Cybersecurity Audit Fundamentals

Perform Cybersecurity Audit | Information Security Audit | IT Audit

What you'll learn

How to conduct a Cybersecurity Audit

IT Audit process - Planning, Fieldwork, Reporting & Follow-Up

Cybersecurity & Information Security

Testing Operational and Technical Cybersecurity Controls

Cybersecurity Frameworks & Standards

IT Audit Certifications

Requirements

Laptop, Desktop required to view and participate in lessons

Enthusiastic about learning about Cybersecurity Audit and IT Audit process

No prior Audit Experience required

Knowledge of IT Audit beneficial but not required

This course does not require any prior knowledge or specific academic background

Description

The Cybersecurity Audit fundamental course is designed to equip students and professionals with the knowledge and skills needed to assess, audit, and ensure compliance with cybersecurity standards, regulations, and best practices. In today's evolving threat landscape, organizations need experts who can critically examine and validate their security measures to protect against data breaches and cyberattacks.What you will learn:Upon completion of this course, students will be able to:Conduct comprehensive cybersecurity audits to assess an organization's security posture.Test the design and operating effectiveness of cybersecurity controlsEnsure compliance with relevant regulations and industry standards.Identify security vulnerabilities, risks, and weaknesses within an organization's IT infrastructure.Develop effective audit reports and recommendations for improving cybersecurity.Prepare for certifications such as Certified Information Systems Auditor (CISA) and Certified Information Security Manager (CISM).Who is this course for:Students, IT Professionals, Starting or Changing career into ITStudents & professionals learning about Cybersecurity & IT AuditIT AuditorsIT Control TestersIT Security AnalystIT Compliance AnalystCyber Security AnalystInformation Security AnalystRisk AnalystIT professionalsCourse RequirementsThis course does not require any prior knowledge or specific academic background. However below are things needed for the best outcome from this course.Laptop, Desktop required to view and participate in lessonsEnthusiastic about learning about Cybersecurity Audit and IT Audit processKnowledge of IT Audit beneficial but not requiredNo prior Audit Experience requiredOther materials necessary for learning will be provided

Overview

Section 1: Introduction

Lecture 1 Introduction

Lecture 2 Understanding Information Security

Lecture 3 Understanding Cybersecurity

Lecture 4 Information Security vs Cybersecurity

Lecture 5 Information Security Principles

Lecture 6 Cybersecurity & Organizational Structure

Section 2: Cybersecurity Audit

Lecture 7 IT Audit Introduction

Lecture 8 Types of IT Audit

Lecture 9 Internal vs External Auditor

Lecture 10 Types of IT Audit II

Lecture 11 Introduction to Cybersecurity Audit

Lecture 12 Internal Audit Team - Roles & Responsibilities

Lecture 13 Performing Cybersecurity Audit

Lecture 14 IT Auditors & Cybersecurity Auditors Skillset

Section 3: IT Controls

Lecture 15 Understanding Controls

Lecture 16 Types of IT Controls

Lecture 17 Cybersecurity Controls

Lecture 18 Identifying Control Weakness

Lecture 19 Control Design

Lecture 20 Control Effectiveness

Lecture 21 Control Gap

Section 4: Cybersecurity Frameworks & Standards

Lecture 22 Cybersecurity Frameworks

Lecture 23 NIST Framework

Lecture 24 ISO 27001 Framework

Lecture 25 CIS Framework

Lecture 26 Internal Auditors & Frameworks

Lecture 27 HIPPA

Lecture 28 PCI DSS

Lecture 29 Frameworks & Standards

Section 5: Cybersecurity Audit Process

Lecture 30 Cybersecurity Audit Process

Lecture 31 Planning Phase

Lecture 32 Fieldwork Phase

Lecture 33 Reporting Phase

Lecture 34 Follow-Up Phase

Lecture 35 IT Audit Team

Section 6: Performing Cybersecurity Audit

Lecture 36 Planning

Lecture 37 Fieldwork

Lecture 38 Testing Technical Controls

Lecture 39 Identity & Access Management (IAM)

Lecture 40 Password Configuration Testing

Lecture 41 Access Provisioning Testing

Lecture 42 Access Deprovisioning Testing

Lecture 43 Privileged User Access Testing

Lecture 44 Segregation of Duties (SOD) Testing

Lecture 45 Data Integrity Testing

Lecture 46 Vulnerability Assessment Testing

Lecture 47 Patch Management Testing

Lecture 48 Firewalls & Intrusion Detection Testing

Lecture 49 Endpoint Testing

Lecture 50 Network Testing

Lecture 51 Business Continuity Plan Testing

Lecture 52 Change Management Testing

Lecture 53 Incident Management Testing

Lecture 54 Operational Controls

Lecture 55 Policies & Procedures Testing

Lecture 56 Risk Assessment & Management Testing

Lecture 57 Security Awareness Training Testing

Lecture 58 Vendor Management Testing

Lecture 59 Physical Access Testing

Lecture 60 Reporting Phase

Lecture 61 Cybersecurity Audit Testing Outcomes

Lecture 62 Reporting Test Results

Lecture 63 Reporting Control Deficiency

Lecture 64 Follow-Up Phase

Section 7: Next Steps

Lecture 65 Next Steps

Lecture 66 IT Audit Certifications

Lecture 67 Conclusion

Students, Professionals, Starting or Changing career into IT,Students & professionals learning about Cybersecurity & IT Audit,IT Auditors, IT Control Testers, IT Security Analyst, IT Compliance Analyst,Risk Analyst, Cyber Security Analyst, Information Security Analyst, IT professionals