Category Archives: General

Awareness Training for CMMC Requirements

CMMC Accreditation Body

This ABCI online self-study foundations course for Awareness Training about the Cybersecurity Maturity Model Certification (CMMC) includes the following Modules:

  • Module 1 – CMMC and DFARs Course Introduction
  • Module 2 – Information Security Management Systems (ISMS)
  • Module 3 – CUI and NIST 800-171
  • Module 4 – DFARs Clause 252.204-7012
  • Module 5 – DFARs Clause 252.204-7012 Q&A
  • Module 6 – Cybersecurity Maturity Model Certification (CMMC)

NIST Special Publication 800-171 and the Defense Federal Acquisition Regulation supplement (DFAR) Clause 252.204-7012 for safeguarding and reporting Covered Defense Information (CDI).

Controlled Unclassified Information (CUI) is any information that law, regulation, or governmentwide policy requires to have safeguarding or disseminating controls.

  • CUI supports federal missions and business functions that affect the economic and national security interests of the United States.

Non-federal organizations:

  • colleges, universities,
  • state, local and tribal governments,
  • federal contractors and subcontractors often process, store, or transmit CUI.

NIST Special Publication 800-171 defines the security requirements for protecting CUI in non-federal information systems and organizations.

  • Requirements are organized into fourteen families.
  • Each family contains the requirements related to the general security topic of the family.

Defense Federal Acquisition Regulation supplement (DFARs) Clause 252.204-7012 is required in all contracts except for contracts solely for the acquisition of COTS items.

  • In addition the Contractor shall include the clause in subcontracts for which performance will involve Covered Defense Information or Operationally Critical Support.
  • CDI, is used to describe information that requires protection under DFAR Clause 252.204-7012.
  • It is defined as unclassified Controlled Technical Information or other information as described in the CUI Registry.

(http://www.archives.gov/cui/registry/category-list.html)

  • CUI requires safeguarding/dissemination controls AND IS EITHER marked or otherwise identified in the contract and provided to the contractor by DoD in support of performance of the contract;
  • Or the CDI is collected, developed, received, transmitted, used or stored by the contractor in performance of contract.

Order Online Through PayPal’s Secure Card Services

Select Quantity of Students
1st Student Full Name & Email
2nd Student Full Name & Email

CMMC FAQ’s

Background

The Department of Defense (DoD) released the Cybersecurity Maturity Model Certification (CMMC), version 0.7 in December 2019 to support the public’s continued review of the draft model in preparation for the release of the CMMC Version 1.0 at the end of January 2020. The sharing of Federal Contract Information (FCI) and CUI with Defense Industrial Base (DIB) sector contractors expands the Department’s attack surface because sensitive data is distributed beyond the DoD’s information security boundary. Cybersecurity must become a foundation of DoD acquisition.

Towards that end, Office of the Under Secretary of Defense for Acquisition and Sustainment [OUSD(A&S)] is working with DoD stakeholders, University-Affiliated Research Centers, Federally Funded Research and Development Centers, and industry to develop the Cybersecurity Maturity Model Certification (CMMC).

CMMC is a DoD certification process that measures a DIB sector company’s ability to protect FCI and CUI. CMMC combines various cybersecurity standards and maps these best practices and processes to maturity levels, ranging from basic cyber hygiene to highly advanced practices. CMMC also adds a certification element to verify implementation of cybersecurity requirements.

CMMC is designed to provide the DoD assurance that a DIB contractor can adequately protect CUI at a level commensurate with the risk, accounting for information flow down to subcontractors in a multi-tier supply chain. With respect to implementation, a DIB contractor may meet a specific CMMC level for its entire enterprise network or particular segment(s) or enclave(s).

1 – What is CUI?

CUI is information the Government creates or possesses, or that an entity creates or possesses for or on behalf of the Government, that a law, regulation, or Government-wide policy requires or permits an agency to handle using safeguarding or dissemination controls.

A CUI Registry provides information on the specific categories and subcategories of information that the Executive branch protects. The CUI Registry can be found at: https://www.archives.gov/cui and includes the following organizational index groupings:

  • Critical Infrastructure
  • Defense
  • Export Control
  • Financial
  • Immigration
  • Intelligence
  • International Agreements
  • Law Enforcement
  • Legal
  • Natural and Cultural Resources
  • NATO
  • Nuclear
  • Privacy
  • Procurement and Acquisition
  • Proprietary Business Information
  • Provisional
  • Statistical
  • Tax

2 – CUI versus FOUO?

CUI, established by Executive Order 13556, is an umbrella term for all unclassified information that requires safeguarding. FOUO, which stands for ‘For Official Use Only’, is a document designation used by the DoD.

3 – What are the concerns regarding cybersecurity in the Defense Industrial Base (DIB)?

The aggregate loss of controlled unclassified information (CUI) from the DIB sector increases risk to national economic security and in turn, national security. In order to reduce this risk, the DIB sector must enhance its protection of CUI in its networks.

The Council of Economic Advisers, an agency within the Executive Office of the President, estimates that malicious cyber activity cost the U.S. economy between $57 billion and $109 Billion in 2016 [Ref: “The Cost of Malicious Cyber Activity to the U.S. Economy, CEA” in February 2018].

The Center for Strategic and International Studies (CSIS), in partnership with McAfee, reports that as much as $600 Billion, nearly 1% of global GDP, may be lost to cybercrime each year. The estimate is up from a 2014 study that put global losses at about $445 Billion. [Ref: “Economic Impact of Cybercrime – No Slowing Down” in February 2018].

4 – What is CMMC?

CMMC stands for “Cybersecurity Maturity Model Certification”. The CMMC will encompass multiple maturity levels that ranges from “Basic Cybersecurity Hygiene” to “Advanced”. The intent is to identify the required CMMC level in RFP sections L and M and use as a “go / no go decision.”

5 – Why is the CMMC being created?

DOD is planning to migrate to the new CMMC framework in order to assess and enhance the cybersecurity posture of the Defense Industrial Base (DIB). The CMMC is intended to serve as a verification mechanism to ensure appropriate levels of cybersecurity practices and processes are in place to ensure basic cyber hygiene as well as protect controlled unclassified information (CUI) that resides on the Department’s industry partners’ networks.

6 – When will the final CMMC framework be released to the public?

Version 1.0 of the CMMC framework will be available in January 2020 to support training requirements. In June 2020, industry should begin to see the CMMC requirements as part of Requests for Information.

7 – Will other Federal (non DoD) contracts use CMMC?

The initial implementation of the CMMC will only be within the DoD.

8 – What is the relationship between NIST SP 800-171 rev.1 and CMMC?

The intent of the CMMC is to combine various cybersecurity control standards such as NIST SP 800-171, NIST SP 800-53, ISO 27001, ISO 27032, AIA NAS9933 and others into one unified standard for cybersecurity. In addition to cybersecurity control standards, the CMMC will also measure the maturity of a company’s institutionalization of cybersecurity practices and processes.

9 – How will CMMC be different from NIST SP 800-171?

Unlike NIST SP 800-171, CMMC will implement multiple levels of cybersecurity. In addition to assessing the maturity of a company’s implementation of cybersecurity controls, the CMMC will also assess the company’s maturity/institutionalization of cybersecurity practices and processes.

10 – How will my organization become certified?

Your organization will coordinate directly with an accredited and independent third party commercial certification organization to request and schedule your CMMC assessment. Your company will specify the level of the certification requested based on your company’s specific business requirements. Your company will be awarded certification at the appropriate CMMC level upon demonstrating the appropriate maturity in capabilities and organizational maturity to the satisfaction of the assessor and certifier.

11 – How much will CMMC certification cost?

Will the cost be based on the level we requested or the size of the organization?

The certification cost has not yet been determined. The cost, and associated assessment, will likely scale with the level requested.

12 – Will there be a self-certification?

Self-certification shall not be recognized by the DoD.

13 – How do I request a certification assessment?

We expect that there will be a number of companies providing 3rd party CMMC assessment and certification.

14 – Who will perform the assessments?

An independent 3rd party assessment organization will normally perform the assessment. Some of the higher level assessments may be performed by organic DoD assessors within the Services, the Defense Contract Management Agency (DCMA) or the Defense Counterintelligence and Security Agency (DCSA).

15 – Are the results of my assessment public?

Does the DoD see my results?

Your certification level will be made public, however details regarding specific findings will not be publicly accessible. The DoD will see your certification level.

16 – How often does my organization need to be reassessed?

The duration of a certification is still under consideration.

17 – If my organization is certified CMMC and I am compromised, do I lose my certification?

You will not lose your certification. However, depending on the circumstances of the compromise and the direction of the government program manager, you may be required to be recertified.

18 – If my organization is certified CMMC and I am compromised will my organization require re-certification?

A compromise will not automatically require a re-certification. However, depending on the circumstances of the compromise and the direction of your government program manager, you may be required to be re-certified.

19 – What if my organization cannot afford to be certified?

Does that mean my organization can no longer work on DOD contracts?

The cost of certification will be considered an allowable, reimbursable cost and will not be prohibitive. For contracts that require CMMC you may be disqualified from participating if your organization is not certified.

20 – My organization does not handle Controlled Unclassified Information (CUI). Do I have to be certified anyway?

Yes. All companies conducting business with the DoD must be certified. The level of certification required will depend upon the amount of CUI a company handles or processes.

21 – I am a subcontractor on a DoD contract. Does my organization need to be certified?

Yes, all companies doing business with the Department of Defense will need to obtain CMMC.

22 – How will I know what CMMC level is required for a contract?

The government will determine the appropriate tier (i.e. not everything requires the highest level) for the contracts they administer. The required CMMC level will be contained in sections L & M of the Request for Proposals (RFP) making cybersecurity an “allowable cost” in DoD contracts.

23 – Will CMMC certifications and the associated third party assessments apply to a classified systems and / or classified environments within the Defense Industrial Base?

The CMMC is intended to serve as a verification mechanism to ensure appropriate levels of cybersecurity practices and processes are in place to protect controlled unclassified information (CUI) that resides on the Department’s industry partners’ unclassified networks.

CMMC audits by third party assessment organizations will not be applied to classified systems or environments. The Defense Counterintelligence and Security Agency (DCSA) will include CMMC assessments as part of their holistic security rating score.

Download Sample File
Download CMMC v0.7 PDF

ABCI Consultants provide cyber security guidance, implementation and personnel training services, which focus on Information Security Management Systems (ISO 27001) and regulatory compliance (NIST 800-171).

DFARs 252.204-7012 & NIST 800-171 Foundations Course

This image has an empty alt attribute; its file name is nist-800-171-capitol-building-600x248.png This ABCI online self-study foundations course for NIST Special Publication 800-171 and the Defense Federal Acquisition Regulation supplement (DFARs) Clause 252.204-7012 for safeguarding and reporting Covered Defense Information (CDI). Controlled Unclassified Information (CUI) is any information that law, regulation, or governmentwide policy requires to have safeguarding or disseminating controls.
  • CUI supports federal missions and business functions that affect the economic and national security interests of the United States.
Non-federal organizations:
  • colleges, universities,
  • state, local and tribal governments,
  • federal contractors and subcontractors often process, store, or transmit CUI.
NIST Special Publication 800-171 defines the security requirements for protecting CUI in non-federal information systems and organizations.
  • Requirements are organized into fourteen families.
  • Each family contains the requirements related to the general security topic of the family.
Defense Federal Acquisition Regulation supplement (DFARs) Clause 252.204-7012 is required in all contracts except for contracts solely for the acquisition of COTS items.
  • In addition the Contractor shall include the clause in subcontracts for which performance will involve Covered Defense Information (CDI) or Operationally Critical Support (OCS).
  • CDI is used to describe information that requires protection under DFARs Clause 252.204-7012.
  • It is defined as unclassified Controlled Technical Information (CTI) or other information as described in the CUI Registry.

(http://www.archives.gov/cui/registry/category-list.html)

  • CTI & CUI requires safeguarding/dissemination controls AND IS EITHER marked or otherwise identified in the contract and provided to the contractor by DoD in support of performance of the contract;
  • OR the CDI is collected, developed, received, transmitted, used or stored by the contractor in performance of contract.

Order Online Through PayPal’s Secure Card Services

1st Student Full Name & Email
2nd Student Full Name & Email

Quote and Contract Review Requirements in ISO Based Quality Management System

In ISO 9001:2015 there are specific requirements for Operational Planning and Control of processes. These control processes must be implemented with methods that can effectively meet the requirements for the provision of products and services, and to implement the actions that can mitigate risk and improve opportunities.

Effective with QMSCAPA software v1.51.3, a journal was added for recording the review process for verifying customer requirements for products and services.

The diagram below shows the data relationships with

Customer ⇓

⇑ ⇒ Opportunities (quotes, contracts, purchase orders) 

⇑ ⇒ Items (labor, material, outsources services, requirements)

Clause 8.1 state, “the planning should include methods for

  • determining the customer requirements for the products and services;
  • establishing criteria for the the processes and the acceptance of products and services;
  • determining the resources needed to achieve conformity to the product and service requirements;
  • implementing control of the processes in accordance with the criteria;
  • determining, maintaining and retaining documented information to the extent necessary to have confidence that the processes have been carried out as planned;
  • to demonstrate the conformity of products and services to their requirements.”

The requirements stated in Clause 8.2.2 is titled, “Determining the requirements for products and services”

Also, “when determining the requirements for the products and services to be offered to customers, the organization SHALL ensure that:

a) the requirements for the products and services are defined, including:

  1. any applicable statutory and regulatory requirements;
  2. those considered necessary by the organization;

b) the organization can meet the claims for the products and services it offers.”

Clause 8.2.3 describes the review of the requirements for products and services,

“8.2.3.1 The organization SHALL ensure that it has the ability to meet the requirements for products and services to be offered to customers. The organization SHALL conduct a review before committing to supply products and services to a customer, to include:

a) requirements specified by the customer, including the requirements for delivery and post-delivery activities;

b) requirements not stated by the customer, but necessary for the specified or intended use, when known;

c) requirements specified by the organization;

d) statutory and regulatory requirements applicable to the products and services;

e) contract or order requirements differing from those previously expressed.”

QMSCAPA includes data fields for recording

a. Quote date

b. Quote review date

c. Purchase Order date

d. PO verification date

e. Customer due date

f. Scheduled date

g. Completion date

h. Shipping date

QMSCAPA fulfills the requirements noted in Clause 8.2.3.2,  “the organization SHALL retain documented information, as applicable:

a) on the results of the review;

b) on any new requirements for the products and services.”

ISO 27001 Lead Implementer Training Seminar scheduled for the Los Angeles area

Training Seminar to learn ‘how to guidance’ for the implementation and management of an Information Security Management System (ISMS) based on ISO/IEC 27001

4 1/2 days from May 29th through June 2nd

NIST 800-171 Foundation Training offered on June 2nd from 1 pm to 4 pm

Summary Go to Enrollment Form

This five-day intensive course enables participants to develop the necessary expertise to support an organization in implementing and managing an Information Security Management System (ISMS) based on ISO/IEC 27001:2013. Participants will also gain a thorough understanding of best practices used to implement information security controls from all areas of ISO/IEC 27002. This training is consistent with the project management practices established in ISO 10006 (Quality Management Systems – Guidelines for Quality Management in Projects). This training is also fully compatible with ISO/IEC 27003 (Guidelines for the Implementation of ISMS), ISO/IEC 27004 (Measurement of Information Security) and ISO/IEC 27005 (Risk Management in Information Security).

Who should attend?

  • Project managers or consultants wanting to prepare and to support an organization in the implementation of an Information Security Management System (ISMS)
  • ISO/IEC 27001 auditors who wish to fully understand the Information Security Management System implementation process
  • CxO and Senior Managers responsible for the IT governance of an enterprise and the management of its risks
  • Members of an information security team
  • Expert advisors in information technology
  • Technical experts wanting to prepare for an information security function or for an ISMS project management function

Learning objectives

  • To understand the implementation of an Information Security Management System in accordance with ISO/IEC 27001
  • To gain a comprehensive understanding of the concepts, approaches, standards, methods and techniques required for the effective management of an Information Security Management System
  • To understand the relationship between the components of an Information Security Management System, including risk management, controls and compliance with the requirements of different stakeholders of the organization
  • To acquire the necessary expertise to support an organization in implementing, managing and maintaining an ISMS as specified in ISO/IEC 27001
  • To acquire the necessary expertise to manage a team implementing ISO/IEC 27001
  • To develop the knowledge and skills required to advise organizations on best practices in the management of information security
  • To improve the capacity for analysis and decision making in the context of information security management

Course Agenda / Go to Enrollment Form

Day 1: Introduction to Information Security Management System (ISMS) concepts as required by ISO/IEC 27001; Initiating an ISMS

  • Introduction to management systems and the process approach
  • Presentation of the standards ISO/IEC 27001, ISO 27002 and ISO 27003 and regulatory framework
  • Fundamental principles of Information Security
  • Preliminary analysis and establishment of the level of the maturity level of an existing information security management system based on ISO 21827
  • Writing a business case and a project plan for the implementation of an ISMS

Day 2: Planning the implementation of ISMS based on ISO/IEC 27001

  • Defining the scope of an ISMS
  • Development of an ISMS and information security policies
  • Selection of the approach and methodology for risk assessment
  • Risk management: identification, analysis and treatment of risk (drawing on guidance from ISO/IEC 27005
  • Drafting the Statement of Applicability

Day 3: Implementing ISMS based on ISO/IEC 27001

  • Implementation of a document management framework
  • Design of controls and writing procedures
  • Implementation of controls
  • Development of a training & awareness program and communicating about the information security
  • Incident management (based on guidance from ISO 27035)
  • Operations management of an ISMS

Day 4: Controlling, monitoring, measuring and improving an ISMS; certification audit of the ISMS

  • Controlling and Monitoring the ISMS
  • Development of metrics, performance indicators and  dashboards in accordance with ISO 27004
  • ISO/IEC 27001 internal Audit
  • Management review of an ISMS
  • Implementation of a continual improvement program
  • Preparing for an ISO/IEC 27001 certification audit

Day 5: Certification Exam

Prerequisites

ISO/IEC 27001 Foundation Certification or a basic knowledge of ISO/IEC 27001 is recommended.

Educational approach Go to Enrollment Form

  • This training is based on both theory and practice:
    • Sessions of lectures illustrated with examples based on real cases
    • Practical exercises based on a full case study including role playings and oral presentations
    • Review exercises to assist the exam preparation
    • Practice test similar to the certification exam

Examination and Certification

  • The “PECB Certified ISO/IEC 27001 Lead Implementer” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competence domains:• Domain 1: Fundamental principles and concepts of information security
    • Domain 2: Information security control best practice based on ISO 27002
    • Domain 3: Planning an ISMS based on ISO/IEC 27001
    • Domain 4: Implementing an ISMS based on ISO/IEC 27001
    • Domain 5: Performance evaluation, monitoring and measurement of an ISMS based on ISO/IEC 27001
    • Domain 6: Continual improvement of an ISMS based on ISO/IEC 27001
    • Domain 7: Preparing for an ISMS certification audit
  • The “PECB Certified ISO/IEC 27001 Lead Implementer” exam is available in different languages (the complete list of languages can be found in the examination application form)
  • Duration: 3 hours
  • For more information, refer to the section on ISO/IEC 27001 Lead Implementer Exam
  • After successfully completing the exam, participants can apply for the credentials of PECB Certified ISO/IEC 27001 Provisional Implementer, PECB Certified ISO/IEC 27001 Implementer or PECB Certified ISO/IEC 27001 Lead Implementer, depending on their level of experience
  • A certificate will be issued to participants who successfully pass the exam and comply with all the other requirements related to the selected credential
  • For more information about PECB Certified ISO/IEC 27001 certifications and the PECB certification process, refer to the section on ISO/IEC 27001 Lead Implementer

General Information

  • Certification fees are included in the exam price
  • A student manual containing over 450 pages of information and practical examples will be distributed to participants
  • A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued to participants
  • In case of failure of the exam, participants are allowed to retake the exam for free under certain conditions

Location:

Holiday Inn Express
14299 Firestone Blvd
La Mirada, CA 90638

Fee: $2,750.00

Note: 50% is due with your enrollment invoice and 50% is due on or before May 26, 2017.

Go to Enrollment Form

ISO 9001:2015 Lead Auditor Training Course

Lead Auditor Course Offered at the low price of $1,695.00

Click Here to Order Lead Auditor Training

ISO 9001:2015 Certified Lead Auditor Training Course

This intensive four-day training course will provide participants with the tools needed to be a top notch Quality Management System auditor. This course is competency based and is setup in modules which can be taken separately allowing time flexibility.

  • Participants will learn every phase of the audit process in order to lead their own audit teams to success.
  • Solo and group activities reveal team dynamics and promote leadership skills.
  • Leadership skills, interviewing techniques, objectiveness and diplomacy finesse are all reinforced in the learning process.
  • The student will have actually performed a full audit cycle from planning to reporting results.
  • Trainees will gain knowledge of the ISO 9001:2015 standard and satisfy the training requirements for ISO 9001:2015 Lead Auditor Certification.
  • This course is accredited by ANSI and is presented in partnership with PECB (the certified course provider).

Getting Ready for ISO 9001:2015

getreadyforISO9001-2015Self-study Course for Transitioning from ISO 9001:2008 to ISO 9001:2015

This self-study or classroom course is designed to provide the most recent information and interpretation of the ISO/DIS 9001:2015 requirements. The course provides participants an opportunity to acquire the necessary knowledge to support an organization in their process of transitioning to ISO 9001:2015. Participants will learn the different components on how to plan and implement the transition to the new version of the standard. Moreover, the training course will also explore on the time frame of implementation and the influence on current processes.

Who should take this course?

• Senior management;
• Persons responsible for the QMS transition and meeting new requirements in their organization;
• Persons considering implementing a new quality management system;
• ISO 9001 auditors and quality practitioners;
• Trainers and consultants;
• Operations personnel; and
• Management Representatives.

Learning objectives

• Identify the anticipated changes in the forthcoming revision of ISO 9001.
• Understand the implementation of a Quality Management System in accordance with ISO 9001:2015
• Gain a comprehensive understanding on how to interpret, plan, and implement the changes of ISO 9001:2015.
• Identify how these changes could affect the organization’s quality management system.
• Identify the timeframe for the implementation and implications of the ISO 9001 management system.

Self-Study

Self-Study Courses

Webinar

Webinar Courses

Class Room

Classroom Courses

PECB Certified Course, Accredited by ANSI

Course agenda

Section 1

This section elaborates on the course objectives, structure of the standard and provides an introduction to ISO and its network.

Section 2

This section introduces ISO/DIS 9001, and discusses the differences between the updated version and previous versions. In addition, it explains why and how previous versions have been revised to follow the common structure for management system standards, especially for those organizations practicing integrated management systems.

Section 3

This section defines the Annex SL (former known as ISO Guide 83) and explains its importance and purpose for a management system.

Section 4

This section explains in detail the new version of the standard with primary focus on the major changes that the standard has undergone, such as risk-based and process approach, documentation flexibility, better focus on stakeholders and the context of an organization.

There are also other relevant information included in this section, elaborating other changes of ISO/DIS 9001 in detail. In addition, guidelines are provided on how to measure an organization’s performance and continual improvement.

Section 5

Finally, section 5 lists all corresponding standards which are affected by the transition of ISO 9001.
Furthermore, several procedures and suggestions are provided for the adjustment of the current management system to ensure effective implementation to the recent revision of ISO 9001.

Prerequisites

ISO 9001 Foundation Certification or a basic knowledge of ISO 9001:2008 standard is recommended to ensure effective results.

Exam (Optional)

The ISO 9001:2015 Transition exam fully meets the requirements of the PECB INTERNATIONAL Examination and Certification Program (ECP).

The exam covers the following competence domains:

Domain 1: Fundamental principles of quality management.
Domain 2: Understanding the high-level structure application on the QMS.
Domain 3: Planning the ISO/DIS 9001 changes.
Domain 4: Planning the QMS transition based on ISO/DIS 9001.
Domain 5: Understanding the difference between ISO 9001:2008 and ISO 9001:2015.
Domain 6: Continual improvement of a QMS based on ISO/DIS 9001.

• The exam will be paper-based, lasting 2 hours and it contains 45 exam questions (Multiple choice, Matching, Fill in the blanks, and TRUE/FALSE).
• The exam is available in English only.

For additional information relating the exam, please refer to the PECB International website, on the ISO 9001 Transition section.

Certification

• After successfully completing the exam, the candidate will receive a certificate documenting the positive completion of the course and examination.
• The certificate will be issued by PECB International.
• The certificate will be sent to participants via e-mail.

Self-study Course for Transitioning from ISO 9001:2008 to ISO 9001:2015

Offered @ $150.00 USD

Order Self-study Course through PayPals secure Servers using PayPal or your on Credit Card.

Also, this course may be scheduled as an instructor lead online class or on your premises. Please call or email ABCI Consultants to arrange for private training classes.

paypalcreditcardservices-300x46

AS & ISO Internal Auditor Training (3 Day Class)

This is a two day Internal Auditor course that is based on the requirements of ISO 19011 and AS9101 D process auditing. The course includes guidance for proper auditing techniques, audit reports, corrective actions and verification of corrective actions.

  • The students perform practice audits to get the feel of a real audit.
  • The course is conducted in an informal and entertaining style that encourages interaction between the students and the instructor.
  • Microsoft Word Templates are provided for Internal Audit Planning and Reporting.
  • Aerospace students shall receive guidance for Process Effectiveness Assessment Reporting (PEARS).
Tuesday, July 28th – From 8 AM to 5 PM;

Evening assignment for process audit plan;

Wednesday, July 29th – From 8 AM to PM;

Evening assignment for process audit plan;
 
Thursday, July 30th – From 8 AM to 5 PM;
Training Fee

$950.00 per person; includes lunch.

Click here for more PECB Certified Training Courses, Accredited by ANSI, Presented by ABCI Consultants

This course is applicable for auditing the following ISO Management Systems:

  • AS9100, AS9110, AS9120
  • ISO 9001
  • ISO 13485
  • ISO 14001
  • ISO 17025
  • ISO 18001
  • ISO 22000
  • ISO 22716
  • ISO 27001

Cancellations:

Customer (or Student) may cancel or reschedule an order for training up to 15 days prior to the class start date. If a Customer (or Student) cancels within 14 days of the class start date then the Customer (or Student) shall forfeit the enrollment fee. Student substitution may be made up until the class start date.

ABCI reserves the right to cancel a training class due to unforeseen circumstances. If ABCI cancels a course for any reason then each Customer (or Student) shall promptly receive a full refund for paid training fees. If a training class is cancelled then Customer (or Student) agrees to hold ABCI harmless and waive all claims for penalties or other cost arising from all travel expenses, including room and boarding.

PECB+ANSI+ABCI

ABCI Consultants Renew Partnership Agreement with PECB International

Los Angeles, Californai, June 1, 2015 — ABCI Consultants for International Management Systems is pleased to announce that it has signed a new partnership agreement with PECB International, to distribute PECB training courses in the USA. This partnership will ensure that the respective companies will give their contribution based on their expertise in offering and organizing PECB/ ISO standards courses.

“It is increasingly important for PECB International to continue encouraging and building partnerships all over the world. We are highly impressed with the work of ABC ISO Consultants, and that is why we have expressed our interest for this partnership. We hope that our common work will be a long-term successful journey by providing ISO standards training courses in USA. PECB International is bound to offering qualitative services and objective evaluation,” said Elizabeth Bradshaw, Managing Director of PECB International. “We make sure we offer our clients the best training material that is accurate, credible and practical. Our engagement and responsibilities in providing great experience will be efficiently allocated to partnership efforts to ensure that these efforts are well-managed and maintained,” added Bradshaw.

Jack Bogle, ABCI Consultants Managing Partner reported, “The PECB International published management system courses provide us an excellent opportunity to meet the training requirements of our broad-base of clients throughout North America. We have the flexibility to deliver high quality management training through a variety of venues, including special formats for self-study, instructor lead online courses, plus public and private classroom experiences. Also, our clients are pleased with the creditability of the PECB course materials due to the accreditation for personnel training acquired through the American National Standards Institute (ANSI),” concluded Bogle.

About PECB International
Professional Evaluation and Certification Board (PECB) is a certification body for persons for various international standards, including ISO 9001, ISO 14001, ISO/IEC 20000, ISO 22301, ISO/IEC 27001, ISO/IEC 27005, OHSAS 18001, ISO 22000, ISO 26000 and ISO 28000.

PECB International has earned a reputation for integrity, value and best practice by providing this assurance through the evaluation and certification of professionals against rigorous, internationally recognized competence requirements. Its mission is to provide their clients comprehensive personnel examination and certification services. For more information about PECB visit http://www.pecb.com.

About ABCI Consultants
Access Business Communications, Inc., founded in 1999 and incorporated in California, and operating as ABCI Consultants has emerged over the past ten years with an excellent reputation for providing advanced and international management systems consulting, publications, software and training for ISO Management Systems.

Today ABCI offers its clients with professional implementation, support and training services to a wide range of businesses that want to implement International Management Systems for continual improvement. For more information regarding our services, please visit our website: http://www.abcisoconsultants.com/.

ISO 13485 Auditor Training Slated for Anaheim, California

For Internal Auditors (4 Days) and Certified Lead Auditors (4 1/2 Days)

This comprehensive course enables participants to develop the necessary expertise to audit a Quality Management System (QMS) based on ISO 13485:2003 and to manage a team of auditors by applying widely recognized audit principles, procedures and techniques. During this training, the participant will have an opportunity to acquire the necessary knowledge and skills to proficiently plan and perform internal and external audits in compliance with the certification process of the ISO 19011 and ISO 17021 standards.

Based on practical exercises, the participant will have an opportunity to develop the skills (mastering audit techniques) and competencies (managing audit team and audit program, communicating with customers, conflict resolution, etc.) necessary to efficiently conduct an audit of a Quality Management System for Medical Devices. The daily agenda of the Class appears below.

ansi-logo-200x125Lead Auditor Certification Examination and Registration by the Professional Evaluation and Certification Board, an ANSI Accredited Program for Personnel Certification #1003.

 Register as a Participate for Internal Auditing or Lead Auditing Class Dates Location Class Fee
ISO 13485 Internal Auditor Course, 4 Days (excludes PECB Certification Examination) July 13 – 16 Anaheim, California $1495.00

Click here to Register

ISO 13485 Lead Auditor Course, 4 1/2 Days (includes PECB Certification Examination) July 13 – 17 Anaheim, California $1995.00

Click here to Register

Who should attend?

  • Auditors wanting to perform and lead Quality Management System (QMS) certification audits in the medical device industry
  • Expert advisors in Quality Management Systems
  • Internal auditors
  • Members of a quality team
  • Persons responsible for the quality or conformity in an organization
  • Project managers or consultants wanting to master the Quality Management System audit process
  • Regulatory affairs managers
  • Technical experts wanting to prepare for a Quality audit function in the medical device industry