Internal Audit Training, IT Audit Training Courses, Information Security Training - CPE Interactive

Continuing Professional Education for Audit, Assurance, & Info Security

Course Description

Information is the most valuable asset, the lifeblood, of any organization – private industry, government, non-profit. Data leakage through a myriad of Cyber-related conduits has become the number one security issue, regardless of an organization’s size, industry, or geographic location. Valuable data is leaking out in every direction, often totally undetected, until it’s too late, by the victimized organizations. Some Cyber leaks are accidental, others are overt and targeted. Key CyberSecurity risk assessment questions include:

  • What’s your data worth to your organization?
  • What is your data worth to someone else?
  • What are the legal implications if the security of proprietary or personal data is compromised?

We will heighten your awareness by pinpointing “A Dirty Baker’s Dozen”: 13 common CyberSecurity Leakage Exposures and How to Avoid Them.

Learning Objectives

  • Identifying and categorizing common avenues of Cyberdata leakage and associated risks
  • Lesson learned from reported examples of real Cyber attacks, leaks, and investigations
  • Defining essential CyberSecurity safeguards to reduce data leakage
  • Organizing IT Audit practices to evaluate information confidentiality and privacy

Course Outline

CyberData Leakage Risks and Compliance Targets

  • Identifying and categorizing common avenues of Cyberdata leakage and associated risks
  • Government and industry regulatory compliance requirements: HIPAA, PCI DSS, State Data Breach Laws, International Privacy Laws
  • Lesson learned from reported examples of real Cyber attacks, leaks, and investigations
  • Overview of “A Dirty Baker’s Dozen”: 13 common CyberSecurity leakage exposures
  • Summary of security safeguards commonly used to reduce data leakage

Enterprise CyberData Leakage Risks, Safeguards and Audit Procedures

  • Databases / Data Warehouses
  • Web Site / Applications
  • Outsourcing and Third-Party Access
  • Software Development and Test Data
  • Physical Security
  • Backup Media
  • Storage Media Disposal / Salvage / Repair
  • Wire and Wireless Networks

End User CyberData Leakage Risks, Safeguards, and Audit Procedures

  • Malware
  • Flat Files-How Many???
  • End-User Applications
  • Mobile Devices and Portable Media
  • E-mail / Messaging / Social Networking

Additional Information

Who Should Attend
  • IT Auditors
  • Internal Audit Management
  • Internal Audit Staff
  • Information Security Managers, Analysts, and Architects
  • IT Management
  • IT Architects
  • Consultants
Learning Level

Intermediate

Delivery

Group-Live

Field

Auditing

Recommended Prerequisites

Introduction to IT Auditing (AA01) or equivalent training. A basic understanding of IT audit controls and terminology is assumed.

    Session Duration

    Online: N/A

    On Site: 1 day

    CPE Credits: 8