The audit risk universe is expanding faster than in any time in recent memory. One particular area of explosion is regarding cybersecurity as exploits over the last several years have heightened the awareness of senior leaders and boards alike. Auditors need to be able to assess the effectiveness of an enterprises cybersecurity program. They need to understand what controls are needed, where the controls should be positioned and how to perform substantive tests to assess the controls reasonable effectiveness specifically related to cybersecurity.
During this seminar attendees will have the opportunity to conduct a mock cybersecurity program audit. By the end of the session attendees will be armed with knowledge of how to perform an assessment on a company's cybersecurity program and should become more valued members of their organization's cyber defense team.
Attendees will leave this session with audit and self-assessment checklists along with examples of various cybersecurity program artifacts.
This course is available on-site at your location, or offered through open enrollment 10/8/20 - 10/9/20.
- 1 Vulnerability Assessment, assessment components, conducting, evaluating, self assessment, audit.
- 2 Threat Analysis, assessment components, conducting, evaluating, self assessment, audit.
- 3 Cybersecurity Risk Assessment, assessment components, conducting, evaluating, self-assessment, audit.
- 4 Cybersecurity Program, assessment components, conducting, evaluating, self assessment, audit.
- 5 Conducting a Cybersecurity Audit Based on the Top 20 Controls Identified in CIS Critical Security Controls.
If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.