- Office-Open: 9:00AM to 8:00PM
Employees are vital to every organization and interact with multiple devices daily, making them prime targets for cyber threats. Our Security Awareness Training equips them with the knowledge to recognize and avoid attack vectors such as phishing, baiting, manipulation, and malware. The training includes real-world case studies, cybersecurity best practices, and data privacy guidelines. Employees learn how to set strong passwords, safeguard credentials, and follow essential do’s and don’ts. By raising awareness and building proactive habits, this training helps reduce human error and strengthens your organization’s first line of defense against evolving cyber threats.
Empowering Professionals to Safeguard the Digital World
At One IT Security Consulting Services, we believe that knowledge is the most powerful shield in the fight against cyber threats. Our expertly curated training programs equip professionals with globally recognized skills and certifications in cybersecurity, risk management, compliance, and information systems governance. Whether you’re a beginner or an industry veteran, our trainings are designed to elevate your expertise and open doors to new career opportunities.
Each course is led by experienced, certified instructors and includes comprehensive study material, real-world case studies, and exam preparation support.
This training is a professional program designed to equip individuals with the knowledge and skills necessary to establish, implement, manage, and maintain an Information Security Management System (ISMS) in accordance with the ISO/IEC 27001:2022 standard.
| Day | Topics Covered |
|---|---|
| Day 1 | Introduction to ISO/IEC 27001 and initiation of ISMS implementation |
| Day 2 | Developing the ISMS implementation plan |
| Day 3 | Execution of ISMS implementation |
| Day 4 | ISMS monitoring, continual improvement, and certification audit preparation |
| Day 5 | Certification exam |
| Key Learning Outcomes |
|---|
| - Understand ISO/IEC 27001 ISMS fundamental concepts and principles |
| - Interpret ISO/IEC 27001 requirements from an implementer’s perspective |
| - Plan, support, operate, maintain, and improve an ISMS |
| - Use IMS2 Methodology and best practices to facilitate ISMS implementation |
| Certification Bodies |
|---|
| - IRCA (International Register of Certificated Auditors) - Exemplar Global - Other national/international bodies |
Lead Auditor Training is a professional course designed for individuals who want to become certified lead auditors for Information Security Management Systems (ISMS) based on the ISO/IEC 27001:2022 standard.
| Day | Topics Covered |
|---|---|
| Day 1 | Deep insights into ISO/IEC 27001:2022 standard requirements |
| Day 2 | Basic understanding of audit process per ISO 19011:2018 |
| Day 3 | Fundamental understanding of risk assessment & treatment aligned with ISO 31000 |
| Day 4 | Exposure to mandatory documentation requirements |
| Day 5 | Introduction to auditor and lead auditor roles and responsibilities Networking opportunities |
| Details | Description |
|---|---|
| Exam Duration | 1 hour 45 minutes |
| Number of Questions | 40 |
| Maximum Marks | 80 |
| Passing Criteria | Minimum 50% overall (40 marks) and passing marks for each domain |
| Day | Topics Covered |
|---|---|
| Day 1 | - Need for Privacy & Privacy Management System - Structure of the Standard - Key Concepts: PII, Anonymization, Pseudonymization - PII Processors & Controllers - Privacy Principles - Relationship with ISO 27001, 27002, 27017, 27018 & 27701 - Legal, Statutory & Regulatory Privacy Requirements |
| Day 2 | - Conducting Privacy Impact Assessments - Selecting & Implementing ISO 27002 Controls for PII Protection - Public Cloud PII Processor Extended Controls for PII Protection |
| Details | Description |
|---|---|
| Exam Format | 40 marks, objective type, open book |
| Passing Criteria | Minimum 70% (28 marks) |
| Certification | Issued upon successful completion of the exam |
ISO 31000 training refers to courses and workshops that teach individuals or organizations how to implement and manage risk management based on the ISO 31000 standard, which is an international guideline for risk management principles and practices.
| Day | Topics Covered |
|---|---|
| Day 1 | - Terminology & Definitions in Risk Management - ISO 31000 Principles, Framework, and Process |
| Day 2 | - Context of the Organization: Internal & External Issues - Risk Assessment Process: Identification, Analysis, Evaluation, Treatment |
| Day 3 | - Planning & Implementing Risk Management Actions - Conducting Risk Assessments per ISO 31000 - Mapping ISO 31000 with ISO 27001 & ISO 22301 |
| Details | Description |
|---|---|
| Exam Format | Online multiple-choice (40 questions) |
| Exam Duration | 60 minutes |
| Passing Score | 70% (minimum) |
| Certification | Risk Management Professional Certificate (on passing) Certificate of Attendance otherwise |
ISO 9001 Lead Implementer Training is a professional certification course that equips individuals with the knowledge and skills necessary to implement and manage a Quality Management System (QMS) based on the ISO 9001 standard
| Day | Topics Covered |
|---|---|
| Day 1 | - Audit Methods & Process - Roles, Responsibilities & Competency of Auditors - Auditor & Lead Auditor Responsibilities - Auditor Qualifications, Certification & Evaluation Methods |
| Day 2 | - Planning an Audit - Pre-Audit Planning - Reviewing Documentation - Developing Audit Plan - Preparing Checklists & Working Documents - Communication Factors |
| Day 3 | - Conducting an Audit - Opening Meeting - Interviewing Techniques - Collecting & Verifying Audit Evidence - Recording Nonconformities - Closing Meeting - Do’s & Don’ts of Auditing |
| Day 4 | - Reporting Audit Results - Preparing & Distributing Audit Reports |
| Day 5 | - Follow-up Actions - Corrective Actions & Reporting - Follow-up Scheduling - Monitoring Corrective Actions |
| Details | Description |
|---|---|
| Exam Duration | 1 hour 45 minutes |
| Number of Questions | 40 |
| Total Marks | 80 |
ISO/IEC 42001 is an international standard that provides requirements for establishing, implementing, maintaining, and continually improving an Artificial Intelligence Management System (AIMS). It’s the first standard specifically focused on managing AI responsibly and ethically within an organization.
| Day | Topics Covered |
|---|---|
| Day 1 | - Introduction to ISO/IEC 42001 and AI Governance - Structure of the Standard (Annex SL) - Planning an AI Management System |
| Day 2 | - Risk and Opportunity Management for AI - Ethical Principles & Trustworthy AI Practices |
| Day 3 | - Implementation of Controls & Operational Planning - Monitoring, Measurement, Analysis & Evaluation |
| Day 4 | - Internal Audit Process - Management Review |
| Day 5 | - Preparing for Certification Audit - CQI |
| Details | Description |
|---|---|
| Exam Duration | 1 hour 45 minutes |
| Number of Questions | 40 |
| Total Marks | 80 |
| Exam Format | Online, conducted by CQI/IRCA |
| Certification | ISO 9001:2015 Lead Auditor (exam framework used) |
The National Institute of Standards and Technology (NIST) is a U.S. federal agency operating under the Department of Commerce. Its Cybersecurity Framework (CSF) offers comprehensive guidelines, principles, and best practices to help organizations identify, protect, detect, respond to, and recover from cybersecurity threats.
| Day | Topics Covered |
|---|---|
| Day 1 | - Understand NIST CSF Structure & Core Functions - How to Implement CSF Within an Organization |
| Day 2 | - Use CSF to Assess & Enhance Cybersecurity Posture - Align Cybersecurity with Business Objectives |
| Day 3 | - Real-World Case Studies - Templates, Tools, and Practice Assessments |
| Certification | Details |
|---|---|
| Professional Certifications | Examples: SANS, ISACA CSX-P, CompTIA certifications covering NIST CSF |
PCI-DSS stands for Payment Card Industry Data Security Standard. It is a set of security standards developed by the Payment Card Industry Security Standards Council (PCI SSC) to ensure the protection of cardholder data and reduce the risk of fraud and security breaches in the payment card industry.This is important framework for all financial as well as other industry data security and privacy standards.
| Day | Topics Covered |
|---|---|
| Day 1 | - Overview of the Payment Card Industry - Understanding Transaction Flows - Roles & Responsibilities of Key Entities - PCI Standards per Organization |
| Day 2 | - Understanding Cardholder Data (CHD) & Sensitive Authentication Data (SAD) - Risks Associated with CHD/SAD - Techniques to Prevent Card Breaches & Data Loss |
| Day 3 | - Deep Dive into Each PCI DSS Requirement & Its Intent - End-to-End PCI DSS Compliance Process - Merchant & Service Provider Levels and Their Compliance Obligations |
HIPAA, or the Health Insurance Portability and Accountability Act, is a U.S. federal law enacted in 1996. It establishes national standards for the protection, confidentiality, and security of individuals’ health information.
This training program covers core HIPAA compliance principles.
| Day | Topics Covered |
|---|---|
| Day 1 | - What is HIPAA? - Importance to Patients & Organizations - Omnibus Rule (2013) - Components of Protected Health Information (PHI) |
| Day 2 | - Difference: Confidentiality, Privacy, Security - Understanding Confidentiality & Privacy - Privacy & Security Rules Explained |
| Day 3 | - Patient Rights under HIPAA - Permitted Uses & Disclosures of Health Information |
GDPR stands for General Data Protection Legislation. It is a European Union (EU) law that came into effect on 25th May 2018. GDPR governs the way in which we can use, process, and store personal data (information about an identifiable, living person).
| Day | Topics Covered |
|---|---|
| Day 1 | - GDPR Introduction - GDPR & Privacy Alignment - Data Categories - Data Subject Rights & Key Articles |
| Day 2 | - Detailed Rights of Data Subjects - Data Privacy Impact Assessment (DPIA) - Data Processing Agreements |
| Day 3 | - Role & Responsibilities of the Data Protection Officer (DPO) - EU & UK Representatives - Breach Reporting & Penalties |
ITIL (Information Technology Infrastructure Library) is a globally recognized framework for IT service management (ITSM). It provides best practices for delivering IT services that align with business needs, improve efficiency, and ensure customer satisfaction
| Day | Topics Covered |
|---|---|
| Day 1 | - ITIL Service Lifecycle: Strategy, Design, Transition, Operation, CSI - ITIL Processes, Functions, Roles - Aligning IT Services with Business Goals |
| Day 2 | - ITIL 4 Foundation Exam Preparation - Practice Questions and Exam Strategy |
| Step | Details |
|---|---|
| Exam Format | 40 multiple-choice questions |
| Duration | 60 minutes |
| Passing Score | 65% (26 correct answers out of 40) |
| Certification Body | PeopleCert (on behalf of Axelos) |
| Delivery Method | Online via remote proctoring or at accredited test centers |
CISM stands for Certified Information Security Manager. It is a globally recognized certification offered by ISACA (Information Systems Audit and Control Association) for professionals involved in information security management
| Day | Topics Covered |
|---|---|
| Day 1 | - Information Security Governance - Information Risk Management |
| Day 2 | - Information Security Program Development and Management - Information Security Incident Management |
| Day 3 | - Certification and Exam Preparation - Register via ISACA.org |
| Step | Details |
|---|---|
| Register for Exam | Via ISACA website |
| Exam Format | 150 multiple-choice questions |
| Passing Score | 450 out of 800 (scaled score) |
| Duration | 4 hours |
| Exam Delivery | Remote proctoring or authorized testing centers |
The CISSP (Certified Information Systems Security Professional) is a globally recognized certification in the field of information security. It is offered by (ISC)², the International Information System Security Certification Consortium.
CISSP is a certification for professionals who develop policies and procedures in information security. It is considered a gold standard.
| Day | Topics Covered |
|---|---|
| Day 1 | - Security and Risk Management - Asset Security - Security Architecture and Engineering |
| Day 2 | - Communication and Network Security - Identity and Access Management (IAM) |
| Day 3 | - Security Assessment and Testing - Security Operations |
| Day 4 | - Software Development Security |
| Day 5 | - Practice Exam Questions - Full-Length Mock Test - Exam Strategy and Q&A |
| Exam Component | Details |
|---|---|
| Exam Body | (ISC)² |
| Testing Partner | Pearson VUE |
| Format | Multiple Choice & Advanced Innovative Questions |
| Total Questions | 250 |
| Duration | 6 Hours |
| Passing Score | 700 out of 1000 |
| Requirement | Details |
|---|---|
| Work Experience | 5 years in at least 2 of the 8 CISSP domains |
| Endorsement | Submit a form endorsed by an (ISC)² certified professional |
| Code of Ethics | Must agree to the (ISC)² Code of Ethics |
| Annual Maintenance Fee | $125 USD per year |
| CPE Credits | Required to maintain certification annually |
CISA stands for Certified Information Systems Auditor. It is a globally recognized certification offered by ISACA (Information Systems Audit and Control Association). The CISA certification is designed for professionals who audit, control, monitor, and assess an organization’s information technology and business systems.
| Day | Topic |
|---|---|
| Day 1 | Information System Auditing Process |
| Day 2 | Governance and Management of IT |
| Day 3 | Information Systems Acquisition, Development and Implementation |
| Day 4 | Information Systems Operations and Business Resilience |
| Day 5 | Protection of Information Assets |
| Step | Details |
|---|---|
| Register for Exam | Create an account at www.isaca.org |
| Exam Format | 150 multiple-choice questions |
| Duration | 4 hours |
| Passing Score | 450 out of 800 (scaled score) |
| Exam Delivery | Remote proctoring or at authorized testing centers (year-round availability) |
| Cost | $575 (ISACA Members) / $760 (Non-members) |
The Digital Personal Data Protection Act (DPDP Act), enacted in 2023, is India’s landmark legislation governing the processing of digital personal data. It emphasizes individuals’ rights to data protection and outlines obligations for organizations handling such data.Note: This training is 20 Hours in 2 days
| Day | Topic | Summary |
|---|---|---|
| Day 1 | DPDP Act, Components & Framework | Covers personal data protection, consent, rights, fiduciaries, and compliance strategies like data mapping, privacy design, and redressal mechanisms. |
| Day 2 | Implementation & Penalties | Focuses on implementing safeguards, consent tools, access controls; penalties range ₹10–250 Cr for breaches or non-compliance. |
The Certified Information Privacy Technologist credential, offered by the International Association of Privacy Professionals (IAPP), is designed for IT professionals responsible for building and managing privacy-compliant systems and technologies. This training empowers participants with the skills to integrate privacy .
| Key Topics | Description |
|---|---|
| Role of IT in Privacy Compliance | Understand how IT systems support and enforce privacy laws and practices |
| Privacy by Design (PbD) Integration | Embed privacy features at the design stage of systems and product lifecycles |
| Data Risk & Breach Management | Identify, assess, and mitigate data protection risks and respond to breaches |
| Privacy Engineering Methodologies | Apply structured approaches to designing privacy-aware systems |
| Emerging Technologies & Privacy Challenges | Explore privacy issues in AI, IoT, blockchain, and other modern technologies |
| Global Privacy Regulations & Frameworks | Learn about GDPR, CCPA, DPDP Act 2023, and their implications on technology |
| Section | Details |
|---|---|
| Duration | 2–3 days (customizable based on client needs) |
| Certification | Participants will receive a course completion certificate and support for IAPP CIPT exam registration |
Learn to design, implement, and manage an ISO 27001-compliant Information Security Management System (ISMS) for organizational security resilience.
Master audit techniques to assess ISO 27001:2022 compliance, evaluate risks, and ensure robust security controls in any organization.
Understand implementation of ISO 27018 for protecting personal data in cloud computing, ensuring privacy compliance and trust in cloud services.
Gain expertise in risk management principles, frameworks, and processes based on ISO 31000 to strengthen decision-making and organizational resilience.
Develop auditing skills for ISO 9001 quality management systems, ensuring compliance, continuous improvement, and customer satisfaction across industries.
Learn to implement and audit AI management systems as per ISO 42001, focusing on ethics, accountability, and responsible AI governance.
Understand the NIST Cybersecurity Framework 2.0, focusing on identifying, protecting, detecting, responding to, and recovering from cybersecurity threats effectively.
Certified Information Security Manager training prepares you for leadership in managing, designing, and assessing an enterprise’s information security program.
CISSP certification training covers key cybersecurity domains, preparing professionals to design and manage enterprise-level information security programs.
Understand HIPAA compliance requirements to safeguard healthcare data, ensure patient privacy, and protect sensitive health information within your organization.
Train for Certified Information Systems Auditor (CISA) to evaluate and monitor IT systems, controls, and compliance in audit environments.
Gain insights into India’s Digital Personal Data Protection (DPDP) Act 2023, ensuring lawful data processing and privacy compliance practices.
Learn EU GDPR compliance fundamentals, including lawful data processing, user rights, breach notification, and cross-border data flow regulations.
Understand and implement PCI DSS standards to protect cardholder data, reduce payment fraud, and ensure secure financial transactions.
Master ITIL v4.0 practices for IT service management, enhancing service delivery, customer satisfaction, and operational efficiency across IT organizations.
To get a free quote, ask a question, or provide feedback about our service, please contact us.
One IT Security Consulting Services provides expert cybersecurity, data privacy, and compliance consulting, helping businesses secure assets and mitigate risks efficiently.
Copyright © One IT Security Consulting Services 2025 All Rights Reserved | Website Developed by Flown Developer