Wolcott Group: Optimizing IT from Vision to Value  
   
 

Information Security Training

 

 

Holistic Information Security Practitioner (HISP) Training and Certification Course

Provided in conjunction with the HISP Institute and eFortresses, the Holistic Information Security Practitioner (HISP) training and certification program is designed to show you how to more efficiently achieve multiple regulatory objectives for information security and privacy with a unified approach to IT best practice frameworks.

Endorsed by British Standards Institute (BSI) Americas, the world’s leading standards and certification organization, the HISP certification course is the only educational curriculum available today that teaches how to integrate ISO 27002/27001 with COBIT, COSO, ITIL, and multiple regulatory requirements pertaining to information security and privacy.

 

Benefits to You and Your Organization

    • Learn how to adopt international best practices pertaining to Information Security
    • Learn how to adopt COBIT as an IT governance framework
    • Learn how to effectively map multiple standards through a Compliance Matrix
    • Take the knowledge and skills imparted during this exercise and use them to improve confidentiality, integrity and availability of information systems
    • Gain competitive advantage
    • Improve customer and investor confidence
    • Show due diligence and due care
    • Receive 35 CPE credits that apply to the CPE requirements of ISACA's CISA and CISM certifications as well as (ISC)2's CISSP certification
    • Be one of first certified Holistic Information Security Practitioners in the IT industry
 

Who should attend?

    • Staff tasked with the implementation and management of an ISO 17799:2000 or ISO 17799:2005 Information Security Management System (ISMS)
    • Staff tasked with ensuring compliance with HIPAA Security, SOX Security, GLBA, California SB1386, FACT Act, PCI Data Security, NIST 800-53 and other regulations
    • Staff tasked with the adoption of COBIT as an IT governance framework
    • Staff tasked with achieving regulatory compliance with multiple Information security requirements
    • Information Security Consultants or Third Party Auditors
    • Auditors (External and Internal)
    • Information Security Officers
    • IT Managers/Directors
    • Privacy/Compliance Officers

Course Materials


All attendees will receive a comprehensive set of materials including:

    • ISO 27002:2005 Compliance Student Guide
    • Information Systems Auditing Student Guide
    • Mappings of ISO/IEC 27002:2005 to multiple regulatory regulations
    • Mappings of COBIT to ITIL, COSO, and ISO 27002:2005
    • Materials on the domains of ISO 27002
    • Materials on the domains of COBIT
    • Case studies on ISO 27002, COBIT, and regulatory compliance
    • The HISP certification exam

 

Training Program Overview

This is a five-day training program that covers ISO 27002 compliance, the COBIT auditing framework, and the Compliantz® methodology for mapping regulatory requirements to ISO 27002. It also includes the HISP certification exam, at no extra cost, on the afternoon of day 5 of the course.

Days 1 - 3: ISO 17799 Compliance

Overview.  The objective of this course is to provide delegates with the necessary skills to implement a corporate Information Security Management System (ISMS) framework that is compliant with the requirements of ISO 17799, HIPAA Security, GLB Act, Sarbanes-Oxley Act (Security), FACT Act, PCI Data Security and California SB-1386 and meets the certification requirements of ISO 27001.

Course Content.  The course is designed for people who have a reasonable awareness of Information security management.

    • History of ISO 17799 / BS 7799 / ISO 27000 series
    • Comparison of ISO 17799:2000 and ISO 17799:2005
    • ISO 27001 certification requirements
    • Determination of scope
    • Identification of information assets
    • Determination of the value of information assets
    • Determination of risk
    • Determination of policy(ies) and the degree of assurance required from controls
    • Identification of control objective and controls
    • Definition of polices, standards and procedures to implement the controls
    • Production and implementation of policies, standards and procedures
    • Completion of ISMS documentation requirements
    • Establishment of Management Framework and Security Forum
    • Audit and review of ISMS
    • Case Studies

Days 3 - 4: COBIT Auditing Framework

Overview.  The objective of this course is to provide delegates with the necessary skills to audit information technology systems using COBIT as a benchmarking standard.

Course Content.  The course is designed for people who have a reasonable awareness of Information Technology Controls.

    • History of COBIT
    • Understanding COBIT Controls
    • Understanding COBIT mapping to ISO 17799
    • Understanding COBIT mapping to COSO
    • Understanding COBIT mapping to ISO 17799 and ITIL
    • COBIT case studies

Day 5: Compliantz™ Methodology and the HISP Certification Exam

Overview.  The objective of this course is to provide delegates with the knowledge of how ISO 17799 requirements map to HIPAA, GLB Act, Sarbanes-Oxley Act and other regulations. We will explain how to identify areas of noncompliance in a matter of a few days. Attendees will also be given the option to take the HISP Certification Exam, at no extra cost, on the afternoon of day 5.

Course Content.  The course is designed for people who have a reasonable awareness of Information security management.

    • History of Compliantz
    • Compliantz methodology – proprietary mapping component
    • Description of Compliantz modules
    • Using automation to quickly identify non-compliance areas
    • Case studies

Certification Exam

Attendees will be given the option to take the HISP Certification Exam, at no extra
cost, on the afternoon of Day 5, consisting of:

    • 100 multiple-choice questions
    • Questions covering the entire HISP course curriculum

The attendees are given two hours to complete the exam and they are not permitted to reference their class materials.

After completing the exam successfully, attendees will receive an officially-endorsed “Holistic Information Security Practitioner” (HISP) certificate.

Frequently Asked Questions about the HISP Course

What are the prerequisites for the attendees?

Attendees should be fairly knowledgeable about information security management.

Is a laptop required for the course or exam?

There are no PC-related requirements for this course although wireless internet access and CDs with select HISP materials will be provided for your convenience.

What is the typical class size?
Our HISP classes normally have between three and 12 attendees.

What are the class times each day?
The class times for the Monday through Thursday sessions typically run from 8:30 a.m. in the morning to between 4:00-5:00 p.m. in the afternoon. The Friday session also starts around 8:30 a.m. but it usually wraps up between 3:00–4:00 p.m. depending upon how soon after lunch the 2-hour certification exam is started.

Is lunch provided?
Yes, lunch is included in the price of the course. We typically take your lunch order in the morning and have it delivered around Noon each day. Please send us an email at training@wolcottgroup.com if you have any special dietary requirements.

Is internet access available so I can occassionally check my email?
Wireless internet access is available in our classroom, but we do ask that attendees keep their internet and email activity confined to the breaks.

When is the cut-off for registering for a HISP class?
Typically, we will make a determination on having or cancelling a class about two weeks before the scheduled start date. If we have three or more registrations by that timeframe, we will hold the class and keep registration open for any last-minute registrations. If do not have three registrations by two weeks out, we probably will cancel the class, post a cancellation notice on our web site, and notify anyone that has registered for the class.

Learn More About HISP and the HISP Training Program (via downloadable PDF files)

Comments from Previous Attendees of Wolcott Group's HISP Training

The attendees of Wolcott Group's HISP courses have included personnel from the largest banks, insurance companies, and hospital networks in the U.S.

"The instructor was very informative and interesting."

"The material directly applies to my current position and responsibilities."

"I like the fact that the course showed the big picture of how an organization can comply with all regulations and use a holistic approach."

"I really like the approach and idea of holistic information security from an efficiency standpoint."

“The general organization was good and easy to follow. The cross-comparisons to other standards/frameworks is excellent.”

“An enjoyable and informative course that packs a lot into a short time-frame.”

"It provided an excellent foundation for understanding information security controls and a comparison of the various frameworks for corporate and IT governance."

"A very thorough and comprehensive training course. I will certainly recommend this to other professionals."

About the Instructor

Gary Sheehan, CISSP, HISP

Gary Sheehan is a Managing Consultant with Wolcott Group in Fairlawn, Ohio. Gary’s practice at Wolcott is focused on using the ISO 27001 Standards to help clients achieve effective holistic security and good IT governance. He is a subject matter expert in the area of information security governance; with 20 years of experience in security policy, awareness, process implementation, vulnerability management and security project management.

Throughout his career Gary has worked for a number of large companies in the banking, insurance, diversified industrial, manufacturing and chemical industries. He has successfully executed large, global security projects and implemented enterprise-wide security policies at a number of companies. Gary is currently the President of the Northern Ohio Members Alliance of InfraGard and founder of the Information Security Summit.

As a recognized security expert, Gary has presented topics at Computer Security Institute's annual conference, InfoSec World, OKIT and at many regional conferences and seminars. In 2003 Gary received the Northern Ohio Chapter of InfraGard’s Linda Franklin award for his dedication and outstanding service to the chapter. Under his direction, the Information Security Summit has raised and distributed over $90,000 to area organizations such as ISACA, InfraGard, ISSA, BEPA, Cuyahoga County Police Chiefs Association, Cleveland HoneyNet Project, NEO InfoSec Forum and ASIS.

Gary has a Bachelors degree in Business Administration from Baldwin-Wallace College and is a 2006 graduate from the FBI Citizens Academy.

About Wolcott Group

Wolcott Group is one of the top U.S. firms for standards-based, information security training, consulting, and technology solutions. Wolcott Group is a member of the IT Governance Institute, an authorized training center for the Holistic Information Security Practitioner (HISP) certification, and an authorized BSi Management Systems’ Associate Consultant for training and consulting on ISO 27001/27002. Wolcott Group is an IBM Premier Business Partner, a Microsoft Gold Certified Partner, and also partners with other information security technology vendors to help its clients to improve their information security practices.

The Wolcott Group Location

Wolcott Group – Corporate Headquarters
3700 Embassy Parkway, Fairlawn, Ohio 44333
Phone: 1-866-WOLCOTT (1-866-965-2688) or 1-330-666-5900
Fax: 1-330-666-5600
Email: training@wolcottgroup.com
See our downloadable map for directions to our offices and lodging options.

Lodging Near Wolcott Group

Here are two hotels we recommend, a Residence Inn and a Radisson, that are both less than 2 miles from our offices.

Residence Inn Akron
120 Montrose West Avenue, Akron, Ohio 44321
(330) 666-4811

Web: http://cwp.marriott.com/cakmr/wolcottgroup
The Residence Inn offers a discounted rate of $99/night for Wolcott Group visitors. They have also set up a custom web site specifically for Wolcott Group visitors to learn more about the hotel and to register at http://cwp.marriott.com/cakmr/wolcottgroup.

Radisson Hotel Akron/Fairlawn
200 Montrose West Avenue, Akron, Ohio 44321
(330) 666-9300

Web: http://www.radissonfairlawn.com

Frequently Asked Questions From Out-of-Town Visitors

Which airport is closer to Wolcott - Cleveland-Hopkins (CLE) or Akron-Canton (CAK)?
Wolcott Group is about half-way in between both airports. The Cleveland-Hopkins airport (CLE) is about 30 miles away and the Akron-Canton airport (CAK) is about 25 miles away. The travel time between the airports and our offices can vary between 30-60 minutes depending upon the time of day and the current road construction projects. So select whichever airport best meets your specific travel requirements.

Is it better to use ground/public transportation or to rent a car?
We highly recommend renting a car. Shuttle bus rides to and from the airports will cost about $80 to $100 each way. And that is only your ride to and from the airport. While you could walk the two miles each way between the hotels and our offices, there are not sidewalks most of the way and there is one very busy intersection to cross that doesn’t have crosswalks nor a pedestrian crossing signal. And while there is a public metro bus that makes the rounds in this area, it is not convenient as the morning route takes over 30 minutes to get you the needed 2 miles from the hotels to our offices. You should be able to rent a car for the week (Sunday to Friday) for about the same amount, or possibly less, than the cost of the airport shuttle rides. Here is a link to document with maps and driving directions between the airports, hotels, and our offices.

What are the local dining options?
From national fast-food chains to sophisticated fine dining and everything in between, there are between 40-50 restaurants within two miles of the hotels and our offices. For more information, we recommend perusing the listings on the Google restaurant map of the area.

Cost

The cost for this five-day course, including the HISP certification exam, is $2,995 per attendee.

If you have a group of personnel to be trained, quantity discounts are available for training at Wolcott Group's offices or for private training at your offices. Contact us at training@wolcottgroup.com for more information.

Register for a HISP Course Today!

Register for a HISP Course to be held at Wolcott Group's offices in Fairlawn, Ohio:

March 09-13, 2009
May 11-15, 2009
July 20-24, 2009
Sept. 21-25, 2009

If you have any questions regarding the training, the registration process, or any related topics, please send an email to training@wolcottgroup.com.

TM  Compliantz is a trademark of eFortresses, Inc.

 

2009 Schedule and
Link for Registration

Register for a HISP Course to be held at Wolcott Group's offices in Fairlawn, Ohio:

May 11-15, 2009

July 20-24, 2009

Sept. 21-25, 2009

Private, On-Site Training

If you are interested in having a Wolcott Group instructor come to your organization to train a small group, contact us at training@wolcottgroup.com.

About HISP Training

Who?
Information security training for security, privacy, compliance, audit, and IT professionals.

What?
The Holistic Information Security Practitioner (HISP) Training & Certification Course.

When?
See the 2008 Schedule above.

Where?
The HISP courses and exams are held at Wolcott Group’s corporate offices in Fairlawn, Ohio (27 miles south of Cleveland and 9 miles northwest of Akron).

Why?
Learn a holistic, standards-based, best practices approach to information security.

How Much?
$2,995 per attendee.

 

Other Training

ISO 27001 Implementation Course

Jump Start Your Information Security Management System

Using IT Frameworks for Security Workshop

Computer Forensics for the Security Practitioner
   
 
 

Services & Solutions | Products | Partners | Support & Resources | About Wolcott

Email: info@wolcottgroup.com

Fax: 330.666.5600

Address: 3700 Embassy Pkwy, Suite 430, Fairlawn, OH 44333

Phone: 1.866.WOLCOTT

  

© 2008 Wolcott Group | Contact Us | Feedback | Index | Privacy | Terms and Conditions | Trademarks