ISMS, BCMS and DORA training – practical competencies that will truly strengthen your organisation’s resilience

In a world of increasing regulatory requirements, dynamic cyber threats, and pressures on business continuity, organizations need more than just compliance—they need practical skills that enable them to implement, maintain, and improve security systems and operational resilience. JDA Advisory’s ISMS, BCMS, and DORA training courses are designed to do just that: deliver knowledge that can be immediately applied.

Our training programs combine the highest ISO standards, current regulatory requirements, and project experience gained in the financial, technology, manufacturing, and service sectors. This ensures that participants not only understand regulations and standards but also know how to implement, document, and defend them to auditors, regulators, and clients.

Why are our training courses different from all others?

Practice instead of theory

Each training session is led by experts who routinely conduct ISO 27001 and ISO 22301 implementations, conduct supplier audits, conduct DORA projects, and implement operational resilience programs. Participants receive ready-made tools, checklists, sample documents, and scenarios that they can use the very next day.

Currentness and compliance with regulations

Training programs cover the latest changes to ISO 27001:2022, ISO 22301:2019, RTS/ITS to DORA, EBA/EIOPA/ESMA guidelines, and ENISA practices. Each module is regularly updated to reflect current market requirements.

Risk-based and proportionality approach

We teach how to design security and business continuity systems in a manner appropriate to the scale, complexity, and risk profile of the organization – in accordance with the principle of proportionality, a key principle in DORA and ISO.

Role-specific training

Programs are prepared for:

• management boards and executives,
• security and IT teams,
• process owners,
• compliance and risk teams,
• internal auditors,
• ICT providers, and key service providers.

Each group receives knowledge tailored to their duties and responsibilities.

ISMS – ISO 27001 training

Information Security Management System (ISMS) training prepares participants to effectively implement and maintain an information security management system compliant with ISO 27001.

The scope of the training includes, among others:

• Analysis of the organizational context and stakeholder requirements,
• Identification and assessment of information security risks,
• Design and implementation of security measures from Annex A,
• Creation of ISMS policies, procedures, and records,
• Preparation for the certification audit,
• Integration of the ISMS with other management systems.

Participants receive practical tools such as risk matrices, policy templates, audit checklists and compliance evidence examples.

BCMS Training – ISO 22301

Business Continuity Management System (BCMS) training focuses on building operational resilience and preparing the organization for incidents, failures and interruptions.

The program includes:

• Business Impact Analysis (BIA),
• Business Continuity Risk Assessment,
• Designing a continuity strategy,
• Creating contingency plans and recovery procedures,
• Conducting tests, exercises, and simulations,
• Preparing for an ISO 22301 audit.

This training is ideal for organizations looking to increase operational resilience, meet customer requirements, or prepare for certification.

DORA Training – Operational Resilience in the Financial Sector

The Digital Operational Resilience Act (DORA) regulation introduces new, stringent requirements for ICT security, incident management, resilience testing, supplier management and reporting to regulators.

Our training covers the full range of DORA requirements, including:

• Governance and management accountability,
• ICT risk management framework,
• incident management and reporting,
• operational resilience testing (TLPT, scenarios, exercises),
• ICT vendor risk management,
• outsourcing agreements compliant with RTS/ITS,
• preparation for audits and supervisory inspections.

Participants receive practical tools such as compliance matrices, contract templates, audit checklists and examples of documentation required by regulators.

What do our training courses look like?

Registration and program selection

Choose ISMS, BCMS or DORA training tailored to your role and organisational needs.

Workshops led by experts

The training takes the form of interactive workshops in which participants work on real examples, case studies and design tools.

Certificate and support after training

After completing the training, participants receive a certificate and access to materials they can use in their daily work.

Who are these training courses for?

• Risk, compliance, IT, and security teams,
• organizations preparing for ISO 27001 or ISO 22301 certification,
• financial institutions covered by DORA,
• ICT providers and essential service operators,
• companies building operational resilience and cybersecurity.

Start building competencies that strengthen your organization

Join ISMS, BCMS, and DORA training courses and gain knowledge that will truly improve your security, compliance, and operational resilience. Leverage the experience of JDA Advisory experts to prepare your organization for the demands of the future.