Cloud GRC | Governance Risk Compliance
Intrinsec’s Cloud GRC | Governance Risk Compliance was developed by us in response to our former CCSK PLUS students. This session delivers students to a workshop environment in which they create and execute an audit plan based on security policy.
About this Course
Cloud GRC | Governance Risk Compliance is a 2-day course delivering students a workshop environment in which they create and execute an audit plan based on their security policy. Students work to identify and assess risks within their own environments based on internal documentation as well as Cloud Security Alliance, NIST, and vendor guidance papers. The course is approximately a 50/50 split between lecture and hands-on activities.
Intrinsec’s Cloud GRC session can be offered as a stand alone course however is usually taken in conjunction with CCSK PLUS.Register now
Upon completion of the course, students will be able to properly define, identify and address risks to cloud-based systems.
- Module 1 | Cloud Technology Baseline
- Module 2 | Cloud GRC Overview
- Module 3 | Compliance Certifications, Standards and Frameworks
- Module 4 | FedRAMP
- Module 5 | Assessing Cloud Service Providers with CSA Tools
- Module 6 | Governance and Security for SaaS Adoption
- Module 7 | ISO 27017 and CIS Assessment Tools
- Module 8 | CSP Tools for GRC
2 Days Instructor Led Training
- Cloud GRC Student Handbook
- Cloud GRC OnDemand Videos
- 1-on-1 Instructor Access; personal mentoring and content review assistance
The Intrinsec Added Advantage
Loyalty Savings: Discounted Training Rates for CCSK Plus or CCSK Foundation
- What cloud is and what it isn’t
- The essential characteristics of cloud, service models, and deployment model
- Implement governance and risk management in a cloud environment
- Review standards such as ISO 27001, ISO 27017, PCI, and SOC reports
- Review various elements of FIPS 199, the NIST Risk Management Framework, and how it supports the FedRAMP approval process
- Create a complete risk assessment program for cloud services working through the Cloud Controls Matrix (CCM), the Consensus Assessment Initiative Questionnaire (CAIQ), and the Security Trust & Assurance Registry (STAR)
- Assess appropriate roles and responsibilities through to assessment of disaster recovery preparedness
- Ensure that all aspects of security are addressed during their next assessment of internal operations involving cloud services
- Determine the controls that providers push onto customers and the real risks associated with cloud computing, such as ShadowIT and the critical importance of establishing a Cloud Governance Board
- Review Amazon Web Services security controls and how they map to the ISO 27017 standard
- AWS Security offerings and what should be assessed and how to assess each control
Intrinsec’s Concierge Service focuses on you, providing a personalized human experience with one of our concierge representatives to ensure that you have a perfect experience from day one and beyond.
Not only will your representative reach out to you when you sign up, providing you with all the information you need, but they will also be on stand-by for any and all questions you may have.
After you have completed your class your concierge representative can provide you with relevant recommendations for upcoming events, discounts on training, and suggestions to help further your career.
A certificate of Cloud Security Knowledge is recommended prior to attending this course.
Managerial, Expert. Participant profile includes IT Management and Staff looking to understand best practices for assessing cloud services.
- Administrators- Security, IT Systems, Network, Database
- Analysts- Security, Network, System
- Engineers- Security, Network, System, Sales
- Architects- Security, Enterprise, Cloud
- Managers, Governance, Risk, Compliance
- Security Consultants, Specialists