Assessing A Cyber Program - ITG251WEB

Assessing A Cyber Program - ITG251WEB

Assessing A Cyber Program - ITG251WEB
ENROLL IN THIS COURSE

Upcoming Dates & Locations

Virtual
May 11th, 2021

Assessing A Cyber Program - ITG251WEB

Overview

This course covers how to design, maintain and assess the effectiveness of cybersecurity programs, what controls are needed, where the controls should be positioned, and how to perform substantive tests to assess the controls’ reasonable effectiveness.


Who Should Attend

Financial, operational, business applications, IT and external auditors; quality assurance personnel; audit managers and directors; and systems analysts.

Prerequisites

  • None

What You’ll Learn

You will learn how to conduct and evaluate vulnerability assessments and cybersecurity programs.


Objectives

Vulnerability Assessment:

  • Assessment Components
  • Conducting
  • Evaluating Self Assessment Audit

Threat Analysis:

  • Assessment Components
  • Conducting
  • Evaluating Self-assessment Audit
  • SUB_OBJECTIVE_1
  • SUB_OBJECTIVE_1

Cybersecurity Risk Assessment:

  • Assessment Components
  • Conducting
  • Evaluating Self-assessment Audit

Cybersecurity Program:

  • Assessment Components
  • Conducting
  • Evaluating Self-assessment Audit

Conducting A Cybersecurity Program Assessment based on the Top 20 Controls Identified in CIS Critical Security Controls V7

  • Inventory Authorized and Unauthorized Devices
  • Inventory Authorized and Unauthorized Software
  • Secure Configurations
  • Continuous Vulnerability Assessment and Remediation
  • Control Use of Administrative Privileges
  • Maintenance, Monitoring and Analysis of Audit Logs
  • Email and Web Browser Protection
  • Malware Defenses
  • Limitation and Control of Network Ports, Protocols and Services
  • Data Recovery Capability
  • Security Configurations for Network Devices
  • Boundary Defenses
  • Data Protection
  • Controlled Access Based on Need to Know
  • Wireless Access Control
  • Account Monitoring and Control
  • Security Skills Assessment and Training
  • Application Software Security
  • Incident Response and Management
  • Penetration Test and Red Team Exercises

Why You Should Attend

You should attend because cybersecurity risks have increased substantially and the IIA has issued advisories stating that all internal auditors must have sufficient knowledge of key information technology risks and controls.

ACI Learning is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.nasbaregistry.org.

ENROLL IN THIS COURSE