Udemy
    •  
    •  
    •  
    •  
    •  
    •  
    •  
    •  
Subscribe
Turn what you know into an opportunity and reach millions around the world.
Learn More
Your cart is empty.
Keep shopping
Internal Cybersecurity Audit : Practitioner's Approach
Rating: 3.5 out of 5(44 ratings)
179 students

Internal Cybersecurity Audit : Practitioner's Approach

Consultative approach to internal cybersecurity audit - Prepare yourself to be a most admired and collaborative auditor
Created byRankOne Consulting
Last updated 6/2020
English

What you'll learn

  • At the end of course students will be able to gain the insight on conducting cyber security Audit professionally, importance of internal cyber security audit, Importance of ISMS process, policy and control.
  • The Ethical hackers or cyber security tester will be able to comprehend the importance of process, policy and controls that is required to be put in place enhance the security posture of organization
  • The students will demonstrate the consultative approach of cyber security approach instead of fault finding.
  • Quiz in the course will prepare the students to become a humble but firm cyber security auditor.
  • Also, students will get a checklist for design and implementation check of ISMS at the end of course

Course content

1 section7 lectures30m total length

  • What is Internal Audit?2:39

    A formal definition of Internal Audit and Why it is conducted.

  • What is cybersecurity ?6:11
  • What Happens & Expect In ISO/IEC 27001:2013 Audit6:31

    This chapter explains top level contours of ISO 27001:2013 audit which is essentially audit of information security policy,process and controls.  

  • Planning The cybersecurity audit4:04

    Because Cybersecurity encompasses information security, operational system security, premise security, this chapter includes  the essential ingredients of audit.

  • Conducting the cybersecurity audit2:07

    The focus is how to conduct internal cybersecurity audit. The contours of audit are explained not the WHATS. Most of the time security auditors forgot the vital essence of audit.

  • Post Cybersecurity Audit2:00

    This chapter highlights, what you as a consultant must do after audit.

  • Maintain best practices6:58

    This chapter discusses the best practices to be followed before, during and post audit. Also, it provides a sample audit checklist for the prospective information security auditors.

Requirements

  • This course requires students to have a basic knowledge about cyber security and typical organization structure
  • Anybody who wants to remain safe in cyber world

Description

Internal Audit is the backbone of any organisation's governance and compliance check for led out policy, process and controls. With the advancement in social, mobile, analytics, cloud and IOT technologies and its adoption by enterprise, cybersecurity posture has become one of the cornerstone of an enterprise resilience to cybersecurity threats. 

The preparedness for cybersecurity threats and hence organisation risk management capacity is proportionate to the threat, vulnerability, likelihood and impact. Organisation risk management strategy with respect to cybersecurity threats not only depend on tools and technology deployment but policy, process and controls framework as well.  

As part of organisation cyber security threat management, every medium and large organisation, often, implements information security management system in line with ISO 27001 standard. These systems are a combination of cyber security policy, process, controls and guidelines. Once the cyber security management system, also called as, Information security management system(ISMS) is implemented, it needs to be regularly audited to validate the compliance and improvement based on new cyber threats. The audit ensures that organisation cyber security strategy is in tune with the laid down process and is it at par with current threat vectors.

Hence, Cyber security Audit is always a difficult task. The stakeholder management becomes critical. There should be constructive discussion with auditee and auditor. The discussions and follow through requires a typical characteristic to be depicted during a fruitful audit exercise.

This course explains the need for internal cybersecurity audit i.e. why, how and what is being done during audits. It explains the preparation phase, audit conducting phase and post audit phase of audit. The soft aspect of audit are as much important as the audit itself. The Do and Don't are very crisply highlighted that can be applied as a practice by the auditors.

At the end of the course, you will be the most sought after auditor by the  different unit of organisation.

Who this course is for:

  • The target audience of this course is working professionals, ethical hackers, top management, HR profession who are involved in recruiting Security auditors.
  • The millennials will learn common practices to keep themselves secure in digital world

Report abuse