WEBINAR: Cybersecurity Audit and Risk Management

April 03-04, 2023, 11:00 AM - 6:00 PM, Central Daylight Time

Training Objectives

Upon completion of this course, a participant will be able to:

  • Define the strategic importance of cybersecurity to Enterprise Risk Management
  • Understand key frameworks and models for cybersecurity governance
  • Understand cyber risk as an enterprise-wide priority
  • Prepare for a cybersecurity audit
  • Perform a cybersecurity audit
  • Communicate cyber risk to the Board and other stakeholders
Register Now Download Brochure

Instructor of this course

Bernard Wanyama

CISA, CISM, CRISC, CGEIT
Founder & Managing Director of SYNTECH Associates Ltd
Instructor: Cyber Security, IT Audit, IT Risk Management
APMG Accredited Trainer for CISA & CISM Courses
Cyber Security Expert

More Detail

15.25 CPE Hours


Modern organizations of all sizes depend on digital assets in the form of information and technology to deliver value to their customers and stakeholders. Business leaders depend on audit and risk management professionals to manage cyber risk and provide assurance over these complex, inter-connected information systems and processes in highly dynamic environments.

This course will provide the strategic approach and knowledge necessary for Business, IT Audit and Risk Management professionals to understand and manage cyber risk and cyber security in an enterprise.

This course assumes a participant has prior knowledge of IT audit or IT risk foundational knowledge.

Participants who complete the course will get an opportunity to:

  • Frame the role of IT Governance, Audit and Risk Management in supporting enterprises and industries that are undergoing rapid change and digital transformation.
  • Understand IT Risk Management Principles.
  • Understand Cybersecurity audit and assurance standards, guidelines and frameworks
  • Understand the NIST Cyber Security Framework from an IT Audit perspective
  • Understand how to plan and perform a risk-based Cybersecurity audit
  • Discuss risk, audit and control issues around emerging technologies such as cloud computing, virtualization, robotic process automation, machine learning and artificial intelligence.
  • Review case studies of major cyber security breaches to learn lessons for audit and risk functions.
  • 15.25 CPE hours.

C-Level Executives:

  • Chief IT Auditors, Chief Risk Officers, Chief Audit Executives, etc.

Directors, Heads, Partners, Managers, Officers & coordinators of:

  • IT Audit
  • IT Risk
  • IT Security Audit
  • Audit
  • Risk
  • Cyber security & Information Security.
  • Privacy

 

  • Group discussions focused on real-world case studies
  • Online Quizzes
  • Individual assignments
  • Using brainstorming techniques, images, graphics and video clips for quality learning
  • Feedback discussion of the previous day activities

Course Fee $500/Participant

NOTE:

  • The condition applies. The group has to be from same facility/organization.
  • For any additional participant (s) beyond 5 in a group, contact Kevin at Kevin.McKinney@acsmb.co
  • In case of a group, each participant has to fill the registration form separately. However, payment can be made by one person for all. Besides the online payment option, the check or bank wire transfer will also do.The check can be mailed at 2715 E Cholla St., Phoenix, AZ 85028. For bank wire transfer details, contact Kevin at Kevin.McKinney@acsmb.co

WEBINAR: Cybersecurity Audit and Risk Management - Course Schedule

Day 1 - Monday 03 April, 2023
Opening Session (10:50 To 11:00)

Opening Remarks  & Introduction

Session One (11:00 To 13:00)

CYBERSECURITY OVERVIEW

  • Cybersecurity: Technology & Trends
  • The Cyber Threat Landscape
  • Defense-in-Depth & Layered Security
  • Cyber Resilience
Break & Quiz
Session Two (13:20 To 15:20 )

CYBERSECURITY GOVERNANCE

  • Overview of Cybersecurity governance
  • Cyber Risk as Strategic Risk
  • External Standards & Frameworks
  • The NIST Cyber Security Framework
  • Cybersecurity Policies and Procedures
Break & Quiz
Session Three (15:40 TO 17:10)

CYBERSECURITY OPERATIONS

  • Key Cybersecurity Risks
  • Critical Cybersecurity Controls
  • The IIA Three-Lines of Defense Model for Cybersecurity
  • Threat and Vulnerability management
  • Essential datacenter, cloud, firewall and network security technologies
  • Key Processes Set 1: asset, identity, configuration, change, and patch management
  • Key Processes Set 2: third party vendor management and software development lifecycle management
Quiz
End of Day Group Interactive Discussion

Take Home Assignment: Reviewing a Case Study of a Notable Cyber Breach

Day 2 - Tuesday 04 April, 2023
Session One (11:00 To 13:00)

THE AUDITOR’S ROLE IN CYBERSECURITY

  • Preparing for a Cybersecurity Audit Engagement
  • Practical Audit Exercise on Cybersecurity Governance
Break & Quiz
Session Two (13:20 To 14:50)

AUDITING CYBERSECURITY GOVERNANCE

  • Practical Audit Exercise on Cybersecurity Governance
Break
Session Three (15:10 TO 17:10)

AUDITING CYBERSECURITY OPERATIONS

  • Practical Audit Exercise on Cybersecurity Operations
  • Communicating the Cybersecurity Risk to the Board
Break
Session Four (17:30 TO 18:00)

COMMUNICATING CYBERSECURITY RISK TO THE BOARD– 30 MINS

Closing Remarks
Course Program
Time Topic
Day 1
10:50 TO 11:00Registration & Introduction
11:00 TO 01:00 Session One
11:00 TO 13:00 Quiz and Break
13:20 TO 15:20 Session Two
15:20 TO 15:40 Quiz and Break
15:40 TO 17:10 Session Three
17:10 TO 17:20 Quiz
17:20 TO 17:50 End of Day Group Interactive Discussion
Day 2
11:00 TO 01:00 Session One
13:00 TO 13:20 Quiz and Break
13:20 TO 14:50 Session Two
14:50 TO 15:10 Break
15:10 TO 17:10 Session Three
17:10 TO 17:30 Break
17:30 TO 18:00 Session Four
18:00 TO 18:10 Closing Remarks