Mervin Pearce tagged posts

Computer Forensics and Investigations

Computer Forensics and Investigations

Using practical case studies and forensic collection procedures throughout the lifecycle of an investigation, the critical steps are highlighted to ensure that the evidence can be used during hearings or litigation.  Applicable to the South African market with CCMA and evidence requirements taken from actual cases.

Course overview

  • First response procedures
  • Collection of data in different ‘states’
  • Legal requirements for evidence life-cycle
  • Hands-On skill development covering static, live and networked environments
  • Methodologies, principles and concepts associated with forensic investigations

Benefits

  • Expert and certified trainers with subject matter expertise
  • Develop investigation skills in a state-of-the-art classroom environment
  • Extensive cour...
Read More

ISO 27000

ISO 27000

Information Security Management System is defined by the ISO 27000 series of standards and covers many aspects of asset management and management reviews.  The 5 (five) day workshop covers current and in development related standards.

 

Course overview

  • Dissection of the ISO 27000 series of standards developed and in development
  • Process of Plan-Do-Check-Act (PDCA) and Approach
  • Compatibility with other management systems
  • Establishing and managing an ISMS
  • Internal ISMS Audits
  • Management Review
  • ISMS Improvement
  • Digital Evidence for Forensics
  • Incident Management
  • Relationship with other standards

Benefits

  • Expert and certified trainers with subject matter expertise
  • Understand, develop and implement an ISMS
  • Develop an audit program to monitor and improve on your ISMS

Who should att...

Read More

Barefoot IT Auditor

Barefoot IT Auditor

Workshop overview

IT Auditing is a critical mix of specialised IT skills, report writing skills and auditing principles.  This workshop skips all the pains of learning through trial-and-error and focusing directly on what is important during an audit.  Use your newly acquired skills at your job and raise the bar of compliance.

Benefits

  • Expert and certified trainers with subject matter expertise
  • Develop effective risk analysis programs
  • Develop effective audit programs
  • With the ability to audit your own organisation, you will allow the organisation to keep there risks at an acceptable level all the time

Who should attend?

  • Information Security Staff that require a foundation in security reviews and technological risk management
  • Network and System Administrators
  • IT Aud...
Read More

Bank Fraud Management

Bank Fraud Management

Workshop overview

Fraud is a reality in any bank and financial organisation with technology becoming more sophisticated and challenging for auditors and investigators.  Banking applications is complex and loopholes exist and you will be exposed to fraud at some time.  This three day workshop addresses all aspects of fraud within the financial cycle addressing technology, applications and the end-user.

Benefits

  • Expert and certified trainers with subject matter expertise
  • Develop effective fraud management program
  • Create a central repository data-dictionary for risk management
  • A complete holistic program minimising the fraud threat footprint

Who should attend?

  • Information Security Managers
  • Network and System Administrators
  • IT Auditors and Inspectors
  • Audit Manager
  • Li...
Read More

Persistent Threat Matrix Management – SaaS

Persistent Threat Matrix

SaaS (Software as a Service)

SACS (Security, Audit and Control Solutions) Threat Matrix Management SaaS solution provides IT Security, Audit, Fraud Management as well as senior management with a complete management and monitoring solution.  This includes:

  • Asset Management
  • Human Resources Integration
  • Continuous Vulnerability Scanning with a control framework
  • Management Information System (MIS) Reporting
  • Dashboard Access
  • Infrastructure monitoring
  • Education and Training Framework

For more information please send email SACS SaaS

Read More

IT & Compliance Audits

Even small networks and business infrastructures can become very complex and is susceptible to ‘Baseline Shifting’.  The ISO 2700x standard has been defined and adapted for Information System Security Management (ISMS)

Read More

Penetration Testing

SACS Penetration testing

Are you aware of what is happening in your Enterprise Network?

Penetration Testing (Pen-Test) is a practice to test your security by using the same techniques a hacker would you to compromise your network or devices.  One of the best ways to measure the vulnerability to your systems either for malicious attack of perpetrating a fraud is to have an independent systems security professionals try and compromise your system.

We arrive with all the required equipment at your site and can be up and running as soon as the change control has been approved.  Commercial, open-source, and internally developed tools are used to perform the controlled attack while logging and monitoring responses...

Read More

Security Audit and Control Solutions (SACS)

Security Audit and Control Solutions (SACS)SACS – “Practice Safe HEX”

Seeing a need for automated audits and security reviews… Mervin Pearce (CISA-CISSP)  started developing tools and utilities to make his life easier.

SACS was started in 1992 with the aim to create a vehicle for clients whereby value added services are delivered using a cost effective model.  After successfully completing the CISSP (Certified Information Systems Security Professional) in 1997, also being the first CISSP in Africa, Mervin brought the certification to South Africa and have been delivering the certification in Africa since 2000.  With a complete solution covering education and training, consulting services covering Security, Audit and Compliance, as well as software development.

SACS (Security Audit and Control Solutions) established in 1992...

Read More

CISSP Boot Camp

CISSP Boot Camp

CERTIFICATION PREPARATION COURSE – CISSP® CBK

The Five day CISSP® CBK Boot Camp program, is the most comprehensive tutorial on the IS Security field ever offered.  It consists of intense instruction, and is organized so that all topics are covered. Scattered over a longer period to ensure preparation results are better.  The aim of the course is to prepare professionals for the challenging CISSP® exam, as defined in the body of knowledge. These sessions will describe a brief theory of the topic, show you sample questions and will also provide guides and reference material.

FIVE DAYS …..AND WE WILL GIVE YOU:

– You will receive a comprehensive reference guide.

– In-depth review of the topics, subtopics, of the 8 CBK domains, discussed during the 5 days.

– Handouts...

Read More

Whitepapers and Utilities Downloads

This section contains direct links of whitepapers, utilities and videos.  No registration required.  From time to time updates are done to this page and you can subscribe on the Subscription link to ensure we notify you of any updates.

White Papers

Tools and Utilities

Read More