Friday, March 27, 2015

What We Do - Xpert

  • hacker a Information Security Management is a structured and integrated approach for the identification, assessment, planning, mitigation and ongoing monitoring of threat and vulnerabilities to an organization's information and information assets. As a holistic practice, information security must consider all aspects of the business and therefore, the practice and implications cannot and is not isolated to IT.

    CIMA helps client understand and manage information security holistically, through a variety of certification training courses, as well as management consulting services. Our training and consulting services are aligned with ISO 27001, 27002, 27003, 27004, 27005, 27034, 27035.

    CIMA offers 5-day ISO 27001 Lead Implementer and ISO 27001 Lead Auditor courses, ISO 27034 (Application Security) Lead Implementer and ISO 27034 Lead Auditor, ISO 27002 Certified Lead Manager, ISO 27005 Certified Risk Manager, ISO 27035 Certified Lead Security Incident Professional. These courses are offered as both public seminars in major metropolitan areas across North America, as well as, private corporate sessions hosted at your company's facilities.
  • bcm aBusiness continuity management is a structured and integrated approach for the identification, assessment, planning and subsequent management to ensure critical business services continue to operate at predefined levels, even in the event of an incident or catastrophic disaster. In earlier days, the primary focus in disaster preparedness for organizations has been the recovery capability of its information technology processing capabilities. It has more recently been recognized that in order for an organization to survive major events like disasters, the focus must be on the business first, and IT's recovery capabilities become subordinate to the business continuity strategy and plans.

    To help clients in the area of Business Continuity Management, CIMA offers certification training in ISO 22301 and management consulting support. By aligning with the ISO 22301 standard you will ensure your organization understands that all business resilience begins with the business, not IT. Where your organization provides services to customers, you may wish to go one step farther, and seek third party independent certification to the ISO 22301 standard.

  • risk matrixRisk management is the practice of identification, assessment, and subsequent management of risk to an organization to acceptable levels. The practices recognizes that organizations will never be void of risk, however qualitatively or quantitatively understanding the risk and the opportunities or rewards the organization gain by exposing itself to such risk, is the basis upon which the practice has been established.

    CIMA helps clients to understand and manage information technology / security risk through our certification training and our management consulting services.

    CIMA offers 3-day ISO 27005 (Security) Risk Manager and ISO 31000 Risk Manager courses, which are offered as both public seminars in major metropolitan areas across North America, as well as, private corporate sessions hosted at your company's facilities.
  • IT GovernanceIn 2015 CIMA has begun to introduce training and management consulting services in IT Governance Management. Certification training will be based on ISO 38500, and will be offered under our 2-day ISO 38500 IT Governance Manager course.

    IT Governance is a structured framework to help organizational leaders leverage information technology in an effect, efficient and acceptable manner. IT Governance focuses on six principles for to guide decision making, which are:
        • responsibility
        • strategy
        • acquisition
        • performance
        • conformance; and human behavior.
  • privacy
    In 2015
    , CIMA has begun introducing training and management consulting services in Privacy Management. Certification training will be based on ISO 29100, and we will be offering a 5-day ISO 29100 Certified Lead Privacy Implementer course.

    Privacy Management is a structured approach designed to ensure for the identification for the need for protection and approach management of personal information held or otherwise managed by an organization, no matter whether the organization has a direct or indirect relationship to the individual.

    Privacy management encompasses acquisition of personal information including consent, an individual's right to access their information and ensure for data integrity, organization responsibility to protect information, privacy breach management, awareness and training, as well as monitoring and management of the overall process.
  • IT Service ManagementIT Service Management is a structured and integrated approach to manage information technology services in alignment with an organization's internal and external customers' expectations. Historically IT Service Management has by synonymous with the Information Technology Infrastructure Library (ITIL), however with this discipline being adopted by ISO, the industry has been migrating to ISO 20000 as organizations' can achieve certification to it.

    To help organizations adopt and implement IT Service Management within their company, CIMA offers certification training and management consulting based on the ISO 20000 standard. By aligning your organization with ISO 20000, your organization could seek to receive independent third party certification to demonstrate competence and due diligence in the delivery or IT services.

    Certification training in this area includes our 5-day ISO 20000 Lead Implementer and Lead Auditor courses, offered as both public seminars in major metropolitan areas across North America, as well as, private corporate sessions hosted at one of your company locations around the globe.

Broadcast Live

broadcasting liveCIMA offers professional certification training live online. Our live online sessions are broadcast via streaming video from our live classroom to your PC. Our broadcasts include live interactive audio so you can enjoy the same in classroom experience, without the cost of travel to our classroom session.

Training Services



CIMA offers a variety of public certification training seminars in metropolitan area across North America. All courses are  available for private onsite classes by corporations and government organizations, at their facilities.

Certification Courses help individuals to demonstrate competence in specific professional disciplines, as well as, to help organizations achieve and maintain compliance with customer contractual obligations, and other business objectives.

All of our ISO-based courses are both ISO and ANSI accredited, and exams are administered on the last day of each course for your convenience. There is no need to go to a 3rd party testing center, when you can get it all with CIMA.

No matter what your organization's needs are, we have the expertise to provide our certification based courses, or develop custom courses to elevate your team.

The growing list of certification courses we currently offer are:

  • ISO 20000 (IT Service Management) Lead Implementer / Auditor
  • ISO 22301 (Business Continuity Management) Lead Implementer / Auditor
  • ISO 24762 IT Disaster Recovery Manager
  • ISO 27001 (Information Security Management) Lead Implementer / Auditor
  • ISO 27002 (Information Security) Lead Manager
  • ISO 27005 (Information Security) Risk Manager
  • ISO 27034 (Information Security) Lead Incident Professional
  • ISO 27035 (Application Security) Lead Implementer / Auditor
  • ISO 28000 (Supply Chain Security Management) Lead Implementer / Auditor
  • ISO 29100 Lead Privacy Implementer
  • ISO 31000 Risk Manager
  • ISO 37500 Outsourcing Manager
  • ISO 38500 IT Governance Manager
  • Certified Information System Security Professional (CISSP) Exam Prep

4 Platinum Authorized Logo H

Consulting Services


Our management consulting services focuses on our clients' critical business objectives. These services are offered to our clients in North America, as well as in other parts of the globe where operations extend. We also provide service across all industry sectors, which include financial services, health care, energy, oil & gas, utilities, retail and others. Functionally, we offer value across boundaries and afford in-depth expertise in professional areas of discipline.

CIMA's team of management consulting professionals bring to the table, in-depth knowledge and hands-on expertise to ensure your initiative is successful. Our people are know for pragmatic and holistic thinkers, who design and execute strategically.

Our goal is to help you achieve and maintain organizational certification, or a leverage structure framework to introduce and instill discipline within a growing or evolving organization. We do this by performing:

  • Gap Assessments - against an ISO standard or other structure frameworks, and your organization's stated capability maturity goal
  • Strategy - we provide clear focus by helping to define and align the objectives of your management system with the organization's business objectives
  • Governance - CIMA help clients establish clear and meaningful policies and standards to set and communicate expectations across the organization
  • Measurements - our focus is to help clients bridge strategic objectives with practical ways to measure and monitor a management system's activities on an ongoing basis for both efficiency and effectiveness
  • Mitigation Support - with hands-on expertise in all our practices areas, we have the knowledge and experience to help organizations close non-conformities identified by a gap assessment
  • Certification Audit Support - if its your first time going through an ISO certification, we can have resources onsite to act as your representative to the certification auditors, or support you through the process in the back group.

In addition to our ISO based consulting work, we also provide clients with similar services for other structured frameworks, as well as due diligence for mergers and acquisitions.