Tom Considine & Associates
"Information Privacy Professionals"

Your Subtitle text


     Information Protection Manager Training Program


Our Information Protection Manager (IPM) training program is broken into three levels of training.  

Three-day comprehensive seminar

This program is designed for Small and Mid-sized Businesses (SMBs) with a limited amount of sensitive information and privacy regulations affecting the SMB.  The program covers understanding laws and industry mandates, information inventory methods, data flow analysis, risk assessments and mitigation practices, simple written policy and procedure development with supplied templates.  This course is also a perfect refresher training for those who have not utilized auditing procedures for some time.  

One-week organizational development program    

The Essentials for Information Protection Managers & Compliance Training.

This must-attend training program features a comprehensive update on the very latest data protection laws, rules and compliance guidelines.  In addition, it provides you with intensive training in solid, real-world solutions for maintaining compliance — and maintaining a secure workplace.

Plus, You Learn How to Handle One of Today’s Biggest Security Threats: Computer System Security

Information Protection Managers attending this program will receive:

·          Information & Data Security Risk Assessment and Audit Manual - The manual contains a methodology for conducting data protection compliance audits together with a series of checklists aimed at testing compliance with each of the laws main provisions. Rather than simply being tailored to a single law, it has been written in such a way that any Information Protection Manager can use it to help judge their own information protection compliance. Similarly, it may also be used by other organizations offering such services to Information Protection Managers. Given that potential users may have different levels of existing audit expertise, the manual also includes general guidance on compliance auditing.

This is the Most Important Two Days of Training You'll Ever Have The Opportunity to Attend

That’s because you’ll learn crucial information that can literally save your organization from crippling fines, regulatory oversight and protect your most vital assets — your business partners and customers.  The Essentials for Information Protection Managers & Compliance Training is the fastest and best way available to get the know-how you need to protect your organizations information from security breaches and insider attacks from rogue employees — and the information  compliance strategies you need to meet your compliance requirements to protect your organization.

What You'll Learn:  Nevada 603A & Senate Bill SB 227 Compliance training

  • Get up-to-date fast on Nevada 603A & SB-227, Massachusetts 201CMR17.00 and FACTA’s latest changes-“Red Flags”
  • Gain cost-saving solutions which use a common sense approach to compliance
  • Prevent common employee errors that result in violations of protection laws
  • Meet stringent written information security program requirements in less time
  • Know where inspectors are most likely to look — and be ready!
  • Avoid huge fines and lawsuits by understanding and implementing compliance basics.

Who Should Attend?

  • Security Managers
  • Those involved in employee training
  • Facility Managers
  • Human Resource Personnel
  • Business Owners
  • Supervisors and Managers
  • Organizations who want to get the upper hand on the competition
  • Persons who want to make themselves more valuable to their employer
  • Job seekers looking for an edge in a tough job market   

Massachusetts 201 CMR 17 Data Protection Compliance Training, MA 201 CMR 17 

Information Protection Manager & Compliance Training Course Outline

 Introductions / Course Overview 

    2. Privacy Laws 
    3. Case Studies: An in-depth look at actual cases  
    4. Web Privacy Information and Security

        A.  Information security controls

            - Information security control strategies
            - Authentication
            - Intrusion prevention
            - Intrusion Detection System (IDS)
            - Intrusion Prevention System (IPS)
            - Firewalls
            - Content scanning
            - Anti virus software
        B. Information Infrastructure

           - Data management
           - Computer hardware
           - Platforms
           - Documented Operating Procedures
           - Incident Management Procedures
           - Segregation of Duties
           - Protection Against Malicious software
           - Information Backup
           - Network Controls

        C.  Media Handling and Security
            - Management of Removable Computer Media
   - Disposal of Media
- Information Handling Procedures
- Electronic Commerce Security
- Security of Electronic Mail
- Security of Electronic Office Systems
    5.  Protecting your business 
            - Awareness
            - Best practices
            - Training
            - Audits
            - Monitoring
            - Physical Security

     6.  Information Protection Audits  
           - Aims of the Information Protection Compliance Audit
           - Why Should we Audit?
           - Audit Objectives
           - What is an Audit?
           - Audit Categories
           - First Party Audits
           - Second Party Audits
           - Compliance Investigations
           - Conducting Third Party Audits on Vendors
    7.  Written Information Security Programs and Policies  
           - Introduction to Security Policies
           - Policy Development Instructions
           - Specific Policies
           - Sample Security Policies
           - Templates on developing your Written Information Security Program (WISP) 

                                                                Tom Considine & Associates
                                                 Information Privacy Professionals

                                                                Ph:        (702)  722-3492