience and class interaction.

%

Exam pass rate

You will be well prepared for the exam. Counting all our students, almost 100% have been successful.

Up To Date

All our courses are up to date. They have been adapted to the latest changes of the different exams. We are in constant contact with each certification organisation.

The training is a combination of directly applicable theory, hands-on exercises, feedback from experience and class interaction.

You will be well prepared for the exam. Counting all our students, almost 100% have been successful.

All our courses are up to date. They have been adapted to the latest changes of the different exams. We are in constant contact with each certification organisation.

Interested? Ask us more!

    Your interest

    Name (required)

    Email (required)

    Direct Business Phone with country code (required)

    Mobile Phone with country code (required)

    City (required)

    Country (required)

    Your message