About the course
In this 3-day training you will learn how to excel in performing a Cyber Security Audit and you will be prepared for the official ISACA Cybersecurity Audit Certificate exam.
Cyber Security Audit – mode of study
Option 1: 3-day training (plus preparation for the ISACA official Cybersecurity Audit Certificate): in-class and/or live online
Option 2: In-company training
Cyber Security Audit – crucial for all organizations!
With the growing number of cyber threats, it is crucial for every organization to include cyber security in the audit plan. Auditors are increasingly being required to audit cyber security processes, policies and tools to provide assurance that their enterprise has taken the appropriate controls. Vulnerabilities in cyber security can pose serious risks for the entire organization, making the need for IT auditors well-versed in cyber security audit greater than ever.
This 3-day Cyber Security Audit training and certification provide audit/assurance professionals with the knowledge needed to excel in cyber security audits. It provides security professionals with an understanding of the audit process, and risk professionals with an understanding of cyber-related risks and mitigating controls. You will be well-prepared to take ISACA's new Cybersecurity Audit Certificate exam.
What will you learn in this Cyber Security Audit training and certification program?
In this 3-day training and certification program you will learn to:
- Understand security frameworks to identify best practices
- Define threat and vulnerability management
- Assess threats with the help of vulnerability management tools
- Build and deploy secure authorization processes
- Explain all aspects of cyber security governance
- Distinguish between firewall and network security technologies
- Enhance asset, configuration, change, and patch management practices
- Manage enterprise identity and information access
- Identify application security controls
- Identify cyber and legal regulatory requirements to aid in compliance assessments
- Identify weaknesses in cloud strategies and controls
- Perform cyber security and third-party risk assessments
- Identify the benefits and risks of containerization
Official ISACA study material
All course attendees will receive ISACA's official Cybersecurity Audit Certificate Study Guide. This handy guide introduces you to cyber security and the auditor's role, cyber security governance, and cyber security operations. The guide includes case studies for a deeper dive into specific technology topics and appendices offering specific cyber security audit guidance, frameworks, controls, and testing steps. You will also receive sample test questions and a voucher for the ISACA Cybersecurity Audit Certificate.
About ISACA – Information Systems Audit and Control Association
ISACA is a global professional association focused on IT governance, IT auditing, information security, and risk management of automation. ISACA currently serves more than 140,000 members and professionals holding an ISACA certification in more than 180 countries worldwide. ISACA has more than 220 chapters established in over 80 countries.
CISA certification is world-renowned as the standard of achievement for those who audit, control, monitor, and assess an organization's IT and business systems. The new Cybersecurity Audit Certificate is an ideal complement to the CISA certification, or to one of ISACA's 4 other leading certifications: CISM, CRISC, CGEIT, and Cybersecurity (CSX).
Prerequisites for the Cyber Security Audit training (and certification)
There are no prerequisites for the Cyber Security Audit training and certification, however a basic understanding of cyber security concepts and some (audit) experience within the industry is recommended. For a better understanding of cyber security audit concepts we recommend you to take the Cybersecurity (CSX) Fundamentals training and certification first before joining the Cyber Security Audit training and certification.
About the ISACA Cybersecurity Audit Certificate exam
The ISACA Cybersecurity Audit Certificate exam is an online, closed-book, remotely proctored exam. The exam covers 4 domains and includes a total of 75 questions. The number of questions in each domain is based upon the domain's assigned weight. Exam candidates will be given 2 hours to complete the multiple-choice exam. A minimum score of 65% or higher is required to pass the exam. The Cybersecurity Audit Certificate domains are:
- Cyber Security Technology – topics
- Cyber Security – the role of an audit
- Cyber Security Governance
- Cyber Security Operations
Individuals holding an ISACA certification may claim 2 CPE credits for each training hour when a passing score is achieved.
This 3-day Cyber Security Audit training will be lectured in English. The official ISACA Study Guide and Cybersecurity Audit Certificate exam are also in English.
Level of the Cyber Security Audit training
This Cyber Security Audit training will be held on a Bachelor level.
Who should be interested in this new Cyber Security Audit training and certification?
This new Cyber Security Audit training and certification are a must for all IT auditors, internal auditors, GRC professionals, IT professionals, (cyber) security managers, risk managers, and many other professionals.
Cyber Security Audit – program
In 3-days time, the following subjects will be lectured:
Cyber Security Audit – introduction
- Digital Asset Protection
- Lines of Defense
- Role of Audit
- Audit Objectives
- Audit Scope
Cyber Security Governance
- Cyber Security Roles and Responsibilities
- Security Frameworks
- Security Organization Goals and Objectives
- Cyber Security Policy and Standards
- Cyber and Legal/Regulatory Requirements
- Information Asset Classification
- Cyber Security Insurance
- Cyber Security Risk Assessment
- Cyber Security Awareness training and education
- Social Media - Risk and Control
- Third-Party Assessment
- Service Providers
- Supply Chain Risk Management (SCRM)
- Performance Measurement
Cyber Security Operations
- Concepts and Definitions
- Threat and Vulnerability Management
- Enterprise Identity and Access Management (IAM)
- Configuration Management / Asset Management
- Change Management
- Patch Management
- Network Security
- Build and Deploy/Secure Authorization Process for IT
- Incident Management
- Client Endpoint Protection
- Application Security
- Data Backup and Recovery
- Security Compliance
Cyber Security Technology – topics
- Firewall and Network Security Technologies
- Security Incident & Event Management (SIEM)
- Wireless Technology
- Cloud Computing
- Mobile Security
- Internet of Things (IoT)
- Virtualization Security
- Industrial Control Systems (ICS)