Information Security training focuses on topics of interest to Information Security Professionals. These topics include current trends in information security, risk and governance issues, and approaches to assist the information security professional interface with the audit/assurance function.
Assessing the Security of Your Application Development Shop (IS06)
This session is intended to provide auditors with the knowledge and tools to be able to assess critically the levels of security and risk inherent in a corporate software development shop.
Assessing Your Protection of Personal Identifiable Information Program (IS01)
In this course, we will discuss the: PII scope and definitions, State and Federal PII requirements, and Action plan for compliance.
Big Data: How to Control (Not Fight) It (IS21)
In this seminar, we will discuss what is Big Data, who is using it, and how does it differ from “small” data; the major control, compliance, and security issues associated with the technology; s framework for control and security over Big Data; and use of Big Data to enhance audit, compliance, and security.
Cloud Computing – Critical Security and Control Issues (IS04)
The Cloud model uses three models each having their own security, control, and operational concerns. This seminar addresses these issues and explores how to protect the enterprise assets.
Evaluating IT Security Management (AA05)
A good percentage of internal and external IT auditors’ scope relates to information security.
Managing Information Technology Risk (IS11)
In this seminar, we will discuss te principles of IT risk management, focusing not on theory but on HOW to do it.
Planning an IT Security Strategy (IS05)
IT security is now on the literal front line in the never-ending struggle to prevent data leakage and operational disruption.
Preparing for a Secure and Controlled IPv6 Implementation (IS08)
The IPv6 session will focus upon: major features of IPv6, conversion issues, security risks, and good practice policies and procedures.
Securing Mobile Assets and Applications (IS07)
This seminar addresses the business advantages of mobile computing as well as the emerging issues of how to control mobile devices, protect corporate assets and maintain compliance with relevant legislation and data privacy standards.
Threat Modeling: Finding Security Threats Before They Happen (IS10)
We will discuss: the major classes of threats, known by the acronym, STRIDE; building threat surfaces for applications and systems – in production or in development; data flow diagrams (DFDs) for documenting threat surfaces; and building a threat model