Thank you for sending your enquiry! One of our team members will contact you shortly.
Thank you for sending your booking! One of our team members will contact you shortly.
Course Outline
DAY 1: ISO/IEC 27017 Fundamentals & Framework and Cloud Risk & Control
- Module 1: Introduction to ISO/IEC 27017 – Overview, relationship with ISO/IEC 27001/27002, and standard objectives.
- Module 2: Scope of ISO/IEC 27017 – Additional controls, cloud environments, and audit boundaries.
- Module 3: ISO/IEC 27017 Certification Scheme – Certification model as an extension of ISO/IEC 27001.
- Module 4: ISO/IEC 27017 Auditor Competency Model – Required competencies, cloud technical knowledge, and risk-based thinking.
- Module 5: Cloud-Specific Risk Examples – VM management risks, multi-tenancy, isolation, and legal jurisdiction risks.
- Module 6: Cloud Service Categories – Audit impact discussion for SaaS, PaaS, IaaS, NaaS, and DSaaS.
- Module 7: ISO/IEC 27017 Specific Controls – Shared responsibilities, VM hardening, and cloud service monitoring.
- Module 8: Control Mapping to Cloud Services – Mapping controls to IAM, Cloud Logging, Cloud KMS, and VPC.
DAY 2: Technical Audit Simulation & Regulatory Integration
- Module 9: Audit Simulation Planning – Defining audit scope (GCP/Organization) and resource sampling.
- Module 10: Cloud Control Audit Simulation (Hands-on) – Auditing Access Control, Resource Configuration, and Security Posture based on real evidence.
- Module 11: Cloud Regulations & Compliance Requirements
- Indonesia Cloud Regulations: Deep dive into POJK 11/2022 & PADK No. 1 Year 2026 regarding Information Technology Implementation by Commercial Banks.
- Mapping: Aligning ISO/IEC 27017 controls directly to local banking compliance requirements.
- Module 12: ISO/IEC 27017 Certification Audit Process – Audit techniques, methodology, and lifecycle.
- Module 13: Integrated Audit Guidance – Comparison between ISO/IEC 27001, 27017, and 27018.
- Module 14: Final Workshop – End-to-End Audit Simulation, preparing findings, and presenting results.
Requirements
- An understanding of basic IT Security
- Experience with IT Security and Cloud Platform
Audience
- Banking IT Security
- Other financial institution IT Security
14 Hours
Custom Corporate Training
Training solutions designed exclusively for businesses.
- Customized Content: We adapt the syllabus and practical exercises to the real goals and needs of your project.
- Flexible Schedule: Dates and times adapted to your team's agenda.
- Format: Online (live), In-company (at your offices), or Hybrid.
Price per private group, online live training, starting from 3200 € + VAT*
Contact us for an exact quote and to hear our latest promotions
Testimonials (2)
I found new things.
Cristian
Course - OpenStack Security
Azure web security, it was more what i was expecting, the penetration testing i would never do in my job
