Internal Audit Training, IT Audit Training Courses, Information Security Training - CPE Interactive

Continuing Professional Education for Audit, Assurance, & Info Security

Course Description

Mobile devices are an essential, exciting and often productivity enhancing way of life for many individuals. Apple iOS and Android based devices, taking the form of smart phones and tablets, are everywhere you look. Notebook computers are getting thinner and lighter, but also more powerful. Portable removable storage is rapidly expanding in capacity and dramatically dropping in price per byte of storage. Increasing pressure is being placed on enterprise management to allow and support a wide array of mobile communications, computing, and storage devices in the modern workplace.

Heated debates are raging over whether Bring Your Own Device (BYOD) is acceptable in the workplace, both inside and outside of the office. These inexpensive and highly powerful information and communications technologies have also unfortunately spawned many serious risks to organizations and individuals, ranging from unauthorized network connections to theft and serious data leakage.

In this hard hitting and timely workshop, we will take a top down approach in covering risks and policies requirements down to practical safeguard alternatives and audit procedures for mobile computing applications.

Learning Objectives

  • Understanding mobile applications risks
  • Identify key controls in mobile applications
  • Address policy requirements
  • Understand how mobile applications fit into the corporate data and security infrastructure

Bonus: You will receive the ISACA Mobile Computing Security Audit/Assurance Program for COBIT 4.1

Course Outline

Risk analysis of mobile computing and remote access applications

  • On the road
  • In the office

Identifying key control points and Cybersecurity safeguards for mobile computing applications
Important policy considerations of mobile applications

  • BYOD
  • Network connection
  • Data classification and protection
  • Enterprise Mobility Management (EMM)
  • End-point Security
  • Public Key Infrastructure (PKI)

Tool and techniques for managing and securing

  • Notebooks
  • Netbooks
  • Tablets
  • Smart phones
  • Removable storage
  • Other mobile technology

Remote access and wireless security for mobile devices

  • User authentication
  • Session encryption
  • Host application security

Audit procedures for testing mobile computing and remote access applications
Turning the tables: Creative ways to use mobile devices as audit platforms

Additional Information

Who Should Attend
  • IT Auditors
  • Operational Auditors
  • Internal Control Professionals
  • Informaton Security Professionals
  • Risk Professionals
Level

Intermediate

Delivery

Group Live

Field

Auditing

Advanced Preparation
None

Recommended Prerequisites

Planning and Performing an IT General Controls Review or equivalent training. A basic understanding of IT, Information Security, and Audit terminology is assumed.

Session Duration

Online:

On Site: 1 day

CPE Credits: 8