Internal Audit Training, IT Audit Training Courses, Information Security Training - CPE Interactive

Continuing Professional Education for Audit, Assurance, & Info Security

Course Description

CyberSecurity risks abound and are constantly in the forefront of today’s Information Technology (IT) systems management and internal audit concerns. Known but unmitigated vulnerabilities are among the highest CyberSecurity risks faced by many organizations – known vulnerabilities include: using software and/or hardware beyond the vendor’s support lifecycle, declining to implement security patches, or failing to execute security-specific system configuration guidance.

We will explore not only CyberSecurity management and human resources controls, but also a high-level conceptual look at the fundamentals of important technical CyberSecurity controls for protecting valuable information assets and associated resources in today’s highly complex and rapidly changing Cyber world.

In this seminar, we will cover:

  • What is CyberSecurity????…Building your CyberSecurity vocabulary
  • Understanding the many faces of CyberSecurity risks, methods to detect them…and what’s necessary to effectively report them to The Board
  • Organization and human resource factors that can increase CyberSecurity within the enterprise
  • Important laws, standards and frameworks relating to CyberSecurity and CyberAudit

Learning Objectives

  • Understand CyberSecurity terminology and associated risks
  • Gain familiarity with CyberSecurity regulatory requirements and best practices
  • How to develop an overall CyberSecurity audit program to effectively assess Cyber risks, including the critical human factor
  • How to gauge and effectively report CyberSecurity risks to The Board

Course Outline

Defining the CyberSecurity Landscape

  • Defining CyberSecurity
  • Digital Transformation and De-Perimeterization
  • Cloud Computing
  • Internet of Things (IoT), Operational Technology/SCADA
  • Shadow IT/Shadow Data
  • Remote access and mobile Device Security
  • Supply Chain Security
  • Blockchain/Bitcoin

Facing the Challenges of CyberSecurity Governance,
Risk, and Compliance

  • Defining CyberSecurity Strategy and Senior Leadership
  • Defining the Elements of Risk Management
  • Measuring CyberSecurity Risk: CyberSecurity Risk Frameworks
  • Notable CyberSecurity Risks, Incidents and…Lessons Learned
  • Existing, Emerging…and Expanding CyberSecurity Regulatory Compliance Targets

Planning Audits of CyberSecurity

  • CyberSecurity/Audit Frameworks
  • Tools and Techniques for Conducting CyberSecurity Audits
  • Corrective Actions…What to Fix First ???
  • Sources of Information and Tools

rap-up Summary

  • CyberSecurity Success Factors
  • Communicating to Senior Leadership
  • Sources of additional information

Additional Information

Who Should Attend
  • General Auditors and other Audit Management
  • IT Auditors, Operational Auditors, Internal Control Professionals
  • Information Security (CyberSecurity) Managers, Analysts, and Architects
  • Internal Control Specialists
  • IT Management, IT Architects
  • Compliance Officers
  • Data Privacy Officers
  • Consultants
Learning Level

Basic

Delivery

Group Live

Field

Auditing

Advanced Preparation

None

Recommended Prerequisites

A basic understanding of fundamental IT audit controls and terminology is assumed.

Session Duration

On Site: 1 day

CPE Credits: 9

Questions? Contact us

Phone: +1 (781) 784-4390
Email: fill out form below

    [recaptcha size:compact class:captcha]