An intensive professional development training course on
Auditing a
Cybersecurity Programme
Assess and Improve the Readiness of your Cybersecurity
Why Choose this Training Course?
Today, the security risks that should be audited is dramatically increasing. To avoid the data breaches that executives are so afraid of, auditors must have the ability to assess the effectiveness of a company’s cybersecurity program. To do this they must know what controls are required, how these should be set up, and how to perform tests to evaluate the effectiveness of these controls.
Participants will conduct many exercises which have been created to reinforce and establish their knowledge of designing and executing effective secuirty solutions. This Auditing a Cybersecurity Programme training course will arm participants with the knowledge and skills needed to perform cyber assessments and ready to become an even more valuable member of their organizations cyber defense team.
This training course will feature:
- Simulations of a real cybersecurity program audit
- Cybersecuirty auditing tips
- Cyber risk assessments
- Threat analysis
- Case studies of Cybersecurity breaches and its consequences
What are the Goals?
By the end of this training course, delegates will be able to:
- Perform risk analysis of IT security breaches
- Get acquainted with ISO 27001 and COBIT5
- Acquire the knowledge of Information Security Management
- Understand the approach for incident response, Crisis Management and Disaster Recovery
Who is this Training Course for?
This AZTech training course is suitable for many professionals but will greatly benefit:
- Auditors
- IT professionals who are interested in conducting cybersecurity audits, risk assessments, vulnerability and threat analysis or control self-assessments
How will this Training Course be Presented?
This AZTech training course will utilise a variety of proven adult learning techniques to ensure maximum understanding, comprehension and retention of the information presented. This includes theoretical presentation of the concepts, but the emphasis will be on the exercises performed by the delegates with the guidance of the instructor, when it comes to the performance of Risk Assessments and Risk Management. The delegates will be “learning by doing” as the training course is designed around the project of preparing and executing Cybersecurity audit. Delivery will be by presentation, group syndicate exercises, training e-manual and interactive seminars, video presentations and active use of software, as well as group discussion on the results of the exercises. The delegates will also use free software for risk management as well as for auditing.
The Course Content
Day One: Introduction to Cybersecurity
- Vulnerability assessment
- Threat analysis
- Cybersecurity risk assessment
- Cybersecurity program
- Cybersecurity risk auditing
Day Two: Inventory Security Management
- Inventory authorized and unauthorized devices
- Inventory authorized and unauthorized software
- Secure configurations
- Continuous vulnerability assessment and remediation
- Control use of administrative privileges
- Maintenance, monitoring and analysis of audit logs
Day Three: Network Security Management
- Email and web browser protection
- Malware defenses
- Security configurations for network devices
- Wireless access control
- Limitation and control of network ports, protocols and services
Day Four: Data Security Management
- Data protection
- Controlled data access based on need to know
- Data recovery capability
- Boundary defenses
- Account monitoring and control
- Security skills assessment and training
Day Five: Security Incident Management
- Application software security
- Cybersecurity Incidents
- Incident response management
- Penetration tests
- Red team exercises
The Certificate
- AZTech Certificate of Completion for delegates who attend and complete the training course
