ISO Training and Certification

We provide a wide range of trainings

RAC is affiliated with a renowned certification body providing certification for persons, management systems, and products on a wide range of international standards. As a  of training, examination, audit, and certification services, RAC offers its expertise in the following fields 

ISO Training Courses

RAC has partnered with partnered with a renowned certifying body to bring you the best education and training experience.

We aim to help professionals and organizations show commitment and competence by providing them with valuable education, evaluation and certification against rigorous internationally recognized standards. Our mission is to provide our clients with comprehensive services that inspire trust, continual improvement, demonstrate recognition, and benefit the society as a whole.

INFORMATION SECURITY

ISO/IEC 27001 Information Security

ISO/IEC 27001 provides requirements for organizations seeking to establish, implement, maintain and continually improve an information security management system. This framework serves as a guideline towards continually reviewing the safety of your information, which will exemplify reliability and add value to services of your organization.

ISO/IEC 27032 Cyber Security

The term ISO/IEC 27032 refers to ‘Cybersecurity’ or ‘Cyberspace security,’ which is defined as the protection of privacy, integrity, and accessibility of data information in the Cyberspace. Therefore, Cyberspace is acknowledged as an interaction of persons, software and worldwide technological services.

ISO 27002 - Training Courses & Certification

ISO/IEC 27002 is an international standard that gives guidelines for the best Information Security management practices. These management practices will help your organizations to build confidence in their inter-organizational activities and implement a suitable set of controls, including policies, processes, organizational structures and software and hardware functions.

ISO/IEC 27005 Information Security Risk Management

ISO/IEC 27005 provides guidelines for the establishment of a systematic approach to Information Security risk management which is necessary to identify organizational needs regarding information security requirements and to create an effective information security management system. Moreover, this international standard supports ISO/IEC 27001 concepts and is designed to assist an efficient implementation of information security based on a risk management approach.

ISO 27035 Incident Management Training Courses & Certification

In today’s business world, information security incidents are considered to be uncertain risks which can seriously damage a business. Thus, organizations must take actions to promptly identify, evaluate and effectively manage the incidents. The ISO/IEC 27035 Information Security Incident Management is an international standard that provides best practices and guidelines for conducting a strategic incident management plan and preparing for an incident response. The ISO/IEC 27035 Information Security Incident Management delivers the prime principles of security to prevent and respond effectively to information security incidents. In addition, the ISO/IEC 27035 incorporates specific processes for managing information security incidents, events, and potential vulnerabilities.

Risk Assessment Methods

Understanding how to effectively assess risk may be a challenge for many industries. The risk assessment methods: OCTAVE, EBIOS, and MEHARI, will provide you with the sufficient knowledge on how to successfully identify and assess risk in your organization. OCTAVE – Operationally Critical Threat, Asset, and Vulnerability Evaluation were developed by the Computer Emergency Response Team (CERT), and it was funded by the US Department of Defense. This risk assessment tool is used to help prepare organizations for security strategic assessments and planning for their information. EBIOS - Expression des Besoins et Identification des Objectifs de Sécurité, was developed by the French Central Information Systems Security Division. The goal of this risk assessment tool is to assess and treat risks with an IS, which would result in assisting the management decision-making, and guide stakeholders to find a mutual set of discussions. MEHARI - Methode Harmonisee d’Analyse de Risques, was developed by CLUSIF, a non-profit Information Security organization. The goal of this risk assessment tool is to mostly to provide guidelines for ISO/IEC 27005 Implementation and analyze scenario-based risks landscapes for short-long term security management.

SCADA Security Manager

SCADA – Supervisory Control and Data Acquisition is an industrial system framework that includes both hardware and software architecture to control, monitor and analyze an industrial process. SCADA is an application software that enables managers, engineers, and industry operators, to supervise and communicate effectively with the working environment. As an application software, SCADA is designed to assist industry experts in maintaining and improving industrial processes. Hence, the objective of SCADA is to collect real-time data, and store, process and generate reports for the complex industrial processes.

Penetration Testing Professional

A penetration test is a practice of assessing the security of an IT infrastructure by securely trying to exploit vulnerabilities that may exist in operating systems, inappropriate configurations, application errors, or end-user behavior. The penetration testing is an attempt to test the efficiency of security measures and discover any potential exploits or backdoors that may be present in computer systems; which hackers and cyber criminals can gain unauthorized access or conduct malicious activities. In addition, penetration testing is an advanced tool to detect, analyze and set protective constraints to the IT infrastructure, in order to reduce remediation of financial losses against malicious activities.

ISO 27799 Information Security Management in the Healthcare Industry

ISO 27799 provides guidelines for organizational information security standards and Information Security Management practices which include but are not limited to the selection, implementation and management of controls by taking into consideration the organization’s Information Security risk environments. This standard provides guidelines to support the implementation of information security controls in healthcare organizations based on ISO/IEC 27002. By following the guidelines of this international standard, healthcare organizations will be able to maintain a level of security that is suitable to their conditions and will help to ensure the availability, integrity and confidentiality of their personal health information. Basically, ISO 27799 serves as a tool to protect personal health information.

Computer Forensics

Computer Forensics, also known as Cyber Forensics refers to the analysis of information in the computer systems, with the objective of finding any digital evidence that can be used for legal proceedings, but also to discover the cause of an incident. Computer forensics is the process of extracting data and information from computer systems to function as digital evidence for civic purposes, or in most cases to prove and legally impeach cybercrime. The purpose of computer forensics is to provide forensic practices, legal processes, and ethical principles to assure reliable and detailed digital evidence that can be used for the courtroom needs. The objective of computer forensics is to guarantee a well-structured investigation and a follow-up of processes in order to resolve incidents and malfunctions in an organization.

Cybersecurity Audit

The digital evolution has brought immense benefits in innovation and growth, but the great dependence that many business models have on the Internet Cybersecurity audit is the attempt to test the efficiency of security measures and disclose any potential vulnerability that an organization may be exposed to. Cybersecurity audit probes the effectiveness and safety of the systems and their security components. Audit plays a very important role in assessing the opportunities for making the organization more secure. Organizations have a number of cybersecurity policies, security restrictions, actions, trainings, practices, and technologies that are used to protect all the data contained in the systems. A cybersecurity audit in other words is an analysis to validate whether all the existing cybersecurity measures are being followed and implemented properly.

Secure Application Developer

Secure Application Development (SAD) is the process of writing secure code without errors and vulnerabilities that expose an application to cyber threats and attacks. Developing securely is a preventive measure that will help organizations avoid and/or mitigate attacks related to the applications that it develops. Since, software bugs and flaws in the rationale of a program are the constant cause for software vulnerabilities, secure application development is a very important part of an organization’s cybersecurity. Secure Application Development (SAD) was developed as a result of the awareness trainings for software developers on how to best secure coding. According to many software security professionals, the most exposures to threats are due to errors in programming, so educating the software developers is a very crucial step in every organization.

Communications Security

Communications Security as a discipline, addresses the prevention of unauthorized access to telecommunications traffic or any information that is either transferred or transmitted in by electrical means. Communications Security serves as a protective shield for electronic emissions associated with sensitive information: a process involving the usage of specialized technical, operational and physical security measures. Hence, effective and secure communication can deliberately lead to creating trust for both internal and external parties within the organizational reach.

Digitalization and Electronic Archiving

Any document management project, whether for a public or private archive, needs to incorporate digitalization as an essential instrument to achieve an effective and secure electronic file management system. Digitalization and Electronic Archiving as a discipline, addresses the issues and trends in document and records keeping in the digital age. This involves digital curation, web archiving, personal information management and managing records in digital repositories. Hence, it covers the essential elements to know to tackle a project of digitalization and archiving of digital data, in particular, security techniques, the risks and the legal and regulatory issues of such a project, without forgetting the contractual and insurance aspects.

Human Resources Security

The Human Resource Security discipline is designed to examine key controls applied before, during, and after the hiring of human resources. These controls include but are not limited to the definitions of roles and responsibilities, recruitment, contracting terms and conditions, awareness, education and training, disciplinary processes, termination of activities.

Cybersecurity - Training Courses & Certification

Cybersecurity or the Cyberspace Security refers to the protection of systems, programs, networks and devices from cyber-attacks in order to preserve the confidentiality, integrity and availability of data within the Cyberspace. These cyber-attacks try to access, destroy or modify sensitive data, leading to the disruption of operations, money loss, reputation damage or loss of customers’ trust. Cybersecurity highlights the role of information security, network and internet security, physical security and critical information infrastructure protection (CIIP) in the Cyberspace.

Ethical Hacking - Training Courses & Certification

Ethical Hacking refers to the act of penetrating computer systems, networks or applications with the intention to exploit vulnerabilities that may lead to potential threats and risks. The main aim of Ethical Hacking is the improvement of the overall security of organizations by fixing the gaps and vulnerabilities found during penetration tests. Ethical hackers are allowed to use the same hacking techniques as malicious hackers with the permission of the organization which is to be tested.

ISO 27701 Training Courses & Certification

ISO/IEC 27701 standard is published in August 2019, and it is the first international standard that deals with privacy information management. The standard will assist organizations to establish, maintain and continually improve a Privacy Information Management System (PIMS) by enhancing the existing ISMS, based on the requirements of the ISO/IEC 27001 and guidance of ISO/IEC 27002. It can be used by all types of organizations irrespective of their size, complexity or the country they operate.

CONTINUITY, RESILIENCE AND RECOVERY

ISO 22301 Business Continuity Management System

As an international standard for Business Continuity Management System, the ISO 22301 is designed to protect, reduce the likelihood of occurrence, prepare for, respond to, and recover from disruptive incidents when they arise. With a Business Continuity Management System, your organization is prepared to detect and prevent threats.

ISO 28000 Supply Chain Security Management System

ISO 28000 is an international standard which addresses the requirements of a Security Management System (SMS) for the supply chain. It specifies the aspects to help the organization to assess security threats and to manage them as they arise in their supply chain. Security Management is related to other aspects of business management. With ISO 28000, organizations can determine if appropriate security measures are in place and can protect their properties from various threats.

Disaster Recovery Trainings

Disaster Recovery includes policies and procedures aimed at protecting an organization from human or naturally triggered disruptions on the IT infrastructure. It plays a significant role in the prevention of data losses, financial consequences, loss of trustworthiness and organizational reputation. A Disaster Recovery Plan includes the measures that an organization should take to swiftly recover its IT systems.

ISO 22320 Emergency Management

ISO 22320 is an international standard which defines the requirements for incident response, and allows public and private organizations to establish and enhance their abilities to respond to any type of emergencies regardless its magnitude ISO 22320 helps to mitigate threats and damages and ensures continuity of basic facilities such as water and food supplies, health, rescue services, fuel delivery, and electricity. Emergency Management ensures that all related parties are on the same page during a disaster in order to minimize the chances of misunderstandings and ensure a more effective use of the combined resources. It encourages developing and implementing incident response measures, to ensure a response which is suitable to the needs of the affected population.

ISO 22316 Organizational Resilience

ISO 22316 explains the nature and the scope of resilience, which helps you and your organization to enhance resilience in a world that is changing every day. Organizational Resilience is the organization’s ability to anticipate, respond and adapt to unexpected disruptions. As an international standard, it provides guidance to improve organizational resilience regardless the size and type of public or private organizations, and does not specify the industry or sector. ISO 22316 is developed to provide a better understanding of the organizational resilience, its principles and the mechanisms that support it.

ISO 22317 Business Impact Analysis

This international standard is a technical specification which provides detailed guidance on how to establish, implement, and maintain a Business Impact Analysis (BIA) process. It does not suggest a uniform process for performing a Business Impact Analysis but assists the organization to design a BIA process that meets their requirements. Organizations cannot certify their BIA to ISO 22317; however, they can use it as a guidance to effectively implement a BIA process. ISO 22317 is the first and the only standard which solely addresses the Business Impact Analysis. It is designed to complement ISO 22301; nonetheless, it can be used as a stand-alone standard. The aim of Business Impact Analysis processes is to analyze the actual impact of a disruptive event on the organization.

GOVERNANCE, RISK MANAGEMENT, AND COMPLIANCE

General Data Protection Regulation (GDPR)

The General Data Protection Regulation (GDPR) is a regulation that will enforce a stronger data protection regime for organizations that operate in the European Union (EU) and handle EU citizens’ data. GDPR constitutes the protection of personal data of employees, customers and others. In case organizations fail to comply with this regulation, they will be subject to heavy fines and damaged reputation. Considering that personal data represents critical and sensitive information that all organizations should protect, such a regulation will help put in place appropriate procedures and controls to prevent Information Security breaches. By May 2018, all organizations that operate in the EU should comply with this regulation.

ISO 31000 Risk Management

ISO 31000 is an international standard for Risk Management that provides a set of principles, a Risk Management framework and process, which help organizations take a proactive approach to risks that they face. ISO 31000 helps organizations to develop, implement and continuously improve a framework that aims to integrate Risk Management strategies into the overall organizational processes including decision-making. The Risk Management process involves following five steps that identify circumstances, detect risk-associated hazards, assess and determine the risk, control evaluated risks and review the impact of the risks. This international standard is important if you are interested in providing yourself with comprehensive guidelines that will help your organization strengthen its indecision-making process and overall management. ISO 31000 is intended to simplify the task of governing complex situations that require crucial decisions to be made towards a structured approach of identifying and judging risks.

ISO 37001 Anti-Bribery

ISO 37001 standard provides requirements for establishing, implementing, maintaining, reviewing and improving an anti-bribery management system. This standard is designed for all types of organizations from any sector and for any type of bribery they may face. Apart from this, it can also be implemented as a standalone standard or be integrated with other management systems. This standard is designed to for all types of organizations, any type of sector and any type of bribery risk it faces, and apart from that it can be implemented as a standalone or can also be integrated into an overall management system.

ISO/IEC 29100 Privacy Implementer

ISO/IEC 29100 provides a high-level framework for protecting the Personally Identifiable Information (PII) that is within Information and Communication Technology systems (ICT). This privacy framework provided by ISO/IEC 29100 applies not only to organizations but also for persons using the ICT, which do require privacy controls in order to process the PII.

ISO 19600 Compliance Management

ISO 19600 provides guidelines for establishing, developing, implementing, managing and improving a compliance management system within an organization. This standard is applicable to all sizes, nature and complexity of company’s business activities. This will allow organizations to encounter all their regulatory requirements and manage their operational risks with one uniform compliance framework. Compliance Management is more than just a legal requirement; it is also a bound to meet the stakeholder’s needs and expectations regardless of industry. By being certified against ISO 19600, the organization will be capable to detect all existing compliance gaps and implement appropriate corrective actions by following ISO 19600 recommendations. This international standard is important if you are interested in providing yourself with comprehensive guidelines that will help your organization strengthen its indecision-making process and overall management. ISO 31000 is intended to simplify the task of governing complex situations that require crucial decisions to be made towards a structured approach of identifying and judging risks.

QUALITY MANAGEMENT

ISO 9001 Quality Management

As an international standard, ISO 9001 specifies the requirements for organizations that want to ensure continual improvement and meet customers’ needs. ISO 9001 was specifically designed to serve as a guiding framework for organizations of all sizes and industries as it provides a firm customer focus, namely delivering qualitative goods and services, which subsequently leads to customer satisfaction. The implementation of a Quality Management System is a strategic decision for organizations that aspire to improve their overall performance and provide a strong basis for sustainable development initiatives. The standard assists organizations and/or professionals to plan processes, interactions and have a risk-based thinking.

ISO 20700 – Guidelines for Management Consultancy Services

ISO 20700, Guidelines for Management Consultancy Services, aims to help management consultancy service providers (MCSPs) and their clients improve transparency and understanding of their consultancy assignments, in order to achieve better results. The appropriate application of this International Standard enables the service providers to reduce risk in management consultancy assignments, bring valuable expertise to an organization when initiating organizational growth and/or change and provide better value to its clients. ISO 20700 is applicable to all MCSPs regardless of size or the operation field, including associations, governmental and non-governmental organizations, partnerships etc. While focusing on the importance of understanding and meeting client’s needs, the standard gives an opportunity to MCSPs to protect innovation and differentiation.

ISO 13485 Medical Devices Quality Management System

As an international standard, ISO 13485 determines the requirements for the medical devices industry. This standard was established to be used by companies during the life cycle of medical devices, from the production to post-production, including decommission and disposal. However, ISO 13485 can also be operated by other parties such as certification bodies which can assist in the certification processes. ISO 13485 serves as a tool for organizations to develop and retain their processes efficiently. Organizations that are striving for continuous improvement will benefit from this standard by being able to provide safe and competent medical devices and achieve the trust of customers.

IATF 16949

The International Automotive Task Force (IATF) published the IATF 16949 as the Quality Management Standard for the automotive industry. IATF 16949 is considered as an innovative standard, which is customer- focused and integrates the automotive customer specific requirements. IATF 16949 is not a separate quality management standard, but it is rather applied as a supplement to and combined with ISO 9001. This international standard aligns with other key management system standards and outlines the Quality Management requirements for organizations which work in the production and/or service of automotive parts and/or related accessory parts.

ISO/IEC 17025 Laboratory Management System

The term IEC stands for International Electrotechnical Commission which in cooperation with ISO creates the specific system for global standardization. ISO/IEC 17025 is an international standard for testing and calibration laboratories. It was established with the aim of offering quality and improving the processes within laboratories. ISO/IEC 17025 has two key clauses; Management Requirements which are associated with the performance and efficiency of the Quality Management System inside the laboratory, and Technical Requirements which focus on the competencies of employees, testing methodology, equipment, and the test and calibration results. ISO 20700 is applicable to all MCSPs regardless of size or the operation field, including associations, governmental and non-governmental organizations, partnerships etc. While focusing on the importance of understanding and meeting client’s needs, the standard gives an opportunity to MCSPs to protect innovation and differentiation.

ISO/TS 29001 Oil and Gas - Quality Management

ISO/TS 29001, as an international standard, is the result of the collaboration between ISO and the international oil and gas industry, which is primarily focused on the oil and gas supply chain. It specifies the Quality Management Systems requirements for the layout, establishment, production, and implementation of products and services for the petroleum, petrochemical and natural gas industries.

Six Sigma

Six Sigma is a management strategy which uses data and statistical measurement tools to optimize business processes. Being used initially by big companies such as Motorola and General Electrics (GE), Six Sigma applies instruments and techniques with the aim of eliminating defects and decreasing the process variation.

ISO 13053 Six Sigma Methodology

ISO 13053 is an international standard that describes the Six Sigma methodology. This methodology is used for improving business processes in an organization. Many companies have process variations which often result in defects and errors such as waste abundance. The purpose of Six Sigma is to identify and significantly diminish variations by using statistical approaches to decrease error rates and increase quality performances. In addition, the Six Sigma methodology can be used to improve existing processes through DMAIC (Define, Measure, Analyze, Improve and Control) or DMADV (Define, Measure, Analyze, Design and Verify) which is used for the development of a new service, product or process.

ISO 21500 Project Management

ISO 21500 provides guidance on concepts and processes of project management that are important for, and have impact on the performance of projects. This guide comprehends a straightforward introduction and also explains the practical application on how to deliver projects successfully and ensure a sustainable future. ISO 21500 is a professional methodology which combines project management best practices and conveys them collectively. Also, it can be used by any type of organization, including public, private or community organizations, and for any type of project, regardless of its complexity, size or duration.

ISO 39001 Road Traffic Safety Management

As an international standard, ISO 39001 specifies the requirements for Road Traffic Safety Management Systems. Additionally, it serves as a tool for organizations to reduce and eventually eliminate accidents, deaths and severe injuries associated with road traffic crashes. Road Traffic Safety (RTS) is considered as a global issue, as the number of accidents that occur worldwide is constantly rising. Therefore, firms and/or individuals, who are committed to improving road safety and offer quality, will benefit from the implementation of ISO 39001. This standard identifies improved elements of road traffic safety, which enable organizations to reach their desired outcomes.

ISO 21001 Educational Organizations Management

ISO 21001 is an international standard developed by the International Organization for Standardization which provides management tools for organizations that offer educational products and services. It intends to help educational providers meet students requirements and needs. ISO 21001 is based on ISO 9001 - Quality Management Systems, but it provides a specific framework for educational organizations that aim to enhance the satisfaction of their learners by improving the educational processes and ensuring conformity to learners’ requirements. The standard can be applicable to all organizations that provide a curriculum for the development of knowledge, skills and attitudes by means of different lecturing methods.

ISO 30301 Management System for Records

Organizational success depends mainly on implementing and maintaining a management system, which is specifically established to improve operations while meeting the needs of stakeholders. Management systems offer the best practices to manage resources and take executive decisions that intend to help organizations achieve their goals and objectives. ISO 30301 was developed to help organizations implement, operate and improve an efficient Management System for Records (MSR). The latter enables organizations to achieve business efficiency, accountability, continuity, and risk management. It also enables the preservation of collected data in response to the challenges of today’s digital environment.

AS9100 Aerospace Quality Management System

AS9100 is an international standard which specifies the requirements for Aviation, Space and Defense Organizations. The standard includes all the ISO 9001 requirements and adds requirements determined to be pertinent to the Aviation, Space and Defense industry. AS9100 was established with the primary aim of providing safe and reliable products for the aerospace industry. The standard is built upon requirements that are set to provide a harmonious global standard that meets the needs and requirements of all aerospace companies worldwide.

ISO 22222 Personal Financial Planning

ISO 22222 is an international standard which aims at increasing client confidence by providing an internationally agreed benchmark for high quality personal financial planning services. The standard outlines the requirements by providing a framework which applies to the ethical behavior, competences, and experience of personal financial planners, regardless of their employment status.

Root Cause Analysis

Root Cause Analysis is a well-known method to find the primary causes of a problem by sourcing a wide range of tools and techniques. By looking at the reasons of why a problem occurs, you can correct or eliminate the incidence of the underlying problem. A Root Cause Analysis tends to uncover issues such as faulty design and materials, failure of machines, human error, incorrect work instructions or procedures, among many other structural issues.. Thus, its importance is paramount when attempting to evaluate the system and reduce or eliminate errors.

TL 9000 QMS for Supply Chain and Telecommunications

TL 9000 is a quality management system designed to provide a quality benchmark for organizations that operate in the Information and Communications Technologies (ICT) industry. The standard aims to achieve excellence by outlining the system requirements related to the design, development, production, delivery, initiation and maintenance of ICT products: hardware, software and services. Moreover, this system monitors performance as a means of continuous improvement.

Quality Assurance and Control Plan

The Quality Assurance and Control Plan serves as the fundamental basis for ensuring that an organization is delivering the right results and meeting customers’ expectations. This plan is performed through an ongoing evaluation and monitoring of processes. The quality assurance and control plan provides guidance on the required principles, appropriate methods and best practices which organizations should follow in order to excel in their field.

ISO 10377 Consumer Product Safety

ISO 10377 is a globally accepted international standard that provides guidance on managing consumer product safety. The standard helps suppliers identify and reduce potential risks before launching their products into the market. Moreover, ISO 10377 helps suppliers increase consumer confidence, facilitate access to international markets, comply with legal requirements and offer a systematic approach to product safety.

Customer Satisfaction Trainings

Customer satisfaction is the degree of happiness and satisfaction that your customers obtain from the products and services that you deliver. In order to understand their customers, companies need to constantly examine the interactions of customers with the products and services that they provide for the purpose of identifying the sources of customer dissatisfaction. Organizations that operate in different fields, therefore, need to identify their customer expectations, gather and analyze customer data, pinpoint areas that need improvement, and regularly monitor customer satisfaction rates.

IT GOVERNANCE & SERVICE MANAGEMENT

ISO/IEC 20000

The ISO/IEC 20000 is recognized as the first international standard for service management, which states the requirements for the service provider to plan, establish, implement, operate, monitor, review, maintain, and improve an SMS.

Outsourcing Trainings

In today’s world outsourcing has a significant role and value in organizations since it helps them to increase their efficiency, to mitigate risk and reduce their costs. Outsourcing refers to the acquisition of an organization’s products or services from external third-parties. ISO 37500 includes the main processes and phases of outsourcing, despite the size and sectors of the operating industry. The main aim is to provide an establishment to enable organizations to successfully outsource arrangements within the contractual phase.ISO 20700 is applicable to all MCSPs regardless of size or the operation field, including associations, governmental and non-governmental organizations, partnerships etc. While focusing on the importance of understanding and meeting client’s needs, the standard gives an opportunity to MCSPs to protect innovation and differentiation.

ISO/IEC 38500 IT Governance

ISO/IEC 38500 provides principles, definitions, and a model to help the governing bodies understand the importance of Information Technology (IT).This standard is intended to help all types of organizations in evaluating, directing and monitoring the use of Information Technology (IT), regardless of the degree of IT usage. It consists of management practices and decisions associated with the current and future use of IT. The purpose of this standard is to promote an effective, efficient and acceptable use of IT in all organizations by informing and guiding governing bodies in governing the IT use and establishing an IT governance vocabulary.

ISO 55001 Asset Management

ISO 55001 is an asset management system standard, the main objective of which is to help organizations manage the lifecycle of assets more effectively. By implementing ISO 55001 organizations will have better control over daily activities, achieve higher return with their assets, and reduce the total cost of risk. This standard can be applied to all organizational structures of companies, and to all types of assets. The concrete outcomes consist of a growth in effectiveness accompanied by a dramatic drop in unit cost. This framework also supports continual improvement of performance and offers improvements for an organization of any industry, type or size.

Business and Supplier Relationship Management

Business Relationship Management describes the approach used to ensure that the appropriate mechanisms are determined to manage the relationship between the service provider and the customer. It illustrates the steps that enable you to constantly remain aware of business needs and major changes in order to respond properly to these requirements. Suppliers are involved in every business activity and they contribute in ensuring that a company maintains a constant flow of goods and services. The goal of Business and Supplier Relationship Management is to streamline and improve the efficiency of processes taking place between the organization and its suppliers. Furthermore, the aim of Business and Supplier Relationship Management is to ensure delivery of consistent and seamless quality services. Supplier Relationship Management entails building a greater collaboration with the suppliers and enables you to identify new values and reduce the risk of failure.ISO 20700 is applicable to all MCSPs regardless of size or the operation field, including associations, governmental and non-governmental organizations, partnerships etc. While focusing on the importance of understanding and meeting client’s needs, the standard gives an opportunity to MCSPs to protect innovation and differentiation.

Certified Financial Manager for IT Services

As the magnitude and sophistication of the available technology has increased, so have the challenges of financially managing it. The objective of this training is to provide candidates with a way of acquiring practical skills that gives them an edge over other candidates. Certified Financial Managers for IT Services will have valuable financial information at their fingertips which will be employed to help organizations lower the cost of their IT Services, while simultaneously taking into account the quality and risk factors. Based on ITIL Service Strategy, the Financial Manager for IT Services gains understanding of financial and accounting principles, but additionally is equipped with superior decision making capabilities that are highly valuable for delivering cost-effective IT services. Financial Manager for IT Services is responsible for managing three basic processes: accounting, budgeting, and charging.

HEALTH, SAFETY, SUSTAINABILITY

ISO 20121 Event Sustainability Management System

ISO 20121 is an international standard, which specifies the practices that organizations in the events industry need to have in place in order to improve the sustainability of their services, products and/or general activities. The standard guides organizations of all sizes in the management of social, economic and environmental impacts. While addressing these aspects, the standard also addresses every stage of the events’ supply chain. Considering that the standard is flexible itself, it responds to the unique culture and nature of multiple organizations organizing the event.

ISO 14001

ISO 14001 is a widely recognized international standard which specifies the requirements for organizations that want to enhance their environmental performance and increase their operational efficiency. The framework that is based on ISO 14001 will help organizations manage their short-term and long-term processes through the use of efficient resources, which will have a positive impact on the environment.

ISO 22000 Food Safety Management System

ISO 22000 is a globally accepted international standard, which specifies the requirements for food safety management systems. Established in 2005, ISO 22000 is applicable to all organizations involved in the food chain, whose main objective is to ensure food safety. The standard outlines a framework which harmonizes all parts of the food supply chain, from producer to consumer, and helps you reduce food hazards, control the risks and prevent contamination.

ISO 26000 Social Responsibility

ISO 26000 is an international standard, which was developed to provide guidance on how to behave in a socially responsible way. This standard is applicable to all organizations, whose aim is to contribute to the health and wellbeing of society, regardless of their size or industry. ISO 26000 is a guidance standard that helps organizations to enhance their operational processes and ensure healthy ecosystem.

ISO 45001

ISO 45001 is a newly developed international standard, which outlines the requirements for occupational health and safety. The standard is applicable to organizations of all sizes, whose aim is to manage the prevention of workplace injuries, ill-health, and deaths. In addition, ISO 45001 aims to establish a safe working environment and continual improvement of occupational health and safety performance. ISO 45001 will replace OHSAS 18001 and will become the next “to go” standard for occupational health and safety.

OHSAS 18001 Occupational Health and Safety Management System

OHSAS 18001 is an international standard on occupational health and safety which was designed to help organizations identify, control and minimize their health and safety risks.

ISO 18788 Security Operations Management System

ISO 18788 specifies the requirements and provides guidance for organizations that conduct or contract security operations. Moreover, it provides a framework for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a Security Operations Management System. It enables the constant development of security services, while ensuring customer safety and respect for human rights. This standard demonstrates compliance with laws and regulations, respect for human rights, and the establishment of professional security operations to better meet the customer’s and stakeholder’s needs.

ISO 50001 Energy Management System

As an international standard, ISO 50001 specifies the requirements for organizations to develop, implement, and improve Energy Management Systems. This allows organizations to follow a specific framework that helps them achieve continual improvement in energy performance, efficiency, usage, and consumption. This framework specifies the measurements, documents, and reports, which enable organizations to monitor the progress of their processes and employees towards energy performance. ISO 50001 requires organizations to establish new policies for an efficient use of energy, to set aims and objectives to meet those policies and review their impacts; genuinely attempting to achieve continuous improvements of energy management

Accident Investigation

Accident Investigation is the process of identifying, analyzing and controlling the root cause of accidents which lead to work injuries, damages; property losses or even human loses. Accident Investigation is critical in the future prevention of harmful incidents, because once the causes are examined and determined, you can establish precautionary measures to resolve hazards before they occur.

Environmental Emergency Preparedness and Response

Given that environmental emergency situations not only cause causalities and agricultural destruction, but also cause outbreaks of multiple diseases, one needs to build a more integrated response system and combine multiple response approaches to cope with the intensifying environmental emergencies. Environmental Emergency Preparedness and Response provides a framework that will enable you to effectively respond to emergency situations that may have adverse environmental impacts. The application of this practical framework facilitates a quick and sustainable recovery in case of both natural and man-made disasters. The development of response procedures ensures that employees have access to the necessary resources and are aware of techniques/methods to be used when responding to complex emergencies.

ISO 14015 - Environmental Assessment of Sites and Organizations

ISO 14015 provides a systematic process on how to conduct an Environmental Assessment of Sites and Organizations. Purchasing and selling business units gives rise to many questions regarding compliance with environmental regulations. This standard, therefore, presents guidelines on properly determining the risk of acquiring property that holds a strategic benefit for the company, while avoiding any adverse cost and legal liability. The guidelines can be used by organizations of all sizes, operating anywhere in the world. The Environmental Assessment of Sites and Organizations will enable the evaluation of environmental issues associated with an organization’s sites and other activities. This standard can be used for self-assessments, as well as for external assessments, with or without the need to employ third parties. In addition, this assessment can be conducted during operations or at the time of asset acquisition.

Pandemic Planning

Pandemic Planning is a documented approach that enables you to prepare for a prevalent and dangerous outbreak of an infectious life-threatening disease that may influence an organization’s ability to perform crucial functions. A pandemic plan should present how an organization will continue to deliver essential services during an event with substantial employee absenteeism. This training course describes also the measures that the organization will implement and apply when coping with pandemics. This intervention explains how the organization will reduce the contact between people to help prevent the outbreak of an infection.

ISO 14063 Environmental Communication

Environmental communication has become increasingly important due to increased environmental concerns and awareness among organizations seeking to attain and deliver information regarding their environmental practices and response to environmental issues. ISO 14063 provides guidance to an organization on the general principles, policy, strategy and activities related to both internal and external interested parties to establish a mutual understanding on environmental issues, aspects and performance. This standard is applicable to all types of organizations, regardless of their sector, structure, activities, products and services. Apart from that, the standard can be used as a standalone standard or in conjunction with any of the standards of the ISO 14000 series.

ISO 14062 Sustainable Product and Design

ISO 14062 provides the concepts and practices associated with the integration of environmental aspects into product design and development. This standard is relevant when developing sector-specific documents. All products and services might have an impact on the environment, which can be minimal or significant and can occur at different levels such as local, regional, and global or a combination of them. Considering the increased importance of environmental issues in the eyes of customers, users, and the society, in general, it is of substantial importance to integrate environmental aspects into product design and development. Organizations should develop clear strategies and structures with adequate goals and objectives during the product design and development in order to support eco-design strategies. The Environmental Assessment of Sites and Organizations will enable the evaluation of environmental issues associated with an organization’s sites and other activities. This standard can be used for self-assessments, as well as for external assessments, with or without the need to employ third parties. In addition, this assessment can be conducted during operations or at the time of asset acquisition.

ISO 14051 Material Flow Cost Accounting

SO 14051 provides a general framework for material flow cost accounting. By definition, Material Flow Cost Accounting (MFCA) is an Environmental Management Accounting tool designed to reduce environmental impacts, while generating financial benefits. The MFCA analysis shows a material loss in production processes by using the instrument of mass balances. MFCA applies to all businesses and organizations that use materials and energy, regardless of their size, structure, products, services, or location.

Environmental Risk Assessment

Environmental Risk Assessment is the process of identifying and assessing the threats affecting the environment and/or human health. The sources of environmental threats are very diverse. Some are natural such as earthquakes, while others may come as a result of human activity, such as industrialization and urbanization, release of air pollutants and toxic chemicals. Environmental Risk Assessment can be performed in a number of areas, including the genetically modified organisms, pesticides, and plant pests. The purpose of Environmental Risk Assessment is to evaluate the significance and likelihood of environmental harm which might derive from a specific activity, such as the application of pesticides. The assessment begins with the formulation of a problem which defines the scope of environmental risk assessment by specifying what needs to be protected from harm, and by identifying potential harmful effects. This assessment can be used for a variety of environmental issues within different time scales. This standard is applicable to all types of organizations, regardless of their sector, structure, activities, products and services. Apart from that, the standard can be used as a standalone standard or in conjunction with any of the standards of the ISO 14000 series.

ISO 14031 Environmental Performance Evaluation

Environmental Performance Evaluation is used to evaluate, measure, report and communicate the environmental performance of an organization based on the management’s criteria. The Environmental Performance Evaluation (EPE) provides a strong and continuous process by using indicators to compare present and past performance with the criteria established by the organization. These criteria enable organizations to seek continual improvement in the environmental performance and enhance effectiveness and profitability. This standard is designed for all organizations, regardless of type, size, location and complexity. Environmental Performance Evaluation (or EPE), along with environmental audits and compliance, helps an organization’s management to assess the status of its environmental performance and to identify areas of potential improvement that are aligned with other industry best practices. As an ongoing process of collection and assessment of environmental data, it also enables organizations to observe its performance trends over time, which can play an important role in strategic goal setting. Considering the increased importance of environmental issues in the eyes of customers, users, and the society, in general, it is of substantial importance to integrate environmental aspects into product design and development. Organizations should develop clear strategies and structures with adequate goals and objectives during the product design and development in order to support eco-design strategies. The Environmental Assessment of Sites and Organizations will enable the evaluation of environmental issues associated with an organization’s sites and other activities. This standard can be used for self-assessments, as well as for external assessments, with or without the need to employ third parties. In addition, this assessment can be conducted during operations or at the time of asset acquisition.

Hazard Identification and OH&S Risk Assessment

Hazard identification is the process of inspecting each task and work area for the purpose of identifying work-related hazards. Whereas, risk assessment is the process of assessing risks associated with the identified hazards as to be able to understand the nature of the risk. The Hazard Identification and Risk Assessment training will help you fully understand all work related threats by becoming knowledgeable on measures and techniques necessary to identify, prevent, prepare, mitigate, respond to and recover from myriad hazards. Hazard identification and risk assessment help in obtaining more accurate estimates of hazards and risks as to ensure that risks to employees, the public, or the environment are constantly controlled and kept within the organization’s risk tolerance level.

ISO 14044 Environmental Life-cycle Assessment

ISO 14044 provides guidelines for life-cycle assessment. Our course explores the definition, objectives and scope of the Life-cycle Assessment. The following phases are life-cycle inventory analysis, life-cycle impact assessment, life-cycle interpretation, reporting and critical review of the LCA, limitations of the LCA, relationship between the different phases of the LCA, and conditions for use of value choices and optional elements. In simple terms, it is a tool used to assess the potential environmental impacts of a product, material, process, or activity. It also presents a systematic set of procedures for collecting and observing the inputs and outputs of materials and energy as well as the associated environmental impacts directly attributable to the functioning of a product or service system throughout its life cycle. The purpose of Environmental Risk Assessment is to evaluate the significance and likelihood of environmental harm which might derive from a specific activity, such as the application of pesticides. The assessment begins with the formulation of a problem which defines the scope of environmental risk assessment by specifying what needs to be protected from harm, and by identifying potential harmful effects. This assessment can be used for a variety of environmental issues within different time scales. This standard is applicable to all types of organizations, regardless of their sector, structure, activities, products and services. Apart from that, the standard can be used as a standalone standard or in conjunction with any of the standards of the ISO 14000 series.

ISO 37101 Management Systems for Sustainable Development in Communities

ISO 37101 is an international standard which specifies the requirements of and provides guidance on the establishment of a management system for sustainable development in communities. The standard aims to help communities establish a framework that allows them to improve their standing in their social, economic and environmental aspects. The requirements of the standard can be applied to communities of all sizes in their sustainable development efforts towards smart, more resilient and more efficient infrastructure and ultimately help improve their overall well-being. The standard addresses specific sustainability issues such as governance, education, innovation, health care, interdependence, safety, inclusivity, etc., and has the flexibility of adding other sustainability issues which may prove relevant to the community implementing it. Environmental Performance Evaluation (or EPE), along with environmental audits and compliance, helps an organization’s management to assess the status of its environmental performance and to identify areas of potential improvement that are aligned with other industry best practices. As an ongoing process of collection and assessment of environmental data, it also enables organizations to observe its performance trends over time, which can play an important role in strategic goal setting. Considering the increased importance of environmental issues in the eyes of customers, users, and the society, in general, it is of substantial importance to integrate environmental aspects into product design and development. Organizations should develop clear strategies and structures with adequate goals and objectives during the product design and development in order to support eco-design strategies. The Environmental Assessment of Sites and Organizations will enable the evaluation of environmental issues associated with an organization’s sites and other activities. This standard can be used for self-assessments, as well as for external assessments, with or without the need to employ third parties. In addition, this assessment can be conducted during operations or at the time of asset acquisition.

Train With Us!

You can call and have a meeting scheduled with our experts.