Information Security

 View Only
  • 1.  Information Security Training

    This message was posted by a user wishing to remain anonymous
    Posted 02-09-2022 02:48 PM
    This message was posted by a user wishing to remain anonymous

    Hello!  I am wondering if any of you have resources for training classes or certifications that one or more of our vendor management folks can take to increase skill levels surrounding information security/cyber security?  For example, a class about how to read/evaluate a SOC report or something similar?


  • 2.  RE: Information Security Training

    Posted 02-10-2022 10:08 AM
    Hi,
    For Vendor Management specific certification I suggest Compliance Education Institute; https://compliance-edu.com . They offer various levels of CRVPM (Certified Regulatory Vendor Program Manager) certifications. You can start with Level 1 and advance as your certification comes up for renewal (2 years) or you can take the whole enchilada at once; Level 1 thru Level 4. For cyber security/information security, (ISC)2 is offering a new entry level certification; ELCC (Entry Level Cybersecurity Certification). It looks like a good stepping stone to CISSP. Of course, you can't beat the training resources offered by Venminder. They have a large library of excellent training materials and webinars on all the disciplines of Vendor Management.

    Michael Weaver; CISSP, CDPSE, CRVPM IV

    Information Security Officer

     




  • 3.  RE: Information Security Training

    Posted 02-10-2022 11:00 AM
    I agree, Mick and his team at Compliance Education Institute have a great set of certifications for a vendor program manager.  I heard there will be a new CRVPM level this year and I am excited to see what it will cover. 

    I also agree that SOC assessment if certainly an area to expand and it could be beyond a general knowledge and understanding into how to build or identify sufficient and appropriate internal controls for CUECs.  


    ------------------------------
    Rachel Kenyon
    Division Third Party Risk Management Senior Analyst
    CRVPM IV
    ------------------------------



  • 4.  RE: Information Security Training

    This message was posted by a user wishing to remain anonymous
    Posted 02-10-2022 01:04 PM
    This message was posted by a user wishing to remain anonymous

    Thank you for the reply!  We are all CRVPM certified here at various levels.  I will look into the ELCC certification, and check out Venminder's training materials as well once we sign our contract.  Thanks again!