Index

Digital Academy

Advancements in digital and technology are reshaping the way we do business.

Equip your workforce with the necessary tools and mindsets to accelerate the impact of digital. Learn about cloud security, data analytics, cybersecurity and more with our industry practitioners.

Our programmes

To register for preferred course(s), please contact us.

Advanced data analytics
Cybersecurity awareness training
Cybersecurity drills
Data privacy awareness training (focus on GDPR, PDPD)
ISAE 3402/3000 (SOC 1/2) awareness training
ISO 27001 IT Risk Treatment and Security controls
Secure development for web applications (focus on OWASP)

Advanced data analytics

A training course with seven sessions, to cover intermediate and advanced knowledge regarding data analytics and data visualisation.

Objectives & Outcome

By the end of the course, participants will be able to:

Use Python to wrangle, analyse and visualise data
Understand and apply key statistical concepts to do predictive model projects

Agenda

Session 1: Overview of Python and Basic Code (4 hours)

Purpose: Introduction to the Python programming language, which is one of the most widely used tools for statistics and data science
Content: (1) Overview of Python and the Python IDE, (2) Installing and loading packages, (3) Working Directory, (4) Creating a project, (5) Basic code

Session 2: Data Wrangling (8 hours)

Purpose: It has been stated that up to 80% of data analysis is spent on the process of cleaning and preparing data. This session will guide learners through the data-wrangling process, along with giving a solid foundation of the basics of working with data
Content:

(1) Dealing with numbers:

+ Definition of Integer - Double

+ Generating sequences of non-random numbers, or of random numbers

+ Setting the seed, rounding numbers

(2) Dealing with strings: string basics, string manipulation

(3) Dealing with factors: creating, converting and inspecting, ordering level, revaluing level

(4) Dealing with dates:

+ Converting strings to dates

+ Creating date sequences

(5) Managing data frames, missing values, outlier values, import data and loading data

(6) Reshaping data:

+ Converting Long to Wide and vice versa

+ Splitting a single column into multiple columns and vice versa

(7) Transforming data: Select, Filter, Grouping, Performing statistic summary, Arrange, Join

(8) Report

(9) Exercise

Session 3: Data Visualisation (8 hours)

Purpose: This session shows learners how to create the most common types of graphics and then shows if the graphs meet the needs. Most of the recipes use the Matplotlib library, a powerful and flexible way to make graphs in Python
Content: (1) Layer & Grammar of Graphics, (2) Bar Graphs, (3) Line Graphs, (4) Scatter Graphs, (5) Summarised data distribution, (6) Annotation, (7) Axes, (8) Controlling the overall appearance of graphs, (9) Legend, (10) Facet, (11) Colour, (12) Advanced Graphs, (13) Exercise

Session 4: Statistical Learning Overview (4 hours)

Purpose: This session introduces learners to an overview of statistical learning, including assumptions and theories
Content: (1) Introduction about statistical learning: Trade-off between accuracy and model interpretability, (2) Assessing model accuracy: Bias - Variance trade-off, Measuring, (3) Linear Regression Theory and Exercise

Session 5: Logistic Regression (4 hours)

Purpose: This session shows learners how to apply Logistic Regression in the real world, and provides the concept of sampling data
Content: (1) Logistic Regression Theory and Exercise, (2) Resampling method: Cross-Validation & Bootstrap

Session 6: Tree-based method (8 hours)

Purpose: This session introduces learners how to apply tree-based methods to predict a target business model
Content: (1) Basics of Decision Trees, (2) Bagging, Random Forest, Boosting Theory and Exercise

Session 7: Unsupervised Learning (8 hours)

Purpose: This session introduces learners to understanding the concept of Unsupervised Learning and its application in banking
Content: (1) PCA, K-Mean and Hierarchical Clustering Theory and Exercise, (2) Market Basket Analysis Theory and Exercise, (3) RFM Analysis Theory and Exercise

Final Project Completion (4 hours)

Purpose: The final session for learners to handle a complete project
Content: Competition - Start a predictive modelling project from scratch

48 hours

Classroom / Virtual

Target audience

Intermediate to advanced data analysis learners (People working in data analysis teams at banking or financial services organisations)

Cybersecurity awareness training

Increased security is the obvious reason why all businesses, big or small, should have employees of all levels learn the importance of protecting themselves and the company from "human exploits" and cyber-attacks. Many compliance regulations such as ISO, HIPAA, PCI, SOX, GDPR, and even some local regulations require cybersecurity training for all employees.

Objectives

The course aims to raise awareness about information security, good information security practices, and related policy in order to help prevent unintentional compromises of sensitive information and computing systems.

Outcome

By the end of this course, attendees will:

Be confident in the decisions they make when creating new passwords, filtering through suspicious emails or browsing the internet.
Have raised awareness levels and the practical skills needed to better protect your business from the dangers of data breaches, network attacks and ransomware threats.

Agenda

Importance of security awareness
Avoiding social engineering
Using internet safely
Securing your devices

1/2 day

Classroom / Virtual

Target audience

IT Risk and Compliance team
Business managers/ End-users

Cybersecurity drills

It's crucial that executive and professionals throughout the organisation understand the scope of the cyber threats they face and possess the necessary knowledge to respond quickly and effectively. In the event of a cyber-attack, it's crucial that senior professionals respond quickly and confidently. This is only possible if you have an organised Incident Response Plan in place and everybody knows what they're supposed to do next to mitigate the impact of the attack. Cyber training drills can keep your company’s IT and security staff in shape. Cyber exercises can improve cyber fitness, reduce stress due to uncertainty, and build your cyber resilient capability.

Objectives

The course will:

Enable the participants to face Information & cybersecurity scenarios then to improve and establish readiness in dealing with the practiced threats.
Raise the organisation’s readiness and involvement level in the event of an information & cybersecurity attack and to test the familiarity of the participants with, and effectiveness of, the relevant ‘Incident Response’ processes.
Understand the key areas participants need to address in order to defend against and respond to information & cybersecurity incidents.
Empower the organisation to adjust and enhance decision making procedures and strategies in the context of challenging Information & cybersecurity dilemmas and scenarios.

Outcome

By the end of the course, attendees will be able to:

Effectively respond to Cyber Security attacks.
Identify key gaps in the current business and information & cybersecurity policies, standards, processes, and their implementation that may result in financial, data or reputational loss.

Agenda

Tailored scenarios of simulated attacks to the client's IT environments

1 day

Classroom

Target audience

IT Security team (Red team/Blue team)

Data privacy awareness training (focus on GDPR, PDPD)

Data privacy and data protection have become front-and-center issues around the world, as individuals demand more control of their personal information, and organisations face greater information security threats and risks. And with more people working remotely, it’s more critical than ever to ensure that employees understand the rules and guidelines for using and protecting data and avoiding costly data breaches. Information security focuses on keeping all kinds of nonpublic information and systems safe. The consequences for data breaches, mishandling personal information and violating data privacy laws are serious and can involve fines, damage to an organisation’s reputation and loss of customer trust.

Objectives

The course aims to teach:

Data privacy, with a focus on how personal information is collected and used.
How to apply privacy awareness best practices. Equip your employees with the right knowledge and skills to make data protection a default behavior.

Outcome

By the end of this course, attendees will:

Have broadened understanding of data privacy and the many rights and responsibilities it generates.
Know how to safely handle personal information.
Be able to support your organisation in fulfilling privacy obligations.

Agenda

Overview of GDPR and PDPD
GDPR and PDPD's detailed requirements
How to conduct GDPR and PDPD compliance audit

1 day

Classroom / Virtual

Target audience

IT Risk and Compliance team
Internal Audit team
Legal and Data protection team

ISAE 3402/3000 (SOC 1/2) awareness training

An ISAE 3402/3000 (SOC 1/2) audit report provides detailed information and assurance about a service organisation’s internal controls based on their compliance with the ISAE (International Standard on Assurance Engagements) standards.
SOC 1 audits, which relate to organisations’ ICFR (internal control over financial reporting), are conducted against the assurance standards ISAE 3402.
SOC 2 audits, which are essential in regulatory oversight, vendor management programmes, internal governance and risk management, are conducted against the assurance standards ISAE 3000. It focuses on security, availability, processing integrity, confidentiality and/or privacy controls.

Objectives

The course aims to provide:

Understanding of the differences between ISAE 3402 and 3000
Understanding of how an ISAE audit is performed
Understanding of how to prepare for an ISAE audit report

Outcome

By the end of the course, attendees will be able to:

Choose the proper types of ISAE audit
Understand all related internal controls in scope
Prepare an ISAE 3402/3000 audit report properly

Agenda

An overview of ISAE 3402/3000 (SOC 1/2) for IT Security risk assurance.
SOC 1, 2 readiness assessment health check for SOC (Type 1 and 2) audits.
SOC 1, 2, 3 – audit reporting overview.
SOC 1, 2 internal controls overview.

1 day

Classroom / Virtual

Target audience

IT Risk and Compliance team
IT/Business Operations team
IT Security team

ISO 27001 IT Risk Treatment and Security controls

This course will provide guidance on best practice for information security management to help you select, implement, and manage controls, policies, processes, procedures, and organisational structures’ roles and responsibilities.

Objectives

The course will:

Help individuals be familiar with the guidelines needed to initiate, implement, maintain, and improve information security management in an organisation.
Help select the controls needed for implementing an ISMS based on ISO/IEC 27001.

Outcome

By the end of the course, attendees will:

Be able to demonstrate comprehensive knowledge and the ability to assess information security risks based on a formal risk assessment approach and select appropriate risk treatment options by applying relevant controls.
Have the knowledge to implement information security controls based on ISO 27002
Understand the process of performing periodic risk assessments and selecting the appropriate risk treatment options to help an organisation improve its information security approach

Agenda

IT Security risk treatment options
IT Security controls

1 day

Classroom / Virtual

Target audience

IT Risk and Compliance team
ISO/ISMS team
IT Audit/Security team

Secure development for web applications (focus on OWASP)

Security on the web is becoming an increasingly important topic for organisations to grasp. Recent years have seen the emergence of the hacktivist movement, the increasing sophistication of online career criminals and now the very real threat posed by nation states compromising personal and corporate security. The Open Web Application Security Project gives us the OWASP Top 10 to help guide the secure development of online applications and defend against these threats.

Objectives

The course aims to:

Enable attendees to incorporate security into the software development life cycle. Move security into your design and build phases by identifying common insecure code issues and embracing the mindset of a security professional.
Teach understanding of your attackers and risks and mitigate issues at critical junctures in your code, including client, and server interactions.
Teach how to prevent unauthorised access and data leaks with authentication and cryptography.

Outcome

By the end of the course, attendees will be able to:

Describe each of the OWASP Top 10 risks and the common activities that might lead to the introduction of these vulnerabilities
Explain how the issues can be exploited, as well as the security vulnerabilities they create for both standard and emerging technologies
Understand how the OWASP top 10 threats may be mitigated

Agenda

Web application security
OWASP Top 10
Threat modelling and Risk management
Application mapping
Authentication and authorisation attacks
Session management attacks
Application logic attacks
Data Validation
AJAX attacks
Code review and security testing
Web app penetration testing
Secure SDLC
Cryptography

3 days

Classroom (including hands-on labs)

Target audience

IT Security team
IT Application Development/Software team
IT Risk and Compliance team

FAQs & Other insights

Keen to learn more about PwC's Academy? Click the button below to explore.

FAQs & Insights

Download our brochure

English

Vietnamese

Hide

Required fields are marked with an asterisk(*)

Full name*

Email address*

Mobile phone*

Location*

Are you requesting our Academy’s services for? *

Yourself

Your organisation

Organisation*

Select your function*

Select your level*

Add details about your inquiry*

Would you like to receive latest updates about

PwC Vietnam

PwC’s Academy Vietnam

Please click here*

By submitting your personal data to us, you acknowledge that you have read the Privacy Statement and that you consent to our processing in accordance with the Privacy Statement. If you change your mind at any time,you can send us an email message using the Contact Us page.

Get in touch

Dinh Thi Quynh Van

Chairwoman, PwC's Academy Leader, PwC Vietnam

Tel: +84 24 3946 2246

Tran Thu Huong

Senior Manager, PwC's Academy, PwC Vietnam

Tel: +84 24 3946 2246, ext. 4607

Le Ngoc Huy

Manager, PwC's Academy, PwC Vietnam

Tel: +84 28 3823 0796

Digital Academy

Our programmes

To register for preferred course(s), please contact us.

Secure development for web applications (focus on OWASP)

Objectives

Outcome

Agenda

Target audience

FAQs & Other insights

Download our brochure

We welcome your comments

Get in touch