Cybersecurity Audit SchoolACI Learning
Cybersecurity Audit School
All available course dates
Cybersecurity Audit School
Organizations needs to establish robust cybersecurity programs to: 1. Address risks to organizational infrastructure and data from cyberattacks through effective control design, establishment of protection measures, identification of warning signs, and investigative techniques. 2. Establish compliance with industry standards and regulatory requirements. Today’s auditor needs to know more than just the terms and concepts regarding cybersecurity. They need to understand what controls are needed, why they’re important, where the controls should be positioned, and how to perform substantive tests to assess the controls reasonable effectiveness specifically related to cybersecurity. In this class, will explore cybersecurity through a series of lecture segments and related scenarios based on actual events designed to reinforce the attendee’s knowledge of effective control design, execution, warning signs and investigative techniques. By the end of the session attendees will be armed with additional knowledge of how to implement and assess controls and how, as auditors, they can be a valued player in their organizations “Cyber Defense Team”.
Suitability - Who should attend?
Armed with motive and skill, hackers and internal bad actors continue to release more sophisticated exploits taking advantage of opportunities “weaknesses” in our environments. Tomorrow’s auditor needs to know more than just the terms and concepts regarding cybersecurity. They need to understand what controls are needed, where the controls should be positioned and how to perform substantive tests to assess the controls reasonable effectiveness specifically related to cybersecurity.
During this seminar attendees will explore cybersecurity through a series of lecture segments and related scenarios based on actual events designed to reinforce the attendee's knowledge of effective control design, execution, warning signs and investigative techniques.
By the end of the session attendees will be armed with additional knowledge of how to implement and assess controls and how, as auditors, they can be a valued player in their organization's cyber defense team”.
Outcome / Qualification etc.
Completion of this course is worth 24 CPE Credits
Training Course Content
- Cybersecurity Key Concepts
- Cybersecurity History and Breaches
- Types of Cyber Attacks — Human
- Types of Cyber Attacks — Technical
- Cybersecurity Frameworks, Standards
- NIST Frameworks and Standards
- Industry Frameworks (PCI, HIPAA, CIS CSC, ISO/IEC)
- Cybersecurity Oversight, Governance & Compliance
- Security Policies
- Security Risk Management Overview
- Threat Analysis
- Security Risk Management in Practice
- Asset Identification and Inventory
- Third-party / Service Provider Management
- Business Impact Assessment
- Configuration Management and Change Control
Cybersecurity Protection Techniques
- Defending Business Assets Overview
- Identity and access management
- Authentication and Authorization
- Vulnerability and Patch Management
- Security awareness
- Physical Security
- Personnel Security
- Computer Networking Fundamentals
- Network Defenses
- Network Security Access Controls
- EndPoint and System Security Configuration
- EndPoint and System Security Protection
- Application Security
- Cloud & Virtualization Security
Encryption, Digital Signatures and Data Protection
- Encryption Concepts
- Cryptographic Algorithms
- Encryption — Public Key Infrastructure
- Data Privacy Controls
- Securing Data
Event Detection, Incident Response and Recovery
- Logging, monitoring and alerting
- Incident Response (IR) Planning
- Incident Response (IR) Testing
- Digital Forensics
- Recovering Systems
- Business Continuity and Recovery
- The Auditor’s Role
- CISO’s Role
- Establishing Audit Scope
- Building the Audit Plan
- Cybersecurity evaluation methods
- Vulnerability Assessments, Scanning and Testing
- Penetration Testing
- Security Maturity Models
- Auditing using NIST frameworks
- Auditing other security frameworks, standards ISO
- Auditing PCI DSS
- Cybersecurity Auditing Examples
Audit Evidence and Reporting
- Collecting and Organizing Cybersecurity Evidence
- NIST Reporting Requirements
- Prioritizing Risks and Influencing decisions
- Course Summary and Conclusion
Provider: ACI Learning
At ACI Learning, we train leaders in Cybersecurity, Audit, and Information Technology. Whether you're starting your IT career, mastering your profession, or developing your team, we're with you every step of the way. We believe that training is not a...
Request information - obligation free
Customer Outreach Award
We believe that it should be easy for you to find and compare training courses.
Our Customer Outreach Award is presented to trusted providers who are excellent at responding to enquiries, making your search quicker, more efficient and easier, too.
Contact information for ACI Learning
Reviews by course attendees
Average rating 4.3Based on 6 reviews.
Find out more about this Cybersecurity Audit School course - simply fill out your details: