Saturday, February 25, 2017

What We Do

  • Information Security

    Information Security

    Information Security Management is a structured and integrated approach for the identification, assessment, planning, mitigation and ongoing monitoring of threat and vulnerabilities to an organization's information and information assets. As a holistic practice, information security must consider all aspects of the business and therefore, the practice and implications cannot and is not isolated to IT.

    CIMA helps client understand and manage information security holistically, through a variety of certification training courses, as well as management consulting services. Our training and consulting services are aligned with ISO 27001, 27002, 27003, 27004, 27005, 27034, 27035.

    CIMA offers 5-day ISO 27001 Lead Implementer and ISO 27001 Lead Auditor courses, ISO 27034 (Application Security) Lead Implementer and ISO 27034 Lead Auditor, ISO 27002 Certified Lead Manager, ISO 27005 Certified Risk Manager, ISO 27035 Certified Lead Security Incident Professional. These courses are offered as both public seminars in major metropolitan areas across North America, as well as, private corporate sessions hosted at your company's facilities.
  • Business Continuity Managmenet

    Business Continuity Managmenet

    Business continuity management is a structured and integrated approach for the identification, assessment, planning and subsequent management to ensure critical business services continue to operate at predefined levels, even in the event of an incident or catastrophic disaster. In earlier days, the primary focus in disaster preparedness for organizations has been the recovery capability of its information technology processing capabilities. It has more recently been recognized that in order for an organization to survive major events like disasters, the focus must be on the business first, and IT's recovery capabilities become subordinate to the business continuity strategy and plans.

    To help clients in the area of Business Continuity Management, CIMA offers certification training in ISO 22301 and management consulting support. By aligning with the ISO 22301 standard you will ensure your organization understands that all business resilience begins with the business, not IT. Where your organization provides services to customers, you may wish to go one step farther, and seek third party independent certification to the ISO 22301 standard.
  • Risk Management

    Risk Management

    Risk management is the practice of identification, assessment, and subsequent management of risk to an organization to acceptable levels. The practices recognizes that organizations will never be void of risk, however qualitatively or quantitatively understanding the risk and the opportunities or rewards the organization gain by exposing itself to such risk, is the basis upon which the practice has been established.

    CIMA helps clients to understand and manage information technology / security risk through our certification training and our management consulting services.

    CIMA offers 3-day ISO 27005 (Security) Risk Manager and ISO 31000 Risk Manager courses, which are offered as both public seminars in major metropolitan areas across North America, as well as, private corporate sessions hosted at your company's facilities.
  • Privacy Management

    Privacy Management

    In 2015, CIMA has begun introducing training and management consulting services in Privacy Management. Certification training will be based on ISO 29100, and we will be offering a 5-day ISO 29100 Certified Lead Privacy Implementer course.

    Privacy Management is a structured approach designed to ensure for the identification for the need for protection and approach management of personal information held or otherwise managed by an organization, no matter whether the organization has a direct or indirect relationship to the individual.

    Privacy management encompasses acquisition of personal information including consent, an individual's right to access their information and ensure for data integrity, organization responsibility to protect information, privacy breach management, awareness and training, as well as monitoring and management of the overall process.
  • IT Service Management

    IT Service Management

    IT Service Management is a structured and integrated approach to manage information technology services in alignment with an organization's internal and external customers' expectations. Historically IT Service Management has by synonymous with the Information Technology Infrastructure Library (ITIL), however with this discipline being adopted by ISO, the industry has been migrating to ISO 20000 as organizations' can achieve certification to it.

    To help organizations adopt and implement IT Service Management within their company, CIMA offers certification training and management consulting based on the ISO 20000 standard. By aligning your organization with ISO 20000, your organization could seek to receive independent third party certification to demonstrate competence and due diligence in the delivery or IT services.

    Certification training in this area includes our 5-day ISO 20000 Lead Implementer and Lead Auditor courses, offered as both public seminars in major metropolitan areas across North America, as well as, private corporate sessions hosted at one of your company locations around the globe.

Broadcast Live

broadcasting liveCIMA offers professional certification training live online. Our live online sessions are broadcast via streaming video from our live classroom to your PC. Our broadcasts include live interactive audio so you can enjoy the same in classroom experience, without the cost of travel to our classroom session.

ISO Training Services


Certified ISO Trainers

CIMA offers a variety of public ISO certification training seminars in metropolitan areas across North America. All of our courses are also available for private onsite classes by corporations and government organizations, at their facilities.

ISO Certification Courses help individuals to demonstrate competence in specific professional disciplines, as well as, to help organizations achieve and maintain compliance with customer contractual obligations, and other business objectives.

No matter what your organization's needs are, we have the expertise to provide our ISO certification courses, or develop custom courses to meet your unique needs.

While ISO 27001 training is our highest demand offering, we currently offer the following in public and private onsite classes:

  • ISO 20000 Lead Implementer / Auditor (IT Service Management)

  • ISO 22301 Lead Implementer / Auditor (Business Continuity Management)

  • ISO 27001 Lead Implementer / Auditor (Information Security Management)

  • ISO 27002 Lead Manager (Information Security)

  • ISO 27005 Risk Manager (Information Security)

  • ISO 27034 Lead Implementer (Application Security)

  • ISO 27035 Lead Incident Professional (Information Security)

  • ISO 28000 Lead Implementer / Auditor (Supply Chain Security Management)

  • ISO 29100 Lead Privacy Implementer

  • ISO 31000 Risk Manager

  • ISO 37500 Outsourcing Manager


ISO Consulting Services


Certified ISO Consultants

Our ISO consulting services focuses on our clients' critical business objectives. These services are offered to clients based in North America, as well as in other parts of the globe where their operations extend to. We also provide service across all industry sectors, which include financial services, health care, energy, oil & gas, utilities, retail and others. Functionally, we offer value across boundaries and afford in-depth expertise in professional areas of discipline.

CIMA's team of ISO consultants bring to the table, in-depth knowledge and hands-on expertise to ensure your initiative is successful. Our people are known for their pragmatic, "out of the box" and holistic thinking, who design and execute strategically.

Our goal is to help you achieve and maintain organizational certification, or a leverage structure framework to introduce and instill discipline within a growing or evolving organization. We do this by performing:

  • Gap Assessments - against an ISO standard or other structure frameworks, and your organization's stated capability maturity goal e.g. ISO 27001, ISO 27002, etc.
  • Strategy - we provide clear focus by helping to define and align the objectives of your management system with the organization's business objectives
  • Governance - CIMA help clients establish clear and meaningful policies and standards to set and communicate expectations across the organization
  • Measurements - our focus is to help clients bridge strategic objectives with practical ways to measure and monitor a management system's activities on an ongoing basis for both efficiency and effectiveness
  • Mitigation Support - with hands-on expertise in all our practices areas, we have the knowledge and experience to help organizations close non-conformities identified by a gap assessment
  • Certification Audit Support - if its your first time going through an ISO certification, we can have resources onsite to act as your representative to the certification auditors, or support you through the process in the back group.

In addition to our ISO based consulting work, we also provide clients with similar services for other structured frameworks, as well as due diligence for mergers and acquisitions.