ISO/IEC 20000 Foundation

Introduction:

Clients request that their (internal or external) IT Service Providers can prove that they are able to provide the required service quality and have appropriate service management processes in place.Based on processes, ISO/IEC20000 is an internationally recognized standard for IT Service Management that specifies requirements for the service provider to plan, establish, implement, operate, monitor, review, maintain and improve an SMS.
The requirements include the design, transition, delivery and improvement of services to fulfill agreed service requirements.
ISO/IEC20000 certification is awarded after audits conducted by Registered Certification Bodies, which ensure that a service provider designs, implements and manages an IT Service Management system in line with the requirements of the standard.
 

Course Description:

This course provides a basic insight in the specifications and code of practice for ISO/IEC20000 and covers the second edition of the standard (ISO/IEC 20000-1:2011) 

which cancels and replaces the first edition (ISO/IEC 20000-1:2005).


Some of the main differences are as follows:

• closer alignment to ISO 9001

• closer alignment to ISO/IEC 27001

• change of terminology to reflect international usage

• clarification of the requirements for the governance of processes operated by other parties

• clarification of the requirements for defining the scope of the SMS

• clarification that the PDCA methodology applies to the SMS, including the service management processes, and the services

• introduction of new requirements for the design and transition of new or changed services 

Students who have attended this course are suitably prepared to successfully take the associated ISO/IEC 20000 Foundation certification test which is one of the possible pre-requisites for the Practitioner qualification. 

Course and Learning Objectives:

At the end of this course the student will beable to understand the scope, objectives and high level requirements of the ISO/IEC 20000 standard, how it is used in a typical IT service provider organization, together with the main elements of the certification process.

Specifically, the student will understand:

• The background to ISO/IEC 20000

• The scope and purpose of Parts 1, 2, 3 and 5 of ISO/IEC 20000 and how these can be used

• The key terms and definitions used

• The fundamental requirements for an SMS and the need for continual improvement

• The processes, their objectives and high level requirements in a typical IT service provider scenario 

• Applicability and scope definition requirements

• The purpose of internal and external audits, their operation and the associated terminology.

• The operation of the APMG Certification Scheme

• The relationship with best practices and related standards  
 

Course Approach:

Participants will learn the principles and core elements of the ISO/IEC 20000 standard for IT Service Management. An interactive approach is used combining lecture, discussion and handouts to prepare participants for the ISO/IEC 20000 Foundation certification exam. 

Course Student Material:

Students will receive a ISO/IEC 20000 Foundation classroom workbook containing all of the presentation materials, course notes and sample exams. 

 Languages: Cantonese

Reference Materials: Additional reference materials are not required for this course.

About the Examination: Multiple choice, 40 questions per paper, 26 marks required to pass (out of 40 available) - 65%, 60 minutes duration.

Prerequisites: There are no per-requisites for this course, although a basic knowledge of Service Management concepts will be helpful.

Credits: Upon successfully achieving the ISO/IEC 20000 Foundation certificate, the student will be recognized with 1 credit of the 6 complementary credits available to put towards the ITIL Expert certification. Project Management Institute –Professional Development Units (PDUs) = 14

Target Audience: Staff working within an IT service provider organization who require a basic understanding of the standard, Staff working within service providers who are already certified to ISO/IEC 20000 or those considering its implementation. 

Certificate: ISO/IEC 20000 Foundation (Fast-Track)
Date: TBC
Time: 9:30am-5:30pm
Course fee: HK$8,000 (including Exam fee) 

ISO/IEC 20000 Auditor

Introduction:

Clients request that their (internal or external) IT Service  Providers can prove that they are able to provide the required service  quality and have appropriate service management processes in place.Based  on processes, ISO/IEC20000 is an internationally recognized standard  for IT Service Management that specifies requirements for the service  provider to plan, establish, implement, operate, monitor, review,  maintain and improve an SMS.The requirements include the design, transition, delivery and improvement of services to fulfill agreed service requirements.ISO/IEC20000  certification is awarded after audits conducted by Registered  Certification Bodies, which ensure that a service provider designs,  implements and manages an IT Service Management system in line with the  requirements of the standard. 

Course Description:

The purpose of the ISO/IEC 20000 Auditor course is to provide  sufficient understanding of ITSM generally and knowledge of the contents  and requirements of the ISO/IEC 20000 standard to be able to perform  audits against the standard.The course covers the second edition  of the standard (ISO/IEC 20000-1:2011) which cancels and replaces the  first edition (ISO/IEC 20000-1:2005)

Some of the main differences are as follows:

• closer alignment to ISO 9001

• closer alignment to ISO/IEC 27001

• change of terminology to reflect international usage

• clarification of the requirements for the governance of processes operated by other parties

• clarification of the requirements for defining the scope of the SMS

• clarification that the PDCA methodology applies to the SMS, including the service management processes, and the services

• introduction of new requirements for the design and transition of new or changed services

Students  who have attended this course are suitably prepared to successfully  take the associated ISO/IEC 20000 Auditor certification test. 

Course and Learning Objectives:

At the end of this course the student will be able to understand the  principles of ITSM and the requirements of the ISO/IEC 20000 standard,  how it is used in a typical IT service provider organization, together  with the main elements of the certification Scheme.

Specifically, the student will understand:

• The background to ISO/IEC 20000

• The scope and purpose of Parts 1, 2, 3 and 5 of ISO/IEC 20000 and how these can be used during auditing and certification

• The key terms and definitions used

• ITSM general principles

• The structure and application of ISO/IEC 20000-1

• The requirements of ISO/IEC 20000-1

• Applicability and scope definition requirements

• The purpose of internal and external audits, their operation and the associated terminology.

• The operation of the APMG Certification Scheme

• The relationship with best practices and related standards – specifically ITIL, ISO 9001 and ISO/IEC 27001 

Course Approach:

This 2-day ISO/IEC20000  Auditor Course provides an effective learning environment for anyone  interested in learning how to conduct the ISO/IEC20000 process audit.The course introduces both theoretical and practical knowledge to course participants.They  will learn how to conduct ISO/IEC20000 process audits on their own IT  organization as well as provide knowledge support within their own IT  organization.

Course Student Material:

Students will receive a ISO/IEC 20000Auditor classroom workbook containing all of the presentation materials, course notes and sample exams. 

Languages:Cantonese

Reference Materials:Additional reference materials are not required for this course.

About the Examination: Multiple choice, 40 questions per paper, 26 marks required to pass  (out of 40 available) - 65%, 60 minutes duration.

Prerequisites:Candidates  are required to have a minimum of three years' experience of auditing  in an IT environment since the course does not cover generic principles  of Management System auditing.

Credits:Upon  successfully achieving the ISO/IEC 20000 Auditor certificate, the  student will be recognized with 1 credit of the 6 complementary credits  available to put towards the ITIL Expert certification.Project Management Institute –Professional Development Units (PDUs) = 14

Target Audience:This  course is aimed at existing third-party or internal auditors who wish  to understand the specific requirements of auditing IT Service  Management Systems for conformance with the ISO/IEC 20000 standard. 

Certificate: ISO/IEC 20000 Auditor ( Fast-track)
Date: TBC
Time: 9:30am-5:30pm
Course fee: HK$9,800 (including Exam fee) 

ISO/IEC 20000 Practitioner

Introduction:

Clients request that their (internal or external) IT Service  Providers can prove that they are able to provide the required service  quality and have appropriate service management processes in place.Based  on processes, ISO/IEC20000 is an internationally recognized standard  for IT Service Management that specifies requirements for the service  provider to plan, establish, implement, operate, monitor, review,  maintain and improve an SMS.The requirements include the design, transition, delivery and improvement of services to fulfill agreed service requirements.ISO/IEC20000  certification is awarded after audits conducted by Registered  Certification Bodies, which ensure that a service provider designs,  implements and manages an IT Service Management system in line with the  requirements of the standard. 

Course Description:

This course provides sufficient understanding of ISO/IEC 20000 and  its application to be able to analyse and apply the gained knowledge to a  range of activities that would support organizations in conforming to  the requirements of Part 1, and achieving and retaining ISO/IEC 20000  certification.The course covers the second edition of the  standard (ISO/IEC 20000-1:2011) which cancels and replaces the first  edition (ISO/IEC 20000-1:2005).

Some of the main differences are as follows:

• closer alignment to ISO 9001

• closer alignment to ISO/IEC 27001

• change of terminology to reflect international usage

• clarification of the requirements for the governance of processes operated by other parties

• clarification of the requirements for defining the scope of the SMS

• clarification that the PDCA methodology applies to the SMS, including the service management processes, and the services

• introduction of new requirements for the design and transition of new or changed services

Students  who have attended this course are suitably prepared to successfully  take the associated ISO/IEC 20000 Practitioner certification  examination. 

Course and Learning Objectives:

At the end of this course the student will be able to understand and  be able to analyse and apply the content of ISO/IEC 20000 within  currently certified organizations or those wishing to implement an SMS  in preparation for initial certification.

Specifically, the student will be able to:

• Understand the purpose, use and application of Parts 1, 2, 3 and 5 of the standard

• Assist and advise organizations in the achievement of conformance to ISO/IEC 20000-1 and certification.

• Understand, explain and advise on issues regarding applicability, eligibility and scope definition

• Understand and explain the relationship between ISO/IEC 20000 and ITSM best practices in common use and related standards

• Explain and apply the requirements of Part 1

•  Explain the use of technology and tools to support the implementation  and improvement of an SMS, the achievement of certification and the  ongoing demonstration of conformance to Part 1.

• Advise and assist in ISO/IEC 20000 certification readiness assessments

• Produce a gap analysis supported by an improvement and implementation plan

• Understand, create and apply a service management plan

• Assist and advise organizations on the implementation of continual improvement processes

• Prepare organizations for an ISO/IEC 20000 certification audit using the regulations of the APMG Certification Scheme. 

Course Approach:The three-day ISO/IEC 20000  Practitioner Course offers a unique series of focused sessions where  participants are educated on the full potential of ISO20000. The course  provides experience-based guidelines and concepts regarding implementing  ISO20000, with special emphasis on the 'soft' aspects of changing an  organization.This, undoubtedly, will allow for the development of  essential skills to support the decision making process and, allow for  the drawing up of detailed implementation approach for the participants  organization.

Course Student Material:Students  will receive a ISO/IEC 20000. Practitioner classroom workbook  containing all of the presentation materials, course notes, case study,  exercises and sample exams. 

Languages: Cantonese

Reference Materials: Additional reference materials are not required for this course.

About the Examination: Complex Multiple Choice, 4 questions per paper, 20 marks available per question, 40 marks required to pass (out of 80 available) - 50%. Three hours duration open book (a copy of Part 1 is permitted).

Prerequisites:Candidate  must hold one of the following qualifications to qualify to sit the  Practitioner exam: ISO/IEC 20000 Foundation or ITIL Foundation

Credits:Upon successfully achieving theISO/IEC 20000 Practitioner certificate, the  student will be recognized with 1.5 credit of the 6 complementary  credits available to put towards the ITIL Expert certification.Project Management Institute –Professional Development Units (PDUs) = 21

Target Audience:This  qualification is aimed at practitioners, managers and consultants  involved in an SMS implementation and/or on-going activities based on  ISO/IEC 20000. 

Certificate: ISO/IEC 20000 Practitioner (fast-track)
Date: TBC
Time: 9:30am-5:30pm
Course fee: HK$12,500 (including Exam fee) 

Information Security

ISO Information Security Foundation based on ISO27002

Course Overview:
The international standard, the Code of Practice for Information Security ISO/IEC 27002:2013 is awidely respected and referenced standard and provides a framework for the organization andmanagement of an information security program. Implementing a program based on this standardwill serve an organization well in its goal of meeting many of the requirements faced in today'scomplex operating environment.
A strong understanding of this standard is important to the personal development of everyinformation security professional.
Target Audience:Every employee, from worker to top management, dealing with valuable information.
Prerequisites: NoneCourse Duration: 16 hours / 2 days
 

Learning Objectives:

 At the end of this course, the learner will gain competencies to:

  • Information and security: the concept, the value, the importance and the reliability of

information;

  • Threats and risks: the concepts of threat and risk and the relationship with the reliability

of information;

  • Approach and organization: the security policy and security organization including the

components of the security organization and management of (security) incidents;

  • Measures: the importance of security measures including physical, technical and

organizational measures and

  • Legislation and regulations: the importance and impact of legislation and regulations

Course Logistics:The course will revert to a standard training class.A whiteboard, flip chart and a Projector/Beamer will be required

Course Student Material:Delegates receive a copy of the classroom material. 

Examination:


  • Examination type - Paper-based multiple-choice questions
  • Number of questions - 40
  • Pass mark - 65%
  • Open book/notes - No
  • Electronic equipment/aides permitted - No
  • Time allotted for examination - 60 minutes

 Certificate:A certificate is awarded by EXIN when the candidates pass the exam. 

ISO27002 – Information Security Foundation
Date: 20/10, 21/10
Time: 9:00am-5:00pm
Course fee: HK$4,000 (including Exam fee)
 

Business Continuity Management

ISO Business Continuity Management Foundation based on ISO22301

Course Overview: Business continuity management is a holistic management process that identifies potential threats to an organization and the impacts to business operations those threats, if realized, might cause. It provides a framework for building organizational resilience with the capability of an effective response that safeguards the interests of its key stakeholders, reputation, brand and value creating activities. 

Target Audience:Everyone in the organization must be aware of the Business and its Continuity. Prerequisites: None 

Course Duration: 16 hours / 2 days 

Learning Objectives:At the end of this course, the learner will gain competencies to:

  • the context of the organization in relation to planning for and managing of business continuity
  • the purpose of the business continuity management system (BCMS)
  • the importance of management commitment in planning for and managing the business

continuity system

  • the roles, responsibilities and authorities of staff involved in planning for and managing

business continuity

  • the purpose of risk assessment in planning for and managing business continuity 
  • the supporting elements of the BCMS
  • the elements of the operational part of the BCMS
  • the operation of BIA and Risk Assessment
  • the organizational strategy and the related procedures
  • the evaluation of the BCMS performance
  • the Act stage of PDCA in business continuity

Course Logistics:

 The course will revert to a standard training class.A whiteboard, flip chart and a Projector/Beamer will be required 

Course Student Material:Delegates receive a copy of the classroom material.Examination:

  • Examination type - Paper-based multiple-choice questions
  • Number of questions - 40
  • Pass mark - 65%
  • Open book/notes - No
  • Electronic equipment/aides permitted - No
  • Time allotted for examination - 60 minutes

 Certificate: A certificate is awarded by EXIN when the candidates pass the exam. 

 ISO22301 – Business Continuity Management Foundation
Date: 10/10, 11/10
Time: 9:00am-5:00pm
Course fee: HK$4,000 (including Exam fee)