Cybersecurity Risk Management Workshop

Did you know that Small & Medium-sized Businesses (SMB) are targets in 75% of cyber attacks? Is your cybersecurity approach based on a set of defensive tools and procedures you have cobbled together over time? Is this approach adequate for dealing with today’s cyber risks? How do you know? Are you finding you are being more reactive than proactive? How can you do something about it?

This 3 hour workshop will address the basic steps to prepare your organization for implementing cybersecurity risk management. It will present a proactive methodology for defining and assessing your cybersecurity risks and then describe a mechanism for developing a plan to deal with them. We will look at the Federal (NIST) Cybersecurity Framework, developed with industry, as it defines a process and procedures for developing a cybersecurity system for an organization.

You will learn how to: 1) describe your current cybersecurity posture; 2) determine your target state for cybersecurity; 3) identify and prioritize opportunities for improvement using a risk management approach; 4) see how to assess progress toward the target state and organizational capability; and 5) how to improve communications among internal and external stakeholders.

  • Analyze your current cybersecurity approach. What are your objectives and critical assets. The five Core cybersecurity functions – Identify, Protect, Detect, Respond, Recover. Identifying the key cybersecurity process activities required to manage your cybersecurity risks. How to perform a cyber risk assessment and select your key risks and controls.
  • Assesse your cyber risk management capabilities. How rigorous and sophisticated your capabilities need to be for your cybersecurity risk management activities.
  • Define your cybersecurity risk Profile. What activities are needed to reach your cybersecurity goal(s). Manage cybersecurity risk in each of the Core cybersecurity Functions and Categories. What Functional Subcategories have you implemented already and what others are needed to be implemented. By documenting your current state and the desired target state of specific cybersecurity activities, you reveal the gaps that need to be addressed to meet your cybersecurity risk management objectives. And to enable assessment of progress against meeting those goals.

Date: Wednesday, June 3, 2015
Location: Room 160, Phoenix Convention Center – South Building Hall G.
Visit us in AmCon at Booth 419 (http://www.amconshows.com/phoenix-az/)
Registration fee: $199 (includes FAQ handout on NIST Cybersecurity Framework)
Register online: www.regonline.com/cermphoenix2015

Speaker: Ed Perkins CIA CERM is the developer of Certified Enterprise Risk Manager® – Cyber Security™ certificate and is an expert on the NIST Risk Management Framework.  Ed consults in enterprise risk management; performance and risk auditing; IT Governance; process automation; project management; and holds a Certified Internal Auditor (CIA) designation. He has over 30 years industry experience, in computer operations, operating systems, embedded systems, software development , chip architecture development, design automation, program and project management, design services management, technical writing, and internal auditing. He has managed high visibility / high risk IT programs, and led cross-functional teams and industry work groups.  He can be contacted at: edp@CERMAcademy.com.

Risk-based Auditing for ISO 9001-2015 Workshop

The forthcoming ISO 9001-2015 revision redefines quality as a risk-based endeavor. This will impact how you define, operate and certify your quality system.

By attending this 3-hour workshop which will cover the implications of ISO 9001-2015 for companies you will:

  • Understand the risk language of ISO 9001-2015 and ISO 31000
  • Know how to plan a Value Added Audit™ (VAA)
  • Know how to conduct the required level of fieldwork to assure your business objectives
  • Know how to write a value added audit report that meets your management’s requirements and the ISO 9001-2015 requirements

The VAA manual is a step by step guide for planning, conducting and reporting risk based, process audits. Each person who registers for the workshop will receive the 400 page Value Added Auditing manual for risk based auditing, an $89 value.

Date: Tuesday, June 2, 2015
Location: Room 160, Phoenix Convention Center – South Building Hall G.
Visit us at AmCon in Booth 419
Registration fee: $199 (includes VAA book)
Register online: www.regonline.com/cermphoenix2015

Speaker:Greg Hutchins PE CERM is the principle engineer with Quality + Engineering (Q+E) – Critical Infrastructure Protection: Forensics, Assurance, Analytics® firm. Q+E provides cyber governance, risk, and compliance services to companies. Q+E is also the developer of Certified Enterprise Risk Manager® certificate and Greg is the author of quality, risk, and supply management books, including Value Added Auditing®. His latest book ISO: Risk Based Thinking – 2015, has just been released. Greg can be contacted at gregh@cermacademy.com.

 

CERM® Academy AmCon Phoenix Workshops

The ISO is on track to release ISO 9001-2015 this Fall which calls for companies to modify their Quality Management Systems for ‘risk based thinking’. Do you understand what this is and what it may mean?

Did you know that Small & Medium-sized Businesses (SMB) are targets in 75% of cyber attacks? Is your cybersecurity approach based on a set of defensive tools and procedures you have cobbled together over time? Is this approach adequate for dealing with today’s cyber risks? How do you know? Are you finding you are being more reactive than proactive? How can you do something about it?

To learn how to answer these questions, come to the AmCon Design & Contract Manufacturing Show in Phoenix June 2-3, and attend the CERM Academy Seminars and Workshops:

Meet face-to-face with some of the finest job shops and contract manufacturers from throughout the U.S. and Canada. See the latest in manufacturing’s cutting-edge technologies. From prototype to production parts – find sources for all your custom manufacturing needs

AmCon Phoenix Design & Contract Manufacturing Show, June 2-3, 2015
Phoenix, AZ Convention Center – South Building Hall G
Details & Registration: http://www.amconshows.com/phoenix-az/

Show Hours:
Tuesday, June 2, 9:30 a.m. – 3:30 p.m.
Wednesday, June 3, 9:30 a.m. – 3:00 p.m.

Free Admission, Free Attendee Parking, Free Seminars
Attend Free Seminars given by industry professionals.

Continue reading

AMCON PHOENIX RISK WORKSHOPS JUNE 2-3

CERMAcademy will be participating on the June 2-3 AmCon Design & Contract Manufacturing Expo show in Phoenix. Visit us in Booth 419.

2:00 – 3:00 PM

Room 160

Preparing for New ISO Risk Based Thinking

Greg Hutchins/Bill Walker/Ed Perkins

www.CERMAcademy.com

ISO is on track to release ISO 9001-2015 this Fall which calls for modifying your Quality Management System for ‘risk based thinking’. Do you understand what this is and what it may mean? Is your organization prepared for an increase in Quality Management System registration and audit costs than what you paid in the past? Why are the costs increasing? Besides yourself does your CEO, CFO, COO and President fully understand the changes coming to AS9100 (AEROSPACE & DEFENSE), ISO 9001 (INTERNATIONAL STANDARD), ISO 31000 (RISK MANAGEMENT), ISO 19011 (AUDITING MANAGEMENT SYSTEMS-LIKE RISK), ISO 27001 (CYBER SECURITY), FAA (New Airline Risk Requirements), requirement that ALL FEDERAL OFFICES have a RISK MANAGEMENT PROGRAM, plus other standards?

Continue reading

AMCON SEATTLE RISK WORKSHOP – MARCH 24, 2015

March 24, 2015

12:00pm – 1:30pm

Room 402

Risk Management, Cyber Security & ISO 9001:2015

Greg Hutchins/Bill Walker/Ed Perkins

Quality Plus Engineering         www.CERMAcademy.com

Is your organization prepared for any increase in registration costs than what you paid in the past? Why are the costs increasing? Besides yourself does your CEO, CFO, COO and President fully understand the changes to AS9100 (AEROSPACE & DEFENSE), ISO 9001 (INTERNATIONAL STANDARD), ISO 13485(MEDICAL), TS16949 (AUTOMOTIVE), TL9000 (TELECOMMUNICATIONS), ISO 31000 (RISK), ISO 19011 (AUDITING MANAGEMENT SYSTEMS-LIKE RISK), ISO 27001(CYBER SECURITY), FAA (New Airline Risk Requirements), requirement that ALL FEDERAL OFFICES have a RISK MANAGEMENT PROGRAM, plus other standards? Is ISO 9001-2015 the driving force behind the changes? Are you using COSO? Do you need to understand and comply with the new Federal Cyber Security Framework? Which is better FMEA or HEAT MAPS? Which of the above RISK MANAGEMENT documents does your organization not know about or understand what these requirements mean and how they will affect the bottom line?

Where do I find the answers to the above questions plus more? Where can I ask questions and learn more about what is happening and going to happen? Can I afford the changes? Can I survive and stay in business because of all the changes and cost increases?

Join Greg Hutchins, Ed Perkins and Bill Walker as we do a panel discussion on RISK MANAGEMENT requirements, CYBER SECURITY and ISO 9001-2015. ISO 9001-2015 is scheduled for release in September 2015. Are you prepared for the impact and costs that this document release will have?

Here is your opportunity to find out what is happening, how it will affect your bottom line and determine what training is recommended. Who needs to be trained first and then next?

At the conclusion of this FREE SEMINAR there will be a drawing for a FREE COPY of VAA (VALUE ADDED AUDITING) Manual which is the Standard Manual of Risk-Based, Process-Auditing.   This manual is 383 pages, written by Greg Hutchins and sells for $89.00 plus $6 plus shipping and handling.

If you plan to attend this FREE SEMINAR on Tuesday March 24, 2015 starting at 12:00 Noon until 1:30 please RSVP Here and email to billwalkerrm@gmail.com to ensure that you will obtain the FREE handouts and have a place to sit.