Cybersecurity Lecture Series Program Overview
As new information technologies and approaches emerge, associated business risks undergo minor to significant transformation, and, in many cases, have far-reaching consequences for the
organizations adopting such technologies and its stakeholders. Organizations are increasingly looking up to their Internal Auditors to provide independent assurance whether risks to the enterprise are managed well and advise thereon. With information technology becoming an inherent critical success factor for every business and the emerging threat landscape, there is significant urgency on internal auditors to equip themselves on IT audit essentials.
This webinar series is designed to help internal auditors looking to equip themselves with competencies and confidence to handle audit of IT controls and information security, and learn
about the emerging technologies and their underlying risks.
This lecture series focuses on contemporary IT audit approaches relevant to Internal Auditors and the processes underlying risk based IT audits.
The webinar series will also cover 9 key technologies and related risks and issues that seizes the attention of the IT Risk & Audit world:
IS Audit Approach & Methodologies – Aligned with international best practices in auditing, more specifically COSO® & COBIT® being highly recognized standards, approaches to Risk based internal audits, IT controls evaluations today, form a critical foundation to effectiveness and business risk alignment for internal audits from a Board and Audit Committee perspective. In todays’ scenario, an internal audit that does not encompass relevant IT audit strategies and testing presents with significant audit risks and with the audit objectives not being achieved effectively. IT controls evaluations by Internal auditors, though highly pertinent, involve knowledge and skills that are different from those used in traditional internal audits. Internal Auditors need to aware of not only the methods and techniques underlying planning, performance and integration of IT audits but also need to be update with the emerging technologies, the underlying benefits & risks and methodologies to evaluate relevant automated and IT dependent controls. This webinar series would highlight the step by step approach to performing IT Control evaluations by Internal Auditors.
IT Governance – IT is now no more merely one of the enablers, but a driver of business processes that presents a strategic value perspective as well as presents with key business risks. Hence IT is increasingly engaging the attention of the key management. Governance encompasses management oversight processes that ensure that IT is strategically aligned with business needs while balancing the associated risks thereof. Understanding and applying enterprise-based IT management and governance is essential to success of every enterprise that is dependent on IT today.
Project management – Businesses often experience adverse outcomes and stakeholder displeasure due to inadequate/ ineffective management project oversight and poor project management
processes over systems development and acquisition. Management are increasingly looking upon IT & Risk Professionals in assessing successful management of IT project management controls and practices is a critical success factor in ensuring investments in IT projects deliver promised benefits and on time.
IT Outsourcing, is increasingly becoming an accepted way of achieving cost-effective process objectives, with the increasing accent on organization’s need to focus on core competencies and
outsource supporting processes. In outsourcing, while the operational responsibilities may get delegated, the associated strategic risks and accountability to stakeholders cannot be passed on. IT &
Risk Professionals have a significant role in evaluating outsourcing decisions, underlying contractual obligations, performance measurement and providing independent assurance.
Cloud Computing, is gradually moving from a mere buzz to reality with cost-benefits propositions engaging the interest of more business organizations. While the benefits from putting your
organization onto the clouds is no doubt enticing, it comes with several hidden inherent risks that need careful attention. Moving critical applications onto the clouds are also challenging the
traditional internal audit paradigms and methodologies.
Smart mobility, is rapidly transforming business user end points and capabilities. The implications to the organization are profound, including potential risks such as loss of privacy, security, device loss and intellectual property. With B(ring) Y(our) O(wn) D(evice) forcing its way into enterprises, organizations are grappling with ways and means to managing the associated risks that are demolishing traditional business-personal use perimeters. Managing and Auditing associated risks while effectively administering mobility need well thought our game plans.
Data Analysis & Mining, is becoming a strategic business requirement with concepts of Big Data fast becoming a reality. Digging into enterprise data archives and data analysis is key to right decisions, enterprise agility, innovation and staying ahead of the growth curve. Besides Audit analysis can provide valuable insights into current & emerging business risks hidden in enterprise data and significantly increase audit effectiveness, hence a must-have strategic weapon in every auditor’s arsenal.
Social Media, rates amongst the rapidly adopted technologies in business since there is increasingly recognition of social media in business as a unique and highly effective communication medium. However, the issues with separating social media for private/individual from that for business purposes presents very high risks both from outsiders as well as employees. BYOD and mobility have enhanced the reach and risks from use of social media. Auditors need to draw up the right approach to auditing social media and help the managements in keeping the threats at bay.
Advanced Persistent Threats and targeted cyber-attacks are the latest and most lethal of the threats on the IT threat landscape. APTs involve very high level of sophisticated attacks where the
perpetrators work on achieving intended objectives using persisting but varied and several attack vectors. With the covert nature of APTs, organizations need to be equipped in detecting and
systematically dealing with and protecting from the impact of such threats.
Digital Forensics, deals with capabilities required for organizations to deal with bringing cyber criminals to book and involves investigation of cyber frauds, misuse of organization’s computer
resources by insiders, hack attacks on sensitive data, cyber espionage etc. The subject involves special aspects when dealing with cyber criminals, digital evidence and capabilities required thereof.
You will leave this webinar series with an understanding of:
Boundary Defense Mechanisms
Controlling Ports and Network Devices
SEIM Log Analysis
Administrative Control Breaches
Advanced Persistent Threats and targeted cyber attacks:
If you don’t already have an account click the button below to create your account.Create New Account