SYNAXON

Online training package | IT Management Pack 07 | Management Complete

What awaits you

Contents

The following are the main areas of focus in the training:

EXAM
IT Baseline Protection Practitioner
ITGP
Direct download
24 units



UE = teaching unit, each approximately 45 minutes.

  • Fundamentals of Information Security
    • Thematic scope and strategic importance
    • terms
    • Overview of international information security standards
  • Introduction to Information Security Management (BSI)
    • Components of IT baseline protection (overview)
    • The security process
    • Roles and responsibilities
    • Documentation process, guideline(s), policies and concepts
    • The IT Baseline Protection Compendium
    • The procedures
  • Creation of a security concept according to BSI standards
    • Establishing a procedure
    • Structural analysis
    • Determination of protection needs
    • Modeling
    • IT baseline protection check
  • Risk analysis according to BSI standards
    • Organizational framework
    • Target objects
    • Hazard overview
    • assessment
    • Managing risks
  • Business continuity management according to BSI standards
    • Basics
    • Business Continuity Management according to BSI
    • Stage model
    • Tools for BSI Standard 200-4
  • ISO 27001 certification according to BSI IT baseline protection
    • Roles in the audit process
    • Testing and certification according to ISO 27001 based on IT baseline protection
    • Phases and methods of certification
  • The seminar is held according to the BSI curriculum and fulfills the requirements for BSI personnel certification for the IT Baseline Protection Practitioner!
  • Please note the additional information under the menu item „Important Information“.“

EXAM
IT baseline protection consultant
ITGB
Direct download
18 units



UE = teaching unit, each approximately 45 minutes.

  • Information security norms and standards
    • Current status of international information security standards
    • ISO 27001 in the context of certification readiness
    • Industry-specific security standards and IT baseline protection profiles
  • IT baseline protection approach
    • Guiding questions for IT baseline protection
    • Basic requirements
    • Standard requirements
    • Requirements for increased protection needs
  • compendium
    • Structure and application of the compendium
    • ISMS (Information Security Management System)
    • Process components
    • System components
    • Implementation guidelines
    • Creating a building block
  • Risk analysis based on IT baseline protection
    • Organizational framework
    • Target objects
    • Hazard overview
    • Procedure for risk assessment and risk treatment
  • Maintenance and continuous improvement
    • Guiding questions for the review
    • Review procedure
    • Key performance indicators and maturity models
  • IT baseline protection profiles
    • Building a profile
    • Creating a profile
    • Application or possible use of published profiles
  • Preparation for an audit
    • Preparation
    • Audit process and activities
    • Reporting
    • Follow-up measures
  • IS revision
    • terms
    • Overview and types of IS revision
    • Principles
  • Business Continuity Management (BCM) according to BSI 200-4
    • Definitions and fundamentals
    • Elements of a BCMS: process, organization, resources, documentation
    • Methods
    • BAO's capability
  • This training is suitable for anyone who wants to become thoroughly familiar with the BSI guidelines and/or obtain the title. IT baseline protection consultant want to achieve.
  • Please note the additional information under the menu item „Important Information“.“

EXAM
BCM practitioner BSI
BCM
Direct download
24 units



UE = teaching unit, each approximately 45 minutes.

  • Standards and norms
    • BCM according to ISO 22301
    • BCM in ISO 27001
    • BSI IT Baseline Protection Standard 200-4 (100-4)
  • Business Continuity Management
    • Strategy, motivation, scope
    • Establishing an emergency organization
    • Business Impact Analysis (BIA)
    • Risk Impact Analysis (RIA)
    • Threat and vulnerability analysis
    • Risk Treatment Plan and preventive measures
    • Emergency preparedness
    • Business Continuity Plans
    • Documents and processes related to BCM
  • Reactive measures
    • Crisis management, public relations
    • Response to incidents
  • Business Continuity Plans
    • Practice opportunities
    • Care and testing options
  • Continuous improvement
  • Evaluation and certification in the field of BCM
  • Implementation examples & practical tips
  • The seminar is held according to the BSI curriculum and fulfills the requirements for BSI personnel certification for the IT Baseline Protection BCM Practitioner!
  • Please note the additional information under the menu item „Important Information“.“

EXAM
Incident practitioner
(including content from the Digital First Aid course)
VP(BSI)
Direct download
15 units



UE = teaching unit, each 45 minutes.

  • Basic course for digital first responders
    • The cyber security network and the role of the digital first responder
    • Definitions and help with IT problems
    • First aid for IT security incidents
    • The service-oriented telephone conversation
    • Registration with the CSN
  • The cyber security network
    • Introduction to the Cyber Security Network
    • Digital rescue chain
    • Legal and statutory framework
    • Summary of the basic course „Digital First Aiders“
  • Reporting an incident
    • Service-oriented telephone conversation
    • Non-technical measures
  • The threats and forms of attack
    • Clarification of terms
    • Types of attacks or forms of attack
    • Causes of attacks
    • Different attack methods
    • Phases of a cyber attack
    • Current attack methods
    • Detection of attacks and infections
    • Recommendations for action for the incident response practitioner
  • The standard procedure
    • Preparing for potential incidents
    • Identification of the IT security incident
    • Containing the extent of the damage
    • Investigation into the causes of the IT security incident
    • System recovery
    • Documentation of the IT security incident
  • Handling IT security incidents
    • Introduction to Phishing
    • Phishing channels
    • Possible consequences of phishing
    • Detection of phishing attacks
    • Response to successful phishing attacks
    • Protection against phishing
    • Introduction to Ransomware
    • Legal issues
  • Remote support
    • Remote or on-site support
    • Communication with the customer
    • Connection and access options
    • Data collection and analysis capabilities
  • Incident handling for IT systems "outside the usual office environment"„
    • IT systems „outside the usual office environment“
    • Control technology and automation
    • Standard procedure
    • Attack scenarios and immediate countermeasures
    • Limits of the analysis
  • Preventive measures to avoid future incidents
    • Raising employee awareness
    • Building a security awareness
    • Analysis of business processes
    • Development of a security and emergency concept
    • Design of exercises
    • Maintaining competence

IT Security and Information Security Officer (Chamber of Industry and Commerce)

EXAM
IT Security and Information Security Officer (Chamber of Industry and Commerce)
IT-S
Direct download
30 units



UE = teaching unit, each approximately 45 minutes.

  • Introduction to Information Security
    • Principles and significance
    • IT security vs. data protection
    • Terminology
    • Legal aspects
    • IT security certificate | Auditing
  • IT Management
    • Strategic approaches
    • Management systems
    • IT Governance / IT Compliance
    • ITIL® / COBIT®
  • Information security
    • Principles of information security
    • IT security standards
    • Risk management (assessment and treatment)
  • Identifying threats, methods, and incidents
    • Security threats
    • Attack methods
    • Detecting security incidents
  • Information security incidents
    • causes
    • Responsibilities
    • Proceedings
  • IT Security Officer
    • Tasks and responsibilities
    • IT Security Management Team
    • Applying IT security management in practice
    • The audit | Determine the current state – Define the target state – Implementation
    • Development of an action plan for
      • technical and organizational measures
      • personnel measures
      • Infrastructures
  • IT security management
    • Principles
    • Security optimization and security risks
    • ISO 2700x and BSI IT Baseline Protection
    • Structural and protection needs analysis
    • Structure and importance of IT security management
    • Implementation of an information security process
    • Modeling the information network
    • Implementation of the concept
    • Maintaining IT security
    • Creation of an IT security concept
  • Critical Infrastructures | Critical Infrastructures
    • The IT Security Act
    • Operators of critical infrastructure (KRITIS)
    • BSI-KritisV
    • Industry-specific minimum requirements
      (including energy, ICT and health)
  • Raising employee awareness
    • concepts
    • Employee awareness and training
    • Interaction and communication
  • Fundamentals of emergency management
    • Processes and concept
    • Emergency preparedness concept
    • Emergency response
    • Crisis management
    • Continuous Improvement Process (CIP) of Emergency Management
  • Risk analysis according to BSI 200-3 or ISO 27005
    • Aspects of risk management
    • Identification, assessment and management of IT risks
    • Development and implementation of effective risk management strategies
  • Other current topics
    • Treatment of current topics
    • Current threat scenarios

ISMS implementer according to DIN ISO/IEC 27001 (Chamber of Industry and Commerce)

EXAM
ISMS implementer according to DIN ISO/IEC 27001 (Chamber of Industry and Commerce)
ISMS-I
Direct download
30 units



UE = teaching unit, each approximately 45 minutes.

  • Introduction and basics
    • Standards and regulatory frameworks
    • Information Security Management System
      (ISMS) – Overview
    • Basic concepts and principles of information security
    • Goals and structure of the implementer role
  • Initiation of ISMS implementation
    • Understanding the organization and its context
    • Definition of the ISMS scope
    • Management and project approval
    • Building an organizational structure
    • Analysis of the existing system
  • Planning the ISMS implementation
    • Developing an information security policy
    • Risk management and risk assessment according to ISO/IEC 27005
    • Risk management and risk acceptance
    • Statement of Applicability
      (Explanation of Applicability)
    • Define roles and responsibilities
  • Implementation of the ISMS
    • Documented Information Management
    • Selection and design of security controls
    • Implementation of controls in accordance with Annex A
    • Trends and technologies in information security
    • Communication planning and implementation
    • Competence and awareness programs
    • Security Operations Management
  • Monitoring and continuous improvement
    • Monitoring, measurement, analysis and evaluation
    • Internal audit of the ISMS
    • Conduct a management review
    • Handling of nonconformities
    • Continuous Improvement Process
    • PDCA cycle in practice
  • Certification preparation
    • Preparation for the certification audit
    • Documentation requirements for certification
    • Handling audit findings
    • Best practices for successful certifications

IT Emergency Manager (Chamber of Industry and Commerce)

EXAM
IT Emergency Manager (Chamber of Industry and Commerce)
IT-NFM
Direct download
30 units



UE = teaching unit, each approximately 45 minutes.

Module I: IT Emergency Management (Ingo Wolff, 18 teaching units)

  • Basics & Terms
    • Emergency Management vs. Business Continuity Management
    • Regulatory requirements
    • Norms & Standards
  • Business continuity management organization
    • Organization, roles and responsibilities
    • Prevention organization vs. coping organization
    • Tasks of the Business Continuity Manager
    • Documentation of the Business Continuity Management System (BCMS)
    • Incident Management Procedures
  • Business continuity management process
    • Selection of critical business processes
    • Business Impact Analysis
    • Standard requirements ISO/IEC 22301
    • Integration into ISO/IEC 27001

  • Business continuity management process
    • Selection of critical business processes
    • Business Impact Analysis
    • Standard requirements ISO/IEC 22301
    • Integration into ISO/IEC 27001
  • Emergency manual
    • Structure & Organization
    • Practical examples
  • Certification
    • Certification options
    • Preparation for an audit
    • ISO/IEC 22301 Certification
  • Aids & Tools
    • Example applications

Module II: IT Emergency Management in Practice (Thomas Wittmann, 9 teaching units)

  • Introduction to technical measures in cyber emergencies
    • What scenarios should you expect?
    • What technical measures are required?
    • What technical measures can you put in place to be optimally prepared?
  • Malware infection of a PC
    • How do you react correctly?
    • Which detection methods are suitable?
    • What immediate measures do you need to take?
    • SPECIAL: Invisible Malware in Action – C3 Framework Live Demo
  • Ransomware infection of a PC
    • How do you determine the extent of the damage so far?
    • Is there a distribution plan within the company?
    • What immediate measures do you need to take?

  • Ransomware infection of the company
    • Are other systems or shares affected?
    • What immediate measures do you need to take?
    • What is the step-by-step disinfection procedure?
  • Forensic analyses in incidents
    • What exactly happened?
    • How do you analyze the affected systems?
    • What measures will you initiate, and when?
  • Measures to reduce the chance of cyberattacks
    • System environment hardening, Windows AD
    • Hardening the corporate firewall
    • SPECIAL: Cyber Defense as a Service

Module III: Data Protection | Exam Preparation (Thorsten Schröers, 3 teaching units)

  • Data protection measures to be taken in the event of an incident
  • Data protection-related reporting obligations
  • Preparation for the IT Emergency Manager exam (Chamber of Industry and Commerce)
    • Examination procedure
    • Timeline
    • Optimal preparation

SECURITY & MANAGEMENT | NIS2 & CRITICISM

EXAM
SECURITY & MANAGEMENT | NIS2 & CRITICISM
NO
Direct download
6 units



UE = teaching unit, each approximately 45 minutes.

  • Fundamentals of NIS2 and KRITIS
    • Definition and importance of critical infrastructures
    • Historical development and legal framework
  • Legal obligations and compliance
    • National implementation of the NIS2 Directive
    • Proof of obligations and documentation
  • Understanding the NIS2 Directive
    • Objectives and requirements of the NIS2 Directive
    • Impact on companies and operators
    • Identification and protection of critical infrastructures
    • Industry-specific security standards (B2S)
    • Best practices and case studies
  • Technical and organizational measures
    • Security strategies and risk management
    • Implementation of state-of-the-art security measures
    • Attack Detection Systems (ADS)
  • Preparation for providing evidence
    • Audit process and requirements
    • Combination with ISO 27001 certification

AI Officer (Chamber of Industry and Commerce)

EXAM
AI Officer (Chamber of Industry and Commerce)
AI-BE
Direct download
30 units



UE = teaching unit, each approximately 45 minutes.

  • Fundamentals of Artificial Intelligence
    • Definitions of terms and distinction from other technologies
    • Introduction to Machine Learning and Deep Learning
    • Overview of AI architectures and technologies
    • Comparison of selected platforms
  • Preliminary considerations
    • Data management and processing
    • Introduction to AI Readiness using the Microsoft Copilot Readiness Guide as an example
    • Responsible AI
    • Automation or AI.
  • Security and Compliance
    • Before rolling out: Secure the surroundings
    • Data Repository Risk: Cleanup and Environment Preparation
    • Training of AI users
  • Monitoring and Administration
    • Monitoring the AI during operation
    • Application examples
  • EU AI Act – Basics and Application
    • Risk classification of AI systems
      • Prohibited AI practices (Art. 5)
      • High-risk AI systems and Annex III
      • Limited Risk and Minimal Risk AI
    • Compliance requirements
      • Fines & Sanctions
      • Documentation requirements
    • Training obligation as part of competency requirements
      • Proof of sufficient AI competence for employees
      • Content requirements for training programs
      • Documentation and record keeping
    • Practical implementation in the company
      • Competence assessment and training needs analysis
      • Development of in-house training concepts
  • Governance and responsibilities
    • Establishing AI governance structures
      • Organizational anchoring of AI responsibility
      • Define roles and responsibilities
      • Communication with regulatory authorities
    • Risk management and monitoring
      • Continuous compliance monitoring
      • Incident Management for AI Violations
  • GDPR in the context of AI
    • Personal data in AI systems
      • Legal framework for AI training and operation
      • Data subject rights in automated decision-making
      • Data Protection Impact Assessment (DPIA) for AI
    • Interface AI Regulation and GDPR
      • Cumulative application of both sets of rules
      • Avoid double fine risks
      • Collaboration between AI officer and data protection officer
    • Ethical principles for AI
      • Fairness, transparency and non-discrimination
      • Recognize and avoid algorithmic bias
      • Ensure human supervision and control
  • AI Implementation and Change Management
    • Structured AI implementation in the company
    • Requirements analysis & implementation
    • General AI ban in companies?
    • Dealing with Shadow AI
  • Practical examples
    • AI in healthcare
    • AI in human resources management
  • ISO/IEC 42001 – AI Management System
    • AIMS Fundamentals and Structure
      • Plan-Do-Check-Act cycle for AI systems
      • Integration into existing management systems
      • Documentation requirements and audit preparation
    • Implementation in practice
      • Gap analysis and roadmap development
      • AI guidelines and procedural documentation
  • AI risk management according to ISO/IEC 42001
    • Risk identification and assessment
      • AI-specific risk categories
      • Develop a risk matrix for AI systems
      • Risk mitigation strategies
    • Continuous monitoring and improvement
      • Defining KPIs for AI systems
      • Establish monitoring and reporting systems
  • Role and tasks of the AI officer
    • Role profile and core tasks
      • Tasks of an AI officer vs. other officers
      • Organizational integration and reporting lines
      • Interfaces with management and specialist departments

ISO/IEC 42001 Management System for AI

EXAM
ISO/IEC 42001 Management System for AI
NO
Direct download
12 units



UE = teaching unit, each approximately 45 minutes.

  • Introduction to ISO/IEC 42001
    • Overview of the standard
    • Importance and benefits of a management system for AI
  • AI Act & ISO 42001
    • Overview of the requirements from the AI Act
    • Comparison of requirements with ISO 42001
  • Development of an AI policy
    • Key elements of an AI policy
    • Practical examples and best practices
  • Integration of ISO/IEC 42001 into existing systems
    • Comparison with ISO/IEC 27001
    • Complementary aspects and synergies
  • AI & Cloud
    • Specific requirements of AI applications in the cloud
    • AI & Cloud in the Healthcare Sector
  • Risk management and AI
    • Identification and assessment of AI risks
    • Risk reduction measures
    • AI Impact Assessment
  • Compliance and audits
    • Compliance requirements
    • Preparation and execution of audits

AI personnel competence according to the EU AI Act (Art. 4)

NO
AI personnel competence according to the EU AI Act (Art. 4)
EXAM
Direct download
4 units



UE = teaching unit, each approximately 45-60 minutes.

  • Introduction, scope and documentation of the AI Regulation
    • What is considered artificial intelligence (AI) and why is it regulated?
    • Overview: Requirements of the AI Act Article 4
      Legal basis and applicability: when does the obligation apply?
    • Sample template for the structure and documentation of the training obligation according to AI Act Article 4:
      Guidelines for secure filing and documentation requirements for authorities.
  • Legal framework, obligations and practical implementation
    • Role in the company: Provider, operator, user
    • Technical and organizational duties
    • Data protection, non-discrimination, control
    • Documentation, transparency and reporting obligations
    • Documentation requirements: How are AI decisions, training data, and processes recorded?
    • Practical case studies
  • AI classification, self-assessment & risk identification
    • What are high-risk, limited, or minimal AI systems?
    • Interactive review: Checklist for systematic AI classification for business use (including AI check questions according to the EU AI Act – sample template)
    • Self-assessment with practical check – Is our company legally compliant?
    • Practical case studies
  • Legally compliant use and control in everyday life
    • Typical mistakes, sanctions, and how to avoid them
    • Reporting and monitoring obligations
    • Practical case study: Documentation requirements step-by-step
    • Recommendations for action

IT Service Management

EXAM
IT Service Management
Chamber of Industry and Commerce*
Direct download
20 units



UE = teaching unit, each approximately 45 minutes.

  • IT service management in practice
  • The Service Value System
  • Basic concepts, core principles and models
  • Concepts for the operation of IT services and IT infrastructures
  • Selected practices and processes
  • Training pathways, qualifications, and examination focus areas of different providers

IT project management

EXAM
IT project management
Chamber of Industry and Commerce*
Direct download
20 units



UE = teaching unit, each approximately 45 minutes.

  • Facts, terms, concepts and principles in project management and their involvement in a project
  • Understanding a business case
  • Identifying and managing risks
  • Principles, themes and processes
  • Customer-supplier environments and their impacts
  • Adapt to the project
  • Manage changes, ensure project progress, and complete projects.
  • Training pathways, qualifications, and examination focus areas of different providers

Agile project and product management (SCRUM)

EXAM
Agile project and product management (SCRUM)
Chamber of Industry and Commerce*
Direct download
20 units



UE = teaching unit, each approximately 45 minutes.

  • Agile mindset, e.g., agile values and principles, problems of static processes
  • The three pillars of Scrum theory
  • The Scrum values
  • The Scrum team and its roles: Developer, Scrum Master and Product Owner
  • The Scrum events: Sprint, Sprint Planning, Daily Scrum, Sprint Review, Sprint Retrospective
  • The Scrum artifacts: Product Backlog, Sprint Backlog, Increment, Definition of Done
  • Lean Management
  • Adopting Scrum and dealing with resistance
  • Scrum in complex environments
  • Scaling with Nexus
  • Other agile methods (Xtreme Programming, Kanban, Crystal, DSDM)
  • Organization and execution of agile projects using Atlassian's Jira software.
  • Exam preparation

* At the end of the entire training program, all participants of the client have the opportunity to complete an online exam,
Passing this exam will grant the title of IT Service and IT Project Manager (IHK) (m/f/d).
The cost is €250.00 per exam. Retakes are charged at €100.00 each.
The Chamber of Industry and Commerce (IHK) exams can be ordered directly alongside the training.

Dynamic Project Management Method Foundation

EXAM
EXIN Dynamic Project Management Method Foundation
DPMM
Direct download
18 units



UE = teaching unit, each approximately 45 minutes.

  • The following are the main areas of focus in the training:
  • introduction
    • What is a project?
    • What is project management?
    • Why use a method?
    • Project goals, the value chain of a project, the project context
  • 6 principles
    • DPMM is based on principles that provide the project team with clear guidance for action.
  • 4 processes
    • The 'common thread' through the project
      (What role must contribute what to the project and when?)
  • 7 practices
    • Business Case
    • organization
    • Agility
    • planning
    • Quality management
    • Risk management
    • Issue Management
  • Project documentation

DPMM offers practical templates for all project documentation.



EXAM
IT expert (Chamber of Industry and Commerce)1
IT-SV
Online training
Direct download
30 units



UE = teaching unit, each approximately 45 minutes.

Overview of the expert system

  • Definition of "expert"„
  • Requirements for experts
  • Type of expert (self-appointed, certified, publicly appointed and sworn experts)
  • Overview of expert training
  • Qualification and examination process

Services of the expert (general)

  • The typical services in detail
  • Who needs these services and in which situations?
  • In contrast, what are not considered expert services?

Expert intervention outside of disputes

  • Consulting and support for IT projects
  • Support for the restructuring of IT projects in critical status
  • Monitoring of ongoing IT systems to prevent creeping security problems
  • IT security – consulting and prevention
  • Support for the technical fulfillment of data protection requirements
  • Valuation/Appraisal Report
    • Clarification of terms | Evaluation of systems, software and projects
    • Acquisition cost | New value | Current value | Fair market value | Residual value
    • Hull value | Replacement value
    • Restoration costs
    • Valuation of custom software (income value|asset value)
    • Valuation of standard software
    • Valuation of data
  • Insurance appraisal

Expert services in private disputes

  • Reimbursement for private expert opinions in disputed situations
  • Condition monitoring
  • Out-of-court dispute resolution procedures (mediation, conciliation proceedings, arbitration proceedings, expert opinions)

The expert, commissioned privately

  • Distinction between private contract and court contract
  • Purpose of private commissions
  • The evaluation of private expert opinions in court proceedings
  • Liability of the expert as a private appraiser, in particular third-party liability
  • The expert contract
  • The correct wording of the expert opinion request
  • The correct formulation of the purpose of the contract
  • Rights and obligations of the expert
  • Rights and obligations of the client
  • Fee and advance payment

The court-appointed expert

  • Courts and instances
  • Courts that appoint IT experts
  • Selection of the expert by the court
  • Rights and obligations of the expert
  • Remuneration (JVEG)
  • Legal opinion
  • Liability of the expert witness appointed by the court
  • Language usage

Order intake

  • On private commission
  • By order of the court

The recording of facts by means of laboratory examination

  • When is it useful/necessary to gather facts through laboratory testing?
  • Formalities on private behalf
  • Formalities on behalf of the court
  • Procedure

The fact-finding process involves an on-site visit

  • When are on-site fact-finding visits useful/necessary?
  • Appointment scheduling
  • The process
  • The expert's appearance and behavior during the site visit
  • Rules for participation by multiple parties
  • Avoidable errors by the expert during the site visit

Structure and content of expert reports

  • General
  • Chapter 1: The Mission
  • Chapter 2: Foundations/Basis of the Expert Opinion
  • Chapter 3: Subject of the Expert Opinion
  • Chapter 4: Findings on the individual questions/claims
  • Chapter 5: Expert Opinion Results
  • General rules
  • Cover page
  • Final information

Procedure for preparing expert reports

  • Work steps
  • How to formulate an expert opinion correctly – what matters

The court date

  • Content preparation
  • Mental preparation
  • The course of the court hearing
  • Conduct of the expert witness at the court hearing

The expert office

  • Business administration of the expert
  • Company form
  • Fulfillment of confidentiality obligations
  • Security and organization within the company
  • Self-promotion by the expert
  • Connecting businesses
  • How does the expert get assignments?
  • The expert's staff

Summary: The sins of the expert witness and how to avoid them

Contract law for IT system houses | EVB-IT

EXAM
Contract law for IT system houses | EVB-IT
NO
Direct download
4 units



UE = teaching unit, each approximately 45 minutes

 Awarding and procurement of IT services according to EVB-IT
Supplementary contractual terms for the procurement of information technology

  • Introduction and basics of IT service procurement
  • Overview, structure and application areas of the eleven different contract types
  • Excerpted explanation of the content and structure of the different types of contracts
    (Warranty for defects, delays, usage rights, service description, SLA, etc.)
  • Effective incorporation of contractual terms and conditions, principles of general terms and conditions, and voluntary adoption of the following contracts:
    • EVB-IT Cloud
    • EVB-IT service
    • EVB-IT Maintenance
    • EVB-IT Purchase
    • EVB-IT Care S
    • EVB-IT Transfer Type A
    • EVB-IT Transfer Type B
    • EVB-IT creation
    • EVB-IT Service
    • EVB-IT System
    • EVB-IT System Delivery

Marketing law

EXAM
LAW | Marketing
NO
Direct download
4 units



UE = teaching unit, each approximately 45 minutes

  • Introduction to the relevant legal areas (UWG, TMG, TTDSG, GDPR, UrhG)
  • Legally compliant postal advertising, address service provider
  • Legally compliant telephone marketing, use of call centers
  • Legally compliant email marketing, newsletters and tracking
  • Marketing via website and social media, website analysis, etc.
  • Search engine advertising, AdWords campaigns and search engine optimization
  • Marketing contracts – SEO contracts, order processing
  • Copyright principles and the use of AI in marketing activities

Law in the home office

EXAM
LAW | Home office
NO
Direct download
4 units



UE = teaching unit, each approximately 45 minutes

  • Terminology and fundamentals
    (Home office, mobile office, teleworking, etc.)
  • Requirements from labor law
    (Contractual requirements, working hours, occupational safety and health, accidents, co-determination, etc.)
  • Data protection requirements
    (Technical and organizational measures for data protection and data security)
  • Working from abroad

Law regarding the use of artificial intelligence

EXAM
LAW | Artificial Intelligence (AI)
NO
Direct download
2 units



UE = teaching unit, each approximately 45 minutes.

  • introduction
  • Legal definition of AI
  • AI applications in business
  • Legal challenges in the use of AI
    • Data protection law and AI
    • Copyright and AI
    • Trade Secrets Act and AI
    • Liability issues related to AI
    • Recommendations and guidelines from supervisory authorities
    • European and international regulatory projects (AI Regulation)

Goal

BSI | IT Baseline Protection Practitioner

This 24-part online training course provides an overview of the procedures based on the IT Baseline Protection Standards of the German Federal Office for Information Security (BSI) and the ISO/IEC 27001 standard. You will learn how to create a comprehensive IT security concept and conduct risk analyses using the Baseline Protection methodology. In addition to practical exercises, you will gain insight into emergency management according to BSI Standard 200-4.
The seminar is held according to the BSI curriculum and fulfills the requirements for BSI personnel certification for the IT baseline protection practitioner.

BSI | IT Baseline Protection Consultant

In this 18-part online training course, you will deepen your knowledge of the procedures according to the IT baseline protection standards of the German Federal Office for Information Security (BSI). In addition to practical exercises on creating a security concept according to BSI Standard 200-x, you will learn, among other things, which interfaces for emergency and risk management are recommended and used.
The seminar is held according to the BSI curriculum and fulfills the requirements for BSI personnel certification for the IT baseline protection consultant.

BSI | BCM Practitioner

You will learn methods and measures that identify your critical core processes and values worthy of protection within a holistic management approach to business continuity management, how to protect them from harmful influences or significant incidents, and how to ensure operational reliability.

Using best practice examples for BIA/RIA and various risk analyses regarding the availability and impact of preventive and reactive security measures, you will expand your knowledge of procedures, typical content and follow-up measures.
The seminar is held according to the BSI curriculum and fulfills the requirements for BSI personnel certification for the BCM practitioner.

BSI | Incident Practitioner

This seminar equips you with the necessary skills to fulfill the role of an incident response practitioner as part of the digital emergency response chain. Based on the guidelines of the German Federal Office for Information Security (BSI), you will learn about all the relevant topics to provide appropriate support. The seminar follows the BSI curriculum and meets the requirements for BSI personnel certification. Incident practitioner.

IT Security and Information Security Officer (Chamber of Industry and Commerce)

As an IT Security and Information Security Officer, you support the responsible departments within the company in identifying potential risks related to all IT infrastructures used within the organization. You define security objectives at the management level and manage, regulate, and monitor all necessary security measures. Furthermore, you document all aspects of IT and information security, ensuring that management is always up-to-date and can make business-critical decisions quickly and easily.

This 30-part online training series will equip you with the necessary knowledge to perform the duties of an IT security and information security officer. This includes the essential characteristics and requirements of IT security, data and system security, security from a business perspective, physical IT security, cryptography, network security, PKI, computer security, and organizational security.

Furthermore, you will learn about relevant standards for the implementation of an IT security management system (including ISO 2700x and BSI Basic Protection).
Alongside the practical knowledge described, you will be prepared for the certificate. IT Security and Information Security Officer (Chamber of Industry and Commerce) prepared.

ISMS implementer according to DIN ISO/IEC 27001 (Chamber of Industry and Commerce)

This online training course provides practical knowledge and comprehensive skills for planning, implementing, monitoring, and continuously improving an Information Security Management System (ISMS) according to DIN ISO/IEC 27001. Participants learn the standard's requirements, compatibilities with other standards, and methods for risk management and the design of effective security controls. The goal is to enable participants to work independently as ISMS implementers within organizations and to lay the foundation for further certifications or audits. Alongside the practical knowledge gained, you will be prepared for certification. ISMS implementer according to DIN ISO/IEC 27001 prepared by IHK Hellweg Sauerland GmbH, which you can optionally complete after the training.

IT Emergency Manager (Chamber of Industry and Commerce)

Module I: IT Emergency Management
The first module of this online training focuses on the structured prevention, risk minimization, and management of IT emergencies and crises. Based on the ISO 22301 standard, you will receive all the necessary information to independently develop a well-thought-out emergency management plan and significantly minimize, or even completely prevent, the negative consequences of a potential incident, starting with fundamentals and general terminology, moving through business continuity management processes, and culminating in the development of an emergency manual.

Module II: IT Emergency Management in Practice
The second part of the training focuses on practical application examples. You will gain insight into potential risk scenarios such as malware and/or ransomware infections. Furthermore, you will be provided with concrete recommendations for action that you can immediately implement in practice and significantly minimize the risks of cyberattacks.

Module III: Data Protection in the Event of an Incident | Exam Preparation
The online training concludes with information on data protection regulations that must be observed in the event of a malfunction and preparation for the optional exam to become an IT emergency manager (IHK).

NIS2 & KRITIS

Cybersecurity for critical infrastructures and NIS2 compliance.
This training combines the technical aspects of cybersecurity with the specific regulatory requirements of NIS2 and KRITIS. It prepares participants to play a key role in securing critical infrastructures and complying with relevant EU directives.
The training focuses on developing the following skills (excerpt) – you will learn:

  • NIS2 will provide you with a comprehensive understanding of the directive and its requirements.
  • to recognize and understand the specific characteristics and protection needs of critical infrastructures.
  • To be able to plan, implement and monitor measures in accordance with NIS2 and KRITIS requirements.
  • To be able to develop and implement risk management strategies for critical infrastructures.
  • To be able to establish and manage compliance processes for NIS2 and KRITIS regulations.
  • To understand and consider the interfaces between technical, organizational and legal aspects of cybersecurity in critical infrastructures.
  • To be able to continuously improve security measures in line with evolving threats and regulatory requirements.

AI Officer (Chamber of Industry and Commerce)

Since the EU AI Regulation (AI Act) came into force and has been fully applicable since August 2025, strict regulations govern the use of artificial intelligence. Companies are obligated to develop sufficient personnel expertise before implementing AI systems and to comply with registration, testing, documentation, and reporting requirements in order to minimize risks associated with AI.
The training to become an AI officer provides the necessary technical, organizational, and legal knowledge to support companies in the safe, legally compliant, and responsible use of AI. Participants will be enabled to...,

  • to support the use of AI systems in the company, taking into account regulatory requirements (EU AI Act, GDPR, ISO/IEC 42001),
  • Identifying and assessing risks and taking appropriate countermeasures,
  • To establish governance structures and compliance processes for AI applications,
  • Training employees, raising awareness of opportunities and risks, and anchoring responsible AI use within the company,
  • to act as a central interface between management, specialist departments, IT, data protection and supervisory authorities.

Optionally, the training can be completed with an IHK (Chamber of Industry and Commerce) certification. This provides participants not only with a sound qualification but also with recognized proof of their acquired expertise. The certificate documents the ability to perform the role of AI officer professionally and demonstrably competently, and strengthens both personal and organizational credibility in dealing with AI systems.

ISO/IEC 42001 Management System for AI

The primary goal of this online training is to provide you with a comprehensive understanding of the ISO/IEC 42001 standard and its significance for management systems. Furthermore, you will acquire the knowledge to effectively create and implement an AI policy. The integration of ISO/IEC 42001 into an existing management system, such as ISO/IEC 27001, to generate synergies will also be demonstrated. Methods for identifying and assessing risks, ensuring compliance, and conducting audits will also be covered.

AI personnel competence according to the EU AI Act (Art. 4)

Companies that offer, operate, or use artificial intelligence (AI), regardless of company size, are legally obligated to provide comprehensive training for their staff under the EU AI Regulation (AI-VO) as it comes into force!
This online training course was developed based on this EU regulation. It fully meets all legal, organizational, and ethical requirements of the EU AI Regulation (EU AI Act – Article 4) and provides the necessary practical knowledge. Participants acquire the required expertise to ensure the legally compliant use of AI systems and to avoid liability risks.

Upon completion of the online training, both the company and the participants will fully comply with all legal obligations under the EU AI Regulation. Participants will learn

  • understand the requirements and obligations arising from the regulation,
  • AI systems can be used in a legally compliant, safe and ethical manner,
  • are aware of risks and pitfalls,
  • and can implement and demonstrate compliance with internal company guidelines.

IT Service Management

You will learn about the concepts, terminology, definitions, goals and benefits of the most important IT service management processes and will be able to transfer these benefits to your area of work to optimize the service quality of your company.

IT project management

The aim of this training is to understand the principles of IT project management and to be familiar with the subject-specific terminology in order to significantly facilitate your future project work.

Agile project and product management (SCRUM)

You will learn agile project management with Scrum and its corresponding principles. This course teaches you how to efficiently apply Scrum in typical project situations and how collaboration leads to success. Furthermore, you will gain a deep understanding of the role of the Product Owner, whose primary focus is on the needs of the customer and the user.

Dynamic Project Management Method

The goal of the Dynamic Project Management method (DPMM) is to provide a flexible and adaptable approach to carrying out projects in a constantly changing environment.

IT expert (Chamber of Industry and Commerce)

The aim of this online training series is to prepare you for a career as an IT expert (m/f/d). You will learn about the format, requirements, standards, and work techniques necessary for the professional handling of such projects.
Alongside the practical knowledge described, you will be prepared for the certification of the IHK-Bildungsinstitut Hellweg-Sauerland GmbH, upon passing which you will receive the title. IT expert (Chamber of Industry and Commerce) obtain.

Contract law for IT system houses | EVB-IT

You will gain a good overview of the different types of contracts, their scope of application, and their content. You will also receive information on readily usable sample documents.

Marketing law

Marketing involves adhering to a wide range of legal requirements, such as those arising from competition law, copyright law, data protection law, and other legislation, as well as the complex case law surrounding marketing activities. Here you will learn how to design legally compliant marketing campaigns for various areas (e.g., direct mail, telemarketing, email marketing, social media, etc.).

Law in the home office

Many employees work from home, at client sites, or while traveling. What legal requirements must be considered? What rights and obligations arise for employers?

Laws surrounding the use of artificial intelligence (AI)

They should develop a sound understanding of the legal requirements for dealing with the use and application of artificial intelligence.

You will be able to recognize, understand, and implement legal frameworks in practice. Furthermore, you will learn to identify legal risks and initiate appropriate measures to ensure compliance with all regulations.

Requirement

Basic knowledge of information technology and information security is helpful for participation, but not mandatory. An understanding of the methodology according to ISO 22301 or the BSI standards (BSI 100-4 or BSI 200-4) as well as basic knowledge of IT baseline protection are advantageous. Furthermore, sound technical expertise in IT and IT security, a solid understanding of cybersecurity, and basic knowledge of the challenges of IT services, such as in IT departments, data centers, or service provider organizations, are recommended.

Miscellaneous

Procedure of the online training courses

The described training consists of online training courses that are directly available to you.
The online training comprises a total of 345 teaching units (TU).
The duration of each teaching unit (TU) is approximately 45-60 minutes.
A certificate of attendance is provided for each lesson. This serves as complete documentation of the acquired skills. Furthermore, you will receive a summary certificate upon completion of the training.
Optionally, the training as an IT Baseline Protection Practitioner (BSI) and/or Incident Practitioner (BSI) and/or BCM Practitioner (BSI) and/or AI Officer (IHK) and/or IT Security and Information Security Officer (IHK) and/or ISMS Implementer according to DIN ISO/IEC 27001 (IHK) and/or IT Emergency Manager (IHK) and/or IT Service and IT Project Manager (IHK) can be completed with an online exam, passing which grants you the respective title.1 obtain.
All online training courses are available for download in .MP4 format for at least six months.
The language of instruction is German. Accompanying teaching materials, presentations, and desktop views may also be displayed in English.


Optional service | 1Certificate from the IHK-Bildungsinstitut Hellweg-Sauerland GmbH and BSI

At the end of the online training courses, you have the option to take exams administered by the Hellweg-Sauerland Chamber of Industry and Commerce (IHK) training institute. Each exam is provided as an online exam.
If successful, you will receive the certificate from the IHK-Bildungsinstitut Hellweg-Sauerland GmbH. AI Officer (Chamber of Industry and Commerce) and/or IT Security and Information Security Officer (Chamber of Industry and Commerce) and/or ISMS implementer according to DIN ISO/IEC 27001 (Chamber of Industry and Commerce) and/or IT Emergency Manager (Chamber of Industry and Commerce) and/or IT service and IT project manager (Chamber of Industry and Commerce).

The cost per exam is €250.00. If a student fails, retakes will cost €100.00 each.

The exam is a service provided by the IHK-Bildungsinstitut Hellweg-Sauerland GmbH, which also determines the title of the certificate (adjustments are possible).

The exam IT Baseline Protection Practitioner An optional online exam is offered at the end of the training; passing it will earn you the title of the same name. It consists of 50 multiple-choice questions that must be answered within a maximum of 60 minutes.
The cost is €250.00 per exam (retakes are charged at €100.00 each). The exam can be booked directly for each individual participant by selecting the "Optional Service" option alongside the training.

The exam IT baseline protection consultant is offered exclusively by the BSI.
The costs of the certification process are governed by the Special Fee Ordinance of the Federal Ministry of the Interior, Building and Community for individually attributable public services within its area of responsibility (BMIBGebV). The costs of the initial certification process comprise the fees for the actual time spent and the expenses incurred and are calculated individually.
The costs will probably be in the range of +/- 700 EUR.

Further information about the exam can be found at the BSI website. www.bsi.bund.de view.

The exam IT Baseline Protection BCM Practitioner An optional online exam is offered at the end of the training; passing it will earn you the title of the same name. It consists of 50 multiple-choice questions that must be answered within a maximum of 60 minutes.
The cost is €250.00 per exam (retakes are charged at €100.00 each). The exam can be booked directly for each individual participant by selecting the "Optional Service" option alongside the training.

The exam Incident Practitioner (BSI) An optional online exam is offered at the end of the training; passing it will earn you the title of the same name. It consists of 50 multiple-choice questions that must be answered within a maximum of 60 minutes.
The cost is €250.00 per exam (retakes are charged at €100.00 each). The exam can be booked directly for each individual participant by selecting the "Optional Service" option alongside the training.
ITKservice GmbH & Co. KG has no influence on the type, difficulty, execution and appearance of this exam.
The exam fee, in combination with the training, is billed through ITKservice GmbH & Co. KG.

General Terms and Conditions and Copyrights

All services are billed upon booking the training and apply exclusively to the registered customer. Transferring the services to third parties is not permitted. The copyright © of all training materials, including all recordings and documents, belongs to ITKservice GmbH & Co. KG. Reproduction is permitted only for the customer's internal use.

All details at a glance

today Start:

April 18, 2026, 10:00 AM

place Location:

Internet

category Category:

Online training

payments Net price:

€6990

hearing Language:

German

info Additional information:

You can start immediately with this online training package. You can also participate in additional live online sessions. Please note the following instructions.
Book now

    Your data has been successfully transmitted

    check Thank you for your booking!
    Your data has been successfully submitted. You will receive a confirmation email from us shortly.

    Make another booking

    Fill out the booking form and register!

    Step 1: Fill in the participant data

    Step 2: Add this participant

    You can only complete the booking after you have added at least one participant

    All seminars, downloads, workshops, etc. are exclusive to our SYNAXON partners. Are you working in the IT industry but not yet a SYNAXON partner? Then join us. here Contact us.

    This event is an exclusive offer for our iTeam partners. Not yet an iTeam partner and want to take advantage of this offer? You can find further information here.

    Step 3: Complete booking

    Book bindingly For 0.00

    * Mandatory fields

    Please note: This is a binding booking for this event. Cancellation fees may apply. For further information, please refer to the general booking conditions or cancellation information. Prices are exclusive of VAT.

    Summary

    expand_less

    today Start:

    April 18, 2026, 10:00 AM

    timer End:

    April 18, 2026, 5:00 PM

    place Location:

    Internet

    info Price information:

    hearing Language:

    German

    payments Total price:

    0.00  €

    AI in Focus: The exchange and expert roundtable on AI in the system house

    How can I use AI in a systems house effectively and to increase profits? This is just one of the questions we will address in the exchange and expert panel.

    Learn more

    Expert panel for system administrators

    The daily challenges posed by new technologies and complex software solutions for IT technicians, support staff, and administrators are significant. This makes continuous training and exchange all the more important.

    Learn more

    Focus group: Optimizing tools, processes and billing in the system house

    The challenges facing IT service providers are significant. New technologies, such as AI and complex software solutions, are an essential part of this.

    Learn more

    Get in touch with us!

      Your message has been successfully sent

      check Thank you for your message!
      Your data has been successfully submitted and we will contact you as soon as possible.

      We are happy to answer any questions you may have about the SYNAXON Academy!

      *Required field

      Please note our privacy policy .

      Not a SYNAXON partner yet? Then fill out your SYNAXON partner contract online here!

      To the online contract

      Still questions?

      Our sales department is at your disposal

      Mon-Fri from 8am-5pm!

      SYNAXON Academy

      05207 9299222

      akademie@synaxon.de

      Not a SYNAXON partner yet? Then fill out your SYNAXON partner contract online here!

      To the online contract
      arrow_upward