Electronic Identification Authentication and Trust Services 2.0 Trained Professional (eIDAS2.0TPro)



Overview

eIDAS 2.0 is an important step forward in the EU’s efforts to create a secure, interoperable, and user-friendly digital environment. Enhancing electronic identification and trust services is a major challenge, but also a major opportunity for experts working for the implementation of the regulation.

Implementing the eIDAS 2.0 regulation requires a multidisciplinary approach involving various professionals with expertise in technology, law, cybersecurity, project management, and more. All professionals and experts must have a very good understanding of the eIDAS 2.0 regulation.


Objectives

The program has been designed to provide with the skills needed to understand and support compliance with the European Digital Identity Regulation (Regulation (EU) 2024/1183), also known as eIDAS 2.0.

It also provides with the skills needed to pass the Electronic Identification Authentication and Trust Services 2.0 Trained Professional (eIDAS2.0TPro) exam, and to receive the Certificate of Completion, that provides independent evidence to firms and organizations that you have a quantifiable understanding of the subject matter.


Target Audience

The program is highly beneficial for professionals employed by companies and organizations that must adhere to eIDAS 2.0 requirements.

The program is especially important to professionals and experts working in:

- Risk and Compliance Management, with skills and qualifications that ensure they can effectively manage the complexities of this regulatory framework, including risk assessments, mitigation strategies, data protection, familiarity with other relevant regulations, incident response and handling of compliance breaches or security incidents, and ability to develop and implement compliance monitoring and reporting systems.

- Project and Program Management, who coordinate multiple projects related to eIDAS 2.0 implementation, ensuring alignment with strategic goals and regulatory requirements.

- IT Project Management, necessary for the development and implementation of IT systems related to eIDAS 2.0 and other directives and regulations.

- Cybersecurity, including Security Analysts who assess security risks, implement security measures, and monitor systems for vulnerabilities.

- Digital Identity and Trust Services, including Identity and Access Management (IAM) Specialists who manage user identities and control access to systems, ensuring that only authorized users can access sensitive information, and Trust Service Providers (TSP) Specialists that oversee the provision of trust services, such as electronic signatures, electronic seals, and time-stamping.

- Information Technology (IT), including System Architects that design the overall IT architecture for eID systems and trust services, ensuring scalability, security, and interoperability, Software Developers who create and maintain the software solutions required for electronic identification and trust services, including digital identity wallets, and Database Administrators who manage the databases storing eID and transaction data, ensuring data integrity and security.


Course Synopsis.


Introduction.

- The Electronic Identification Authentication and Trust Services 2.0 Trained Professional (eIDAS2.0TPro) exam.
- The certificate of completion.


Part 1 - The European Union. How does the legislative process work?

- Key institutions.
- The European Commission, the most important institution for risk and compliance professionals.
- How does the legislative process work?
- The European System of Financial Supervision (ESFS).
- Legal acts after the Treaty of Lisbon.
- Delegated acts, supplementing or amending certain non-essential elements of a basic act.
- Implementing acts.
- Regulatory technical standards (RTS)
- Implementing technical standards (ITS).
- The European Data Protection Supervisor and the European Data Protection Board.
- The Committee of European Auditing Oversight Bodies (CEAOB).
- The European External Action Service.
- The Common Foreign and Security Policy (CFSP).
- The Common Security and Defence Policy (CSDP).
- The European Network and Information Security Agency (ENISA).
- The NIS Cooperation Group.
- The European cyber crisis liaison organisation network (EU-CyCLONe).
- The High-Level Expert Group on Artificial Intelligence (AI HLEG).


Part 2 - Before eIDAS, from eIDAS 1.0 to eIDAS 2.0.

- eIDAS 2.0, Regulation (EU) 2024/1183, or European Digital Identity Regulation?
- Building trust in the online environment.
- Directive 1999/93/EC did not include a cross-border and cross-sector framework.
- European Commission, “A Digital Agenda for Europe”.
- European Commission, “Dismantling the obstacles to EU citizens’ rights”.
- Directive 2006/123/EC “on services in the internal market”.
- Regulation (EU) No 910/2014, the eIDAS Regulation.
- Did eIDAS 1.0 work?
- The European Digital Identity Wallet: The next major objective.
- European Commission, “Shaping Europe’s Digital Future” - announced the revision of eIDAS 1.0 to improve its effectiveness.
- European Commission, “2030 Digital Compass: the European way for the Digital Decade” (the “Digital Compass Communication”).
- The Digital Compass Communication, key milestones along four cardinal points.
- Government as a Platform.
- “Smart villages”.
- Digital Citizenship.
- The Digital Decade Policy Programme 2030, established by Decision (EU) 2022/2481.
- The “European Declaration on Digital Rights and Principles for the Digital Decade” (the “Declaration”, 2023/C 23/01).


Part 3 - Articles, Regulation (EU) 2024/1183.

CHAPTER I, GENERAL PROVISIONS.

- Article 1, Amendments to Regulation (EU) No 910/2014. Subject matter.
- Article 2, Scope.
- “This Regulation is without prejudice”.
- Article 3, Definitions.
- Notes – Understanding Electronic Signatures, Advanced Electronic Signatures (AES), Qualified Electronic Signatures (QES).
- Annex I.
- Notes – Understanding Trust Services, Certification Authorities (CAs), Public Key Infrastructure (PKI), Timestamps, Timestamp Authorities (TSA), Electronic Seals, Sealing Entities, Basic Electronic Seals, Advanced Electronic Seals, Qualified Electronic Seals.
- Annex III.
- Annex IV.
- Notes – Understanding the European Digital Identity Wallet (EUDI Wallet) and the “once only” principle.
- Annex VII.
- Article 4, Internal market principle.
- Article 5, Pseudonyms in electronic transaction.


CHAPTER II, ELECTRONIC IDENTIFICATION.

SECTION 1, EUROPEAN DIGITAL IDENTITY WALLET.

- Article 5a, European Digital Identity Wallets.
- Note: The meaning of “mutatis mutandis”.
- Note: The concept of national discretion in EU law.
- Article 5b, European Digital Identity Wallet-Relying Parties.
- Article 5c, Certification of European Digital Identity Wallets.
- Article 5d, Publication of a list of certified European Digital Identity Wallets.
- Article 5e, Security breach of European Digital Identity Wallets.
- Article 5f, Cross-border reliance on European Digital Identity Wallets.


SECTION 2, ELECTRONIC IDENTIFICATION SCHEMES.

- Article 6, Mutual recognition.
- Article 7, Eligibility for notification of electronic identification schemes.
- Article 8, Assurance levels of electronic identification schemes.
- Article 9, Notification.
- Article 10, Security breach of electronic identification schemes.
- Article 11, Liability.
- Article 11a, Cross-border identity matching.
- Article 12, Interoperability.
- Article 12a, Certification of electronic identification schemes.
- Article 12b, Access to hardware and software features.
- Digital Markets Act, meaning of “core platform service” and “gatekeeper”.


CHAPTER III, TRUST SERVICES.

SECTION 1, General provisions.

- Article 13, Liability and burden of proof.
- Article 14, International aspects.
- Article 15, Accessibility for persons with disabilities and special needs.
- Article 16, Penalties.


SECTION 2, Non-qualified trust services.

- Articles 17 and 18 are deleted.
- Article 19, Security requirements applicable to trust service providers.
- Article 19a, Requirements for non-qualified trust service providers.


SECTION 3, Qualified trust services.

- Article 20, Supervision of qualified trust service providers.
- Note – Understandings Article 21 of the NIS 2 Directive (Cybersecurity risk-management measures).
- Article 21, Initiation of a qualified trust service.
- Article 22, Trusted lists.
- Article 23, EU trust mark for qualified trust services.
- Article 24, Requirements for qualified trust service providers.
- Note before Article 24a: Understanding Qualified Electronic Signature (QES), Qualified Electronic Signature Creation Device (QESCD), Qualified Trust Service Provider (QTSP), Qualified Validation Service for Qualified Electronic Signatures, Qualified Preservation Service (QPS), Qualified Electronic Time Stamp, Qualified Certificate for Websites, Qualified Electronic Registered Delivery Service (QERDS), Qualified Electronic Attestation of Attributes (QEAA), Qualified Electronic Archiving Service, Qualified Electronic Ledger.
- Article 24a, Recognition of qualified trust services.


SECTION 4, Electronic signatures.

- Article 25, Legal effects of electronic signatures.
- Article 26, Requirements for advanced electronic signatures.
- Article 27, Electronic signatures in public services.
- Article 28, Qualified certificates for electronic signatures.
- Annex II.
- Article 29, Requirements for qualified electronic signature creation devices.
- Article 29a, Requirements for a qualified service for the management of remote qualified electronic signature creation devices.
- Article 30, Certification of qualified electronic signature creation devices.
- Article 31, Publication of a list of certified qualified electronic signature creation devices.
- Article 32, Requirements for the validation of qualified electronic signatures.
- Article 32a, Requirements for the validation of advanced electronic signatures based on qualified certificates.
- Article 33, Qualified validation service for qualified electronic signatures.
- Article 34, Qualified preservation service for qualified electronic signatures.


SECTION 5, Electronic seals.

- Article 35, Legal effects of electronic seals.
- Article 36, Requirements for advanced electronic seals.
- Article 37, Electronic seals in public services.
- Article 38, Qualified certificates for electronic seals.
- Article 39a, Requirements for a qualified service for the management of remote qualified electronic seal creation devices.
- Article 39, Qualified electronic seal creation devices.
- Article 40a, Requirements for the validation of advanced electronic seals based on qualified certificates.


SECTION 6, Electronic time stamps.

- Article 41, Legal effect of electronic time stamps.
- Article 42, Requirements for qualified electronic time stamps.
- Note: The Coordinated Universal Time (UTC).


SECTION 7, Electronic registered delivery services.

- Article 43, Legal effect of an electronic registered delivery service.
- Article 44, Requirements for qualified electronic registered delivery services.


SECTION 8, WEBSITE AUTHENTICATION.

- Article 45, Requirements for qualified certificates for website authentication.
- Article 45a, Cybersecurity precautionary measures.


SECTION 9, ELECTRONIC ATTESTATION OF ATTRIBUTES.

- Article 45b, Legal effects of electronic attestation of attributes.
- Article 45c, Electronic attestation of attributes in public services.
- Annex V.
- Article 45d, Requirements for qualified electronic attestation of attributes.
- Annex VI.
- Article 45e, Verification of attributes against authentic sources.
- Article 45f, Requirements for electronic attestation of attributes issued by or on behalf of a public sector body responsible for an authentic source.
- Article 45g, Issuing of electronic attestation of attributes to European Digital Identity Wallets.
- Article 45h, Additional rules for the provision of electronic attestation of attributes services.


SECTION 10, ELECTRONIC ARCHIVING SERVICES.

- Article 45i, Legal effect of electronic archiving services.
- Article 45j, Requirements for qualified electronic archiving services.


SECTION 11, ELECTRONIC LEDGERS.

- Article 45k, Legal effects of electronic ledgers.
- Article 45l, Requirements for qualified electronic ledgers.


CHAPTER IV, ELECTRONIC DOCUMENTS.

- Article 46, Legal effects of electronic documents.


CHAPTER IVa, GOVERNANCE FRAMEWORK.

- Article 46a, Supervision of the European Digital Identity Wallet Framework.
- Article 46b, Supervision of trust services.
- Article 46c, Single points of contact.
- Article 46d, Mutual assistance.
- Article 46e, The European Digital Identity Cooperation Group.


CHAPTER V, DELEGATIONS OF POWER AND IMPLEMENTING PROVISIONS.

- Article 47, Exercise of the delegation.
- Article 48, Committee procedure.
- Article 48a, Reporting requirements.


CHAPTER VI, FINAL PROVISIONS.

- Article 49, Review.
- Article 50, Repeal.
- Article 51, Transitional measures.


Part 4 - Other EU Directives and Regulations.

1. The NIS 2 Directive.
2. The Digital Operational Resilience Act (DORA).
3. The Critical Entities Resilience Directive (CER).
4. The Digital Services Act (DSA).
5. The Digital Markets Act (DMA).
6. The European Health Data Space (EHDS).
7. The European Chips Act.
8. The Corporate Sustainability Due Diligence Directive (CSDDD).
9. The European Data Governance Act (DGA).
10. The EU Cyber Solidarity Act.
11. The Digital Networks Act (DNA).
12. The Artificial Intelligence Act.
13. The Artificial Intelligence Liability Directive.
14. The European ePrivacy Regulation.
15. The European Media Freedom Act (EMFA).


- Closing remarks.



Become an Electronic Identification Authentication and Trust Services 2.0 Trained Professional (eIDAS2.0TPro)

This is a Distance Learning with Certificate of Completion program, provided by Cyber Risk GmbH. The General Terms and Conditions for all legal transactions made through the Cyber Risk GmbH websites (hereinafter “GTC”) can be found at: https://www.cyber-risk-gmbh.com/Impressum.html

Each Distance Learning with Certificate of Completion program (hereinafter referred to as “distance learning program”) is provided at a fixed price, that includes VAT. There is no additional cost, now or in the future, for any reason.

We will send the distance learning program via email up to 24 hours after the payment (working days). Please remember to check the spam folder of your email client too, as emails with attachments are often landed in the spam folder.

You have the option to ask for a full refund up to 60 days after the payment. If you do not want one of our distance learning programs for any reason, all you must do is to send us an email, and we will refund the payment, no questions asked.

Your payment will be received by Cyber Risk GmbH (Dammstrasse 16, 8810 Horgen, Switzerland, Handelsregister des Kantons Zürich, Firmennummer: CHE-244.099.341). Cyber Risk GmbH will also send the certificates of completion to all persons that will pass the exam.

The all-inclusive cost is 297 USD (US Dollars). There is no additional cost, now or in the future, for any reason.


First option: You can purchase the Electronic Identification Authentication and Trust Services 2.0 Trained Professional (eIDAS2.0TPro) program with VISA, MASTERCARD, AMEX, Apple Pay, Google Pay etc.

Purchase the eIDAS2.0TPro program here (VISA, MASTERCARD, AMEX, Apple Pay, Google Pay etc.)





Second option: QR code payment.

i. Open the camera app or the QR app on your phone.

ii. Scan the QR code and possibly wait for a few seconds.

iii. Click on the link that appears, open your browser, and make the payment.

eIDAS2.0TPro

Third option: You can purchase the Electronic Identification Authentication and Trust Services 2.0 Trained Professional (eIDAS2.0TPro) program with PayPal

When you click "PayPal" below, you will be redirected to the PayPal web site. If you prefer to pay with a card, you can click "Debit or Credit Card" that is also powered by PayPal.



What is included in the cost of the distance learning program:


A. The official presentations (981 slides).

The presentations are effective and appropriate to study online or offline. Busy professionals have full control over their own learning and are able to study at their own speed. They are able to move faster through areas of the course they feel comfortable with, but slower through those that they need a little more time on.


B. Up to 3 online exam attempts per year.

Candidates must pass only one exam. If they fail, they must study the official presentations and retake the exam. Candidates are entitled to 3 exam attempts every year.

If candidates do not achieve a passing score on the exam the first time, they can retake the exam a second time.

If they do not achieve a passing score the second time, they can retake the exam a third time.

If candidates do not achieve a passing score the third time, they must wait at least one year before retaking the exam. There is no additional cost for additional exam attempts. To learn more, you may visit: https://www.european-digital-identity-regulation.com/Distance_Learning_Programs_Exam_Certificate_of_Completion.pdf


C. The certificate of completion, with a scannable QR code for verification.

You will receive your certificate via email in Adobe Acrobat format (pdf), with a scannable QR code for verification, 7 business days after you pass the exam. A business day refers to any day in which normal business operations are conducted (in our case Monday through Friday), excluding weekends and public holidays.


Electronic Identification Authentication and Trust Services 2.0 Trained Professional (eIDAS2.0TPro)

D. Cyber Risk GmbH will develop a web page dedicated to each certified professional (https://www.cyber-risk-gmbh.com/Your_Name.htm).

When third parties scan the QR code on your certificate, they will visit this web page (https://www.cyber-risk-gmbh.com/Your_Name.htm), and they will be able to verify that you are a certified professional, and your certificates are valid and legitimate.

In this web page we will have your name, all the certificates you have received from us, and pictures of your certificates.

This is an example: https://www.cyber-risk-gmbh.com/Monika_Meier.html

You can print your certificate that you will receive in Adobe Acrobat format (pdf). With the scannable QR code, all third parties can verify the authenticity of each certificate in a matter of seconds. Professional certificates are some of the most frequently falsified documents. Employers and third parties need an easy, effective, and efficient way to check the authenticity of each certificate. QR code verification is a good response to this demand.



Frequently Asked Questions for the distance learning programs.


1. I want to know more about Cyber Risk GmbH.

Cyber Risk GmbH is a company incorporated in Switzerland.
Company number: CHE-244.099.341.
Cantonal Register of Commerce: Canton of Zürich.
Registered address: Dammstrasse 16, 8810 Horgen, Switzerland.
Swiss VAT number: CHE-244.099.341 MWST.
EU VAT number: EU276036462. Cyber Risk GmbH is registered for EU VAT purposes in Germany (Bundeszentralamt für Steuern, Verfahren One-Stop-Shop, Nicht EU-Regelung) for the sale of services in the EU. Cyber Risk GmbH declares and pays EU VAT in a single electronic quarterly return submitted to Germany, and the German Bundeszentralamt für Steuern forwards the EU VAT due to each member State of the EU.

The owner and general manager of Cyber Risk GmbH is George Lekatis, a well-known expert in risk management and compliance. George is also the general manager of Compliance LLC, incorporated in Wilmington, NC, and offices in Washington, DC. It is a provider of risk and compliance training and executive coaching in 57 countries.

Several business units of Compliance LLC are very successful associations that offer membership, weekly or monthly updates, training, certification, Authorized Certified Trainer (ACT) programs, and other services to their members.

The business units of Compliance LLC include:

- The Sarbanes-Oxley Compliance Professionals Association (SOXCPA), the largest Association of Sarbanes-Oxley professionals in the world. You may visit: https://www.sarbanes-oxley-association.com

- The Basel iii Compliance Professionals Association (BiiiCPA), the largest association of Basel iii Professionals in the world. You may visit: https://www.basel-iii-association.com

- The Solvency II Association, the largest association of Solvency II professionals in the world. You may visit: https://www.solvency-ii-association.com

- The International Association of Risk and Compliance Professionals (IARCP). You may visit: https://www.risk-compliance-association.com

The Certified Risk and Compliance Management Professional (CRCMP) program, from the IARCP, has become one of the most recognized certificates in risk management and compliance. There are CRCMPs in 57 countries. Companies and organizations around the world consider the CRCMP a preferred certificate.

You can find more about the demand for CRCMPs at: https://www.risk-compliance-association.com/CRCMP_Jobs_Careers.pdf


CRCMP careers


“Cyber Risk GmbH Training Programs” are training programs developed, updated and provided by Cyber Risk GmbH, and include:
a) In-House Instructor-Led Training programs,
b) Online Live Training programs,
c) Video-Recorded Training programs,
d) Distance Learning with Certificate of Completion programs.


“Cyber Risk GmbH websites” are all websites that belong to Cyber Risk GmbH, and include the following:


a. Sectors and Industries.

1. Cyber Risk GmbH

2. Social Engineering Training

3. Healthcare Cybersecurity

4. Airline Cybersecurity

5. Railway Cybersecurity

6. Maritime Cybersecurity

7. Oil Cybersecurity

8. Electricity Cybersecurity

9. Gas Cybersecurity

10. Hydrogen Cybersecurity

11. Transport Cybersecurity

12. Transport Cybersecurity Toolkit

13. Hotel Cybersecurity

14. Sanctions Risk

15. Travel Security


b. Understanding Cybersecurity.

1. What is Disinformation?

2. What is Steganography?

3. What is Cyberbiosecurity?

4. What is Synthetic Identity Fraud?

5. What is a Romance Scam?

6. What is Cyber Espionage?

7. What is Sexspionage?

8. What is the RESTRICT Act?


c. Understanding Cybersecurity in the European Union.

1. The NIS 2 Directive

2. The Digital Operational Resilience Act (DORA)

3. The Critical Entities Resilience Directive (CER)

4. The European Data Act

5. The European Data Governance Act (DGA)

6. The European Cyber Resilience Act (CRA)

7. The Digital Services Act (DSA)

8. The Digital Markets Act (DMA)

9. The European Chips Act

10. The Artificial Intelligence Act

11. The Artificial Intelligence Liability Directive

12. The Framework for Artificial Intelligence Cybersecurity Practices (FAICP)

13. The EU Cyber Solidarity Act

14. The Digital Networks Act (DNA)

15. The European ePrivacy Regulation

16. The European Digital Identity Regulation

17. The European Media Freedom Act (EMFA)

18. The Corporate Sustainability Due Diligence Directive (CSDDD)

19. The Systemic Cyber Incident Coordination Framework (EU-SCICF)

20. The European Health Data Space (EHDS)

21. The European Financial Data Space (EFDS)

22. The Financial Data Access (FiDA) Regulation

23. The Payment Services Directive 3 (PSD3), Payment Services Regulation (PSR)

24. The European Cyber Defence Policy

25. The Strategic Compass of the European Union

26. The European Space Law (EUSL)

27. The EU Cyber Diplomacy Toolbox



2. Is there any discount available for the distance learning programs?

We do not offer a discount for your first program. You have a $100 discount for your second and each additional program.

After you purchase the Electronic Identification Authentication and Trust Services 2.0 Trained Professional (eIDAS2.0TPro) program at $297, you can purchase:

a. The NIS 2 Directive Trained Professional (NIS2DTP) program at $197. You can find more about the program at: https://www.nis-2-directive.com/NIS_2_Directive_Trained_Professional_(NIS2DTP).html.

b. The Digital Operational Resilience Act Trained Professional (DORATPro) program at $197. You can find more about the program at: https://www.digital-operational-resilience-act.com/Digital_Operational_Resilience_Act_Trained_Professional_(DORATPro).html.

c. The Critical Entities Resilience Directive Trained Professional (CERDTPro) program at $197. You can find more about the program at: https://www.critical-entities-resilience-directive.com/Critical_Entities_Resilience_Directive_Trained_Professional_(CERDTPro).html.

d. The Digital Services Act Trained Professional (DiSeActTPro) program at $197. You can find more about the program at: https://www.eu-digital-services-act.com/DiSeActTPro_Training.html.

e. The Digital Markets Act Trained Professional (DiMaActTPro) program at $197. You can find more about the program at: https://www.eu-digital-markets-act.com/DiMaActTPro_Training.html.

f. The Data Governance Act Trained Professional (DatGovActTP) program at $197. You can find more about the program at: https://www.european-data-governance-act.com/DatGovActTP_Training.html.

g. The European Chips Act Trained Professional (EChipsActTPro) program at $197. You can find more about the program at: https://www.european-chips-act.com/European_Chips_Act_Trained_Professional_(EChipsActTPro).html .

h. The Data Act Trained Professional (DataActTPro) program at $197. You can find more about the program at: https://www.eu-data-act.com/Data_Act_Trained_Professional_(DataActTPro).html .

In order to receive the URL for the discounted cost for your second and each additional program, please send us an email with title: “Please send me the URL for the discounted cost.”

In the email, please let us know:

a. Which was the name and email address of the person or legal entity that had purchased the first program.

b. Which is the program you want to purchase now at $197 instead of $297.

You will receive the URL for the discounted cost for your second and each additional program in less than 48 hours (working days). Please remember to check your spam folder too.



3. Are there any entry requirements or prerequisites required for enrolling in the training programs?

There are no entry requirements or prerequisites for enrollment. Our programs give the opportunity to individuals of all levels to learn, grow, and develop new skills without the need for prior qualifications or specific experience.



4. I want to learn more about the exam.

You can take the exam online from your home or office, in all countries.

It is an open book exam. Risk and compliance management is something you must understand and learn, not memorize. You must acquire knowledge and skills, not commit something to memory.

You will be given 90 minutes to complete a 35-question exam. You must score 70% or higher.

The exam contains only questions that have been clearly answered in the official presentations.

All exam questions are multiple-choice, composed of two parts:

a. A stem (a question asked, or an incomplete statement to be completed).

b. Four possible responses.

In multiple-choice questions, you must not look for a correct answer, you must look for the best answer. Cross out all the answers you know are incorrect, then focus on the remaining ones. Which is the best answer? With this approach, you save time, and you greatly increase the likelihood of selecting the correct answer.

TIME LIMIT - This exam has a 90-minute time limit. You must complete this exam within this time limit, otherwise the result will be marked as an unsuccessful attempt.

BACK BUTTON - When taking this exam you are NOT permitted to move backwards to review/change prior answers. Your browser back button will refresh the current page instead of moving backward.

RESTART/RESUME – You CANNOT stop and then resume the exam. If you stop taking this exam by closing your browser, your answers will be lost, and the result will be marked as an unsuccessful attempt.

SKIP - You CANNOT skip answering questions while taking this exam. You must answer all the questions in the order the questions are presented.

When you are ready to take the exam, you must follow the steps described at "Question h. I am ready for the exam. What must I do?", at:

https://www.european-digital-identity-regulation.com/Distance_Learning_Programs_Exam_Certificate_of_Completion.pdf



5. How comprehensive are the presentations? Are they just bullet points?

The presentations are not bullet points. They are effective and appropriate to study online or offline.



6. Do I need to buy books to pass the exam?

No. If you study the presentations, you can pass the exam. All the exam questions are clearly answered in the presentations. If you fail the first time, you must study more. Print the presentations and use Post-it to attach notes, to know where to find the answer to a question.



7. Is it an open book exam? Why?

Yes, it is an open book exam. Risk and compliance management is something you must understand and learn, not memorize. You must acquire knowledge and skills, not commit something to memory.



8. Do I have to take the exam soon after receiving the presentations?

No. You can take the exam any time. Your account never expires. You have lifetime access to the training program. If there are any updates to the training material and you have not passed the exam, you will receive the updated program free of charge.



9. Do I have to spend more money in the future to keep my certificate of completion valid?

No. Your certificate of completion will remain valid, without the need to spend money or to take another exam in the future.



10. Ok, the certificate of completion never expires, but things change.

Recertification would be a great recurring revenue stream for Cyber Risk GmbH, but it would also be a recurring expense for our clients. We resisted the temptation to "introduce multiple recurring revenue streams to keep business flowing", as we were consulted. No recertification is needed for our programs.

Things change, and this is the reason you need to visit the "Reading Room" of Cyber Risk GmbH every month, and read the monthly newsletter with updates, alerts, and opportunities, to stay current. You may visit:

https://www.cyber-risk-gmbh.com/Reading_Room.html



11. Which is your refund policy?

Cyber Risk GmbH has a very clear refund policy: You have the option to ask for a full refund up to 60 days after the payment. If you do not want one of our programs for any reason, all you must do is to send us an email, and we will refund the payment after one business day, no questions asked.



12. I want to receive a printed certificate. Can you send me one?

Unfortunately this is not possible. You will receive your certificate via email in Adobe Acrobat format (pdf), with a scannable QR code for verification, 7 business days after you pass the exam. A business day refers to any day in which normal business operations are conducted (in our case Monday through Friday), excluding weekends and public holidays.

Cyber Risk GmbH will develop a dedicated web page for each professional (https://www.cyber-risk-gmbh.com/Your_Name.html). In your dedicated web page we will add your full name, all the certificates you have received from Cyber Risk GmbH, and the pictures of your certificates.

When third parties scan the QR code on your certificate, they will visit your dedicated web page, and they will be able to verify that you are a certified professional, and your certificates are valid and legitimate.

Professional certificates are some of the most frequently falsified documents. Employers and third parties need an easy, effective, and efficient way to check the authenticity of each certificate. QR code verification is a good response to this demand.

You can print your certificate that you will receive in Adobe Acrobat format. With the scannable QR code, all third parties can verify the authenticity of each certificate in a matter of seconds.



13. Why should I choose your training programs?

I. There are many new Directives and Regulations in the EU. Professionals are overwhelmed and have little time to spare. Cyber Risk GmbH has developed training programs that can assist them in understanding the new requirements, and in providing evidence that they are qualified, as they must pass an exam to receive their certificate of completion.

II. Our training programs are flexible and convenient. Learners can access the course material and take the exam at any time and from any location. This is especially important for those with busy schedules.

III. The all-inclusive cost of our programs is very low. There is no additional cost for each program, now or in the future, for any reason.

IV. If you purchase a second program, you have a $100 discount. The all-inclusive cost for your second (and each additional) program is $197.

V. There are 3 exam attempts per year that are included in the cost of each program, so you do not have to spend money again if you fail.

VI. No recertification is required. Your certificates of completion never expire.

VII. The marketplace is clearly demanding qualified professionals in risk and compliance management. Certified professionals enjoy industry recognition and have more and better job opportunities.

VIII. Firms and organizations hire and promote fit and proper professionals who can provide evidence that they are qualified. Employers need assurance that managers and employees have the knowledge and skills needed to mitigate risks and accept responsibility. Supervisors and auditors ask for independent evidence that the process owners are qualified, and that the controls can operate as designed, because the persons responsible for these controls have the necessary knowledge and experience.

IX. Professionals that gain more skills and qualifications often become eligible for higher-paying roles. Investing in training can have a direct positive impact on a manager's or employee's earning potential.


Cyber Risk GmbH, some of our clients