Internal Audit Training, IT Audit Training Courses, Information Security Training - CPE Interactive

Continuing Professional Education for Audit, Assurance, & Info Security

Course Description

As we introduce new information technologies or approaches, our risks change, and, in many cases, have unintended consequences. This session focuses on two issues that have raised the risk level, and a new one that is beginning to have a significant affect.

Cybercrime and Cybersecurity – A day doesn’t go by where there isn’t another news story of some company’s data being breached. Cybercrime is increasingly reaching staggering proportions and shows no sign letting up. What is behind the breaches? Whose doing it? Is there a solution?

The Virtual Infrastructure – Outsourcing, cloud and mobile computing is turning the IT infrastructure from a monolith into a mosaic. Understanding the digital transformation and its associated risks are fundamental to the infosec/internal audit universe.

The Internet of Things – Automating daily life is occurring because we have the technology to do so. How to implement these “conveniences” without impacting security and privacy is the challenge. The audit and security community needs to be proactive to ensure essential controls are addressed before the technology becomes a runaway train.

Learning Objectives:

  • An understanding of the scope of these issues
  • A basis for assigning assurance risk
  • A strategy for incorporating these issues into your audit universe

Course Outline


  • Framing the problem
  • Defining cybercrime
  • Categorizing the cybercrime toolkit
  • Where is the law – limiting the Wild Wild Digital West
  • Understanding the data underbelly
  • What does a war on cybercrime look like
  • Analysis of the Sony Hack

Virtualizing the Infrastructure

  • Defining virtualization in the broader term
  • Cloud computing
    • Review of cloud computing terminology
    • Benefits of the Cloud
    • Implementation constraints
    • Cloud risks
    • Cloud control framework
  • Mobile computing
    • Identifying mobile data assets
    • Business drivers
    • BYOD: The Good, the Bad, and the Ugly
    • BYOA: A is for Applications
    • A Control approach

The Internet of Things (IoT)

  • Understanding the scope of IoT
  • Where are we in its implementation
  • Impact on security, privacy – and the World We Know

Additional Information

Who Should Attend
  • Internal audit directors, managers and supervisors
  • IT audit management and staff
  • Internal control professionals
Learning Level






Advanced Preparation


Recommended Prerequisites


Session Duration

Online: N/A

On Site: 1 day

CPE Credits: 8