ISACA Advanced in AI Security Management (AAISM) Training Course

This instructor-led, live training in Mexico (online or onsite) targets intermediate-level enterprise leaders who wish to understand how to govern and secure AI systems responsibly and in compliance with emerging global frameworks such as the EU AI Act, GDPR, ISO/IEC 42001, and the U.S. Executive Order on AI.

By the end of this training, participants will be able to:

• Understand the legal, ethical, and regulatory risks of using AI across departments.
• Interpret and apply major AI governance frameworks (EU AI Act, NIST AI RMF, ISO/IEC 42001).
• Establish security, auditing, and oversight policies for AI deployment in the enterprise.
• Develop procurement and usage guidelines for third-party and in-house AI systems.

Artificial Intelligence (AI) brings new layers of operational risk, governance challenges, and cybersecurity vulnerabilities for government agencies and departments.

This instructor-led training (available online or on-site) is designed for public sector IT and risk professionals with limited prior experience in AI who want to learn how to evaluate, monitor, and secure AI systems within a government or regulatory environment.

Upon completion of this training, participants will be able to:

• Understand key risk concepts associated with AI systems, such as bias, unpredictability, and model drift.
• Implement AI-specific governance and auditing frameworks, including the NIST AI RMF and ISO/IEC 42001.
• Identify cybersecurity threats aimed at AI models and data pipelines.
• Develop cross-departmental risk management strategies and ensure policy alignment for AI deployment.

Course Format

• Interactive lectures and discussions featuring public sector case studies.
• Exercises on AI governance frameworks and policy mapping.
• Scenario-based threat modeling and risk assessment.

Customization Options

• To request customized training for this course, please contact us to arrange it.

This instructor-led, live training in Mexico (online or onsite) is designed for beginner to intermediate IT professionals seeking to understand and implement AI TRiSM within their organizations.

Upon completing this training, participants will be able to:

• Understand the core concepts and significance of AI trust, risk, and security management.
• Identify and mitigate risks linked to AI systems.
• Apply security best practices for AI.
• Comprehend regulatory compliance and ethical considerations for AI.
• Develop strategies for effective AI governance and management.

This instructor-led, live training in Mexico (online or onsite) is aimed at intermediate-level to advanced-level AI developers, architects, and product managers who wish to identify and mitigate risks associated with LLM-powered applications, including prompt injection, data leakage, and unfiltered output, while incorporating security controls like input validation, human-in-the-loop oversight, and output guardrails.

By the end of this training, participants will be able to:

• Understand the core vulnerabilities of LLM-based systems.
• Apply secure design principles to LLM app architecture.
• Use tools such as Guardrails AI and LangChain for validation, filtering, and safety.
• Integrate techniques like sandboxing, red teaming, and human-in-the-loop review into production-grade pipelines.

Description:

This four-day event (CGEIT training) serves as the ultimate preparation for exam day, designed to ensure you pass the challenging CGEIT exam on your first attempt.
The CGEIT qualification is an internationally recognized symbol of excellence in IT governance, awarded by ISACA. It is intended for professionals responsible for managing IT governance or who hold significant advisory or assurance responsibilities for IT governance.
Achieving CGEIT status will provide you with broader recognition in the marketplace, as well as increased influence at the executive level.

Objectives:

This seminar is designed to prepare delegates for the CGEIT examination by enabling them to supplement their existing knowledge and understanding, ensuring they are better prepared to pass the exam as defined by ISACA.

Target Audience:

Our training course is for IT and business professionals with significant IT governance experience who are undertaking the CGEIT exam.

Description:

CISA® stands as the globally recognized and most widely adopted certification for professionals specializing in IS audit and IT risk consulting.

Our CISA program is an intensive, highly competitive, and exam-oriented training course. Drawing on our experience of delivering over 150 CISA trainings across Europe and the world, and having trained more than 1,200 CISA candidates, Net Security’s in-house training materials are designed with the primary objective of ensuring delegates pass the ISACA CISA® Exam. The methodology emphasizes a deep understanding of CISA IS auditing concepts alongside extensive practice using ISACA question banks released in the past three years. Over time, CISA-certified holders have seen immense demand from renowned accounting firms, global banks, advisory and assurance firms, as well as internal audit departments.

While delegates may possess years of experience in IT auditing, their ability to answer CISA questionnaires correctly depends entirely on their grasp of globally accepted IT assurance practices. The CISA exam is notoriously challenging due to the close proximity of plausible answers, which is exactly how ISACA tests your understanding of global IT auditing practices. To tackle these exam challenges, we exclusively provide expert trainers with extensive experience in delivering CISA training worldwide.

The Net Security CISA manual covers all exam-relevant concepts, case studies, and Q&A across the five CISA domains. Additionally, trainers provide key supporting materials during the course, including relevant CISA notes, question banks, a CISA glossary, videos, revision documents, exam tips, and CISA mind maps.

Goal:

The ultimate goal is to pass your CISA examination on the first attempt.

Objectives:

• Apply acquired knowledge in a practical manner that benefits your organization.
• Deliver audit services in compliance with IT audit standards.
• Provide assurance regarding leadership, organizational structure, and processes.
• Provide assurance concerning the acquisition, development, testing, and implementation of IT assets.
• Provide assurance regarding IT operations, including service operations and third-party management.
• Provide assurance that the organization’s security policies, standards, procedures, and controls ensure the confidentiality, integrity, and availability of information assets.

Target Audience:

Finance/CPA professionals, IT professionals, internal and external auditors, and information security and risk consulting professionals.

This training is structured as a workshop that combines practical learning with in-depth theoretical knowledge. The curriculum aligns with the official CISA certification framework. Throughout the sessions, we will analyze case studies to address specific issues in detail. Classes are conducted in English, with Polish available upon request, utilizing the ISACA handbook as the primary resource.
 

Scope of the CISA Exam Materials:

• Information System Auditing Process (21%)
• Governance and Management of IT (17%)
• Information Systems Acquisition, Development and Implementation (12%)
• Information Systems Operation and Business Resilience (23%)
• Protection of Information Assets (27%)

Exam Duration: 4 hours
Format: Multiple choice test
Number of Questions: 200

Requirements to qualify for the CISA designation:

1. Successfully pass the CISA exam. The minimum passing score is 450 out of 800.
2. Adhere to the ISACA Code of Professional Ethics
3. Commit to the CISA Continuing Professional Education (CPE) Policy
4. Obtain at least 5 years of professional experience in information systems auditing, control, or security.
5. Comply with ISACA Information Systems Auditing Standards

If you have passed the exam and believe you meet these criteria, you may begin the certification application process: apply for certification here
A processing fee of $50 applies to this application.

Additionally, there is an annual maintenance fee required to keep your certification active. The cost is $40 per year for ISACA members and $75 for non-members.

Description:

Please note that the updated CISM exam content outline applies to exams beginning on June 1, 2022.

CISM® stands as the most prestigious and rigorous qualification for Information Security Managers worldwide today. This credential offers you a pathway to join an elite peer network of professionals capable of continuously learning and adapting to the expanding opportunities and challenges in Information Security Management.

Our CISM training methodology delivers comprehensive coverage of the four CISM domains, focusing on building strong conceptual foundations and solving questions released by ISACA for the CISM exam. This course serves as intense training and rigorous exam preparation for the ISACA’s Certified Information Security Manager (CISM®) Examination.

Our instructors encourage all participants to review the ISACA-released CISM QA&E (Questions, Answers, and Explanations) as part of their exam preparation. The QA&E is invaluable in helping participants understand the style of ISACA questions, the approach to solving them, and facilitates rapid retention of CISM concepts during live classroom sessions.
All our trainers bring extensive experience in delivering CISM training. We will thoroughly prepare you for the CISM examination.

Goal:

The primary objective is to help you pass your CISM examination on the first attempt.

Objectives:

• Apply the acquired knowledge in a practical manner that benefits your organization
• Establish and maintain an information security governance framework to achieve your organization's goals and objectives
• Manage information risk to an acceptable level to meet business and compliance requirements
• Establish and maintain information security architectures (people, process, technology)
• Integrate information security requirements into the contracts and activities of third parties/ suppliers
• Plan, establish, and manage the capability to detect, investigate, respond to, and recover from information security incidents to minimize business impact

Target Audience:

• Security professionals with 3-5 years of front-line experience
• Information security managers or individuals with management responsibilities
• Information security staff and assurance providers who require a deep understanding of information security management, including: CISOs, CIOs, CSOs, privacy officers, risk managers, security auditors, compliance personnel, BCP/ DR staff, and executive or operational managers responsible for assurance functions

Description:

This course serves as an intensive and rigorous preparation for the ISACA Certified Information Systems Auditor (CRISC) Examination. We cover the four (4) latest domains of ISACA’s CRISC syllabus, placing a strong emphasis on exam readiness. Participants will receive the Official ISACA CRISC Review Manual and the Question, Answer, and Explanation (Q,A&E) supplement. The Q,A&E resource is invaluable for helping delegates understand the specific style of ISACA questions, the types of answers they seek, and facilitating rapid retention of the material.

The technical skills and practices promoted and evaluated by ISACA for the CRISC certification form the foundation of success in this field. Holding the CRISC certification demonstrates professional competence. Given the increasing demand for professionals with risk and control expertise, ISACA’s CRISC has become the preferred certification for individuals and organizations worldwide. The CRISC certification signals a commitment to serving an enterprise and profession with distinction.

Objectives:

• Help you pass the CRISC examination on your first attempt.
• Hold a credential that signifies your dedication to serving an enterprise with excellence.
• Leverage the growing market demand for risk and control skills to secure better positions and higher salaries.

You will learn:

• How to help enterprises achieve business objectives by designing, implementing, monitoring, and maintaining risk-based, efficient, and effective IS controls.
• The technical skills and practices promoted by CRISC, which serve as the building blocks for success in the industry.

Description:

Cybersecurity expertise is in high demand, as threats continue to plague enterprises around the world. An overwhelming majority of professionals surveyed by ISACA recognise this and plan to work in a position that requires cybersecurity knowledge.
To fill this gap, ISACA has developed the Cybersecurity Fundamentals Certificate, which provides education and verification of skills in this area.

Objectives:

With cybersecurity threats continuing to rise and the shortage of appropriately-equipped security professionals growing worldwide, ISACA's Cybersecurity Fundamentals Certificate programme is the perfect way to quickly train entry-level employees and ensure they have the skills and knowledge they need to successfully operate in the Cyber arena.

Target Audience:

The certificate program is also one of the best ways to gain foundational knowledge in cybersecurity and begin to build your skills and knowledge in this crucial area.

This instructor-led, live training in Mexico (online or onsite) is designed for intermediate-level AI and cybersecurity professionals who want to understand and address security vulnerabilities specific to AI models and systems, particularly in highly regulated industries such as finance, data governance, and consulting.

Upon completion of this training, participants will be able to:

• Identify types of adversarial attacks targeting AI systems and learn defense strategies.
• Apply model hardening techniques to secure machine learning pipelines.
• Ensure data security and integrity in machine learning models.
• Navigate regulatory compliance requirements related to AI security.

This instructor-led, live training in Mexico (online or onsite) is designed for security engineers and compliance officers who want to strengthen EXO deployments, manage model access, and govern AI workloads running entirely on-premise.

This instructor-led, live training in Mexico (online or onsite) is designed for beginner-level IT security, risk, and compliance professionals who want to grasp foundational AI security concepts, threat vectors, and global frameworks such as NIST AI RMF and ISO\/IEC 42001.

By the end of this training, participants will be able to:

• Comprehend the distinct security risks introduced by AI systems.
• Recognize threat vectors such as adversarial attacks, data poisoning, and model inversion.
• Apply foundational governance models like the NIST AI Risk Management Framework.
• Align AI usage with emerging standards, compliance guidelines, and ethical principles.

Based on the latest OWASP GenAI Security Project guidance, participants will learn to identify, assess, and mitigate AI-specific threats through hands-on exercises and real-world scenarios.

This instructor-led, live training in Mexico (online or onsite) is aimed at advanced-level professionals who wish to implement and evaluate techniques such as federated learning, secure multiparty computation, homomorphic encryption, and differential privacy in real-world machine learning pipelines.

By the end of this training, participants will be able to:

• Understand and compare key privacy-preserving techniques in ML.
• Implement federated learning systems using open-source frameworks.
• Apply differential privacy for safe data sharing and model training.
• Use encryption and secure computation techniques to protect model inputs and outputs.