Tags
Language
Tags
June 2025
Su Mo Tu We Th Fr Sa
1 2 3 4 5 6 7
8 9 10 11 12 13 14
15 16 17 18 19 20 21
22 23 24 25 26 27 28
29 30 1 2 3 4 5
    Attention❗ To save your time, in order to download anything on this site, you must be registered 👉 HERE. If you do not have a registration yet, it is better to do it right away. ✌

    ( • )( • ) ( ͡⚆ ͜ʖ ͡⚆ ) (‿ˠ‿)
    SpicyMags.xyz

    How To Perform An Information Security Audit

    Posted By: ELK1nG
    How To Perform An Information Security Audit

    How To Perform An Information Security Audit
    Published 11/2022
    MP4 | Video: h264, 1280x720 | Audio: AAC, 44.1 KHz
    Language: English | Size: 5.64 GB | Duration: 7h 13m

    What you need to know to perform information security audits

    What you'll learn

    Understand how to properly plan engagements by determining their objectives, criteria and scope.

    Know how to create working papers to document an audit and learn about different ways to staff an audit.

    Learn how to collect engagement information and then analyze and evaluate it. Learn how to supervise engagements.

    Learn how to communicate engagement results and the process of acceptance of risks. Learn how to monitor progress on the implementation status of internal audit

    Know about which threats to information security should be assessed, including threats to the integrity of data, confidentiality and the availability of data.

    Be able to evaluate privacy risks, risks from smart devices, insider threats, illicit software threats and cybersecurity threats amongst others.

    Be able to evaluate risks by using the Asset-Threat-Vulnerability triangle.

    Know about the different types of information security controls, including IT general controls.

    Be able to put in place a solid governance over information security, such as by putting in place IT management and governance controls.

    Be able to implement the segregation of IT duties and IT departmentalization, an information security framework and cybersecurity governance and policies.

    Be able to apply the Three Lines of Defense Model in cybersecurity.

    Learn about controls such as identity access management and authentication, encryption and firewalls, data privacy and protection controls.

    Know about application and access controls, technical IT infrastructure controls, external connections controls and 3rd party information security controls.

    Requirements

    No prior experience or knowledge is required.

    Description

    We are glad to bring you a course to learn how to perform information security audits.This course is ideal for:IT and information security professionals who wish to learn techniques on how to assess the security of their information and the vulnerability of their information systems; and Auditors or others performing assessments who wish to learn more about performing information security audits.The course will give you the knowledge and tools necessary to perform information security audits, starting from how to plan them, how to perform and how to report on the results of the engagement. It will teach you about which threats to assess and which controls should be put in place.It is taught by Adrian Resag, an experienced and CISA certified information security auditor who has decades of experience evaluating information security, IT and ISO 27001 in many organizations.The course covers:Performing Information Security AuditsPlanning EngagementsUnderstand how to properly plan engagements by determining their objectives, criteria and scope. Know how to create working papers to document an audit and learn about different ways to staff an audit.Performing EngagementsLearn how to collect engagement information and then analyze and evaluate it. Learn how to supervise engagements.Communicating Progress and ResultsLearn how to communicate engagement results and the process of acceptance of risks. Learn how to monitor progress on the implementation status of internal audit recommendations.Information Security Threats and ControlsThreats to information securityKnow about which threats to information security should be assessed, including threats to the integrity of data, confidentiality and the availability of data.Be able to evaluate privacy risks, risks from smart devices, insider threats, illicit software threats and cybersecurity threats amongst others.Be able to evaluate risks by using the Asset-Threat-Vulnerability triangle.Controls over information securityKnow about the different types of information security controls, including IT general controls.Be able to put in place a solid governance over information security, such as by putting in place IT management and governance controls.Be able to implement the segregation of IT duties and IT departmentalization, an information security framework and cybersecurity governance and policies.Be able to apply the Three Lines of Defense Model in cybersecurity.Learn about controls such as identity access management and authentication, encryption and firewalls, data privacy and protection controls.Know about application and access controls, technical IT infrastructure controls, external connections controls and 3rd party information security controls.

    Overview

    Section 1: Information Security Threats and Controls

    Lecture 1 Information Security

    Lecture 2 Data Integrity, Confidentiality and Data Availability

    Lecture 3 IT General Controls

    Lecture 4 Segregation of IT Duties

    Lecture 5 Question on Segregation of IT Duties

    Lecture 6 Threats and Controls to Physical Security

    Lecture 7 Question on Threats and Controls to Physical Security

    Lecture 8 Question on Threats and Controls to Physical Security

    Lecture 9 Identity Access Management

    Lecture 10 Access and Authorization Controls - Risks

    Lecture 11 Identity Access Management - Activities

    Lecture 12 Authentication

    Lecture 13 IT Departmentalization

    Lecture 14 Question on IT Departmentalization 1

    Lecture 15 Question on IT Departmentalization 2

    Lecture 16 Types of Information Security Controls

    Lecture 17 Encryption

    Lecture 18 Firewalls

    Lecture 19 Data Privacy and Protection

    Lecture 20 Data Protection Framework

    Lecture 21 Question on Data Protection Framework

    Lecture 22 Smart Devices and Their Risks

    Lecture 23 Question on Smart Devices and Their Risks

    Lecture 24 Question on Data Protection Framework

    Lecture 25 Asset-Threat-Vulnerability Triangle

    Lecture 26 Cybersecurity Risks

    Lecture 27 Cybersecurity Threats

    Lecture 28 Question on Cybersecurity Threats 1

    Lecture 29 Question on Cybersecurity Threats 2

    Lecture 30 Question on Cybersecurity Threats 3

    Lecture 31 Question on Cybersecurity Threats 4

    Lecture 32 IT Management and Governance Controls Against Cybersecurity Threats

    Lecture 33 Application and Access Controls

    Lecture 34 Technical IT Infrastructure Controls

    Lecture 35 External Connections Controls

    Lecture 36 Verifying 3rd Party Information Security

    Lecture 37 Illicit Software Use

    Lecture 38 Insider Threat

    Lecture 39 Question on Insider Threat

    Lecture 40 Question on Data Privacy and Protection

    Lecture 41 Cybersecurity Governance and Policies

    Lecture 42 Information Security Framework

    Lecture 43 The Three Lines of Defense Model in Cybersecurity

    Lecture 44 Question on Cybersecurity Governance and Policies

    Section 2: Performing Information Security Audits

    Lecture 45 Engagement Planning

    Lecture 46 Engagement Scope

    Lecture 47 Engagement Objectives

    Lecture 48 Questions on Engagement Objectives

    Lecture 49 Coverage of Significant Risks

    Lecture 50 Questions on Coverage of Significant Risks

    Lecture 51 Engagement Work Programs

    Lecture 52 Questions on Engagement Work Programs

    Lecture 53 Workflow of an Engagement

    Lecture 54 Audit Techniques for Gathering Information

    Lecture 55 Walkthroughs

    Lecture 56 Questions on Walkthroughs

    Lecture 57 Interview Approaches and Skills

    Lecture 58 Process Maps and Benchmarking

    Lecture 59 Risk-Control Matrix

    Lecture 60 Building a Risk-Control Matrix

    Lecture 61 Engagement Supervision

    Lecture 62 Performance Appraisals

    Lecture 63 Supervision Best Practices

    Lecture 64 Reviewing Working Papers

    Lecture 65 Questions on Reviewing Working Papers

    Lecture 66 Communicating Engagement Results

    Lecture 67 Quality of Communications

    Lecture 68 Communicating Progress

    Lecture 69 Best Practices on Communicating Recommendations

    Lecture 70 Communicating Recommendations

    Lecture 71 Internal Audit Opinions

    Lecture 72 Questions on Internal Audit Opinions

    Lecture 73 Acceptance of Risk

    Lecture 74 Monitoring Progress

    Lecture 75 Questions on Monitoring Progress

    Current or future IT and information security professionals who wish to learn techniques on how to assess the security of their information and the vulnerability of their information systems.,Auditors or others performing assessments who wish to learn more about performing information security audits.