Course Description:
The Cybersecurity Audit Certificate Program provides audit/assurance professionals with the knowledge needed to excel in cybersecurity audits. It provides security professionals with an understanding of the audit process, and IT risk professionals with an understanding of cyber-related risk and mitigating controls.
There are 75 Questions on the exam which must be completed in 2 hours. The exam is available online with remote proctoring.
The Cybersecurity Audit certificate is intended for:
Audit professionals to provide them with an improved understanding of cybersecurity, insight into the importance of auditing cybersecurity and a renewed appreciation of the integral role of cybersecurity professionals. The certificate is also applicable to cybersecurity professionals who would like to gain an understanding of the audit process and risk professionals looking to understand cybersecurity threats, risk and key attack vectors as well as cybersecurity risk assessments.
CPE Overview:
This certificate awards up to 1 hour of CPE for every 1 hour of instructor led training. Online review course earns 10 CPEs. There is no CPE requirement to maintain the certificate.
Course Duration:
Online Course: Approximately 8.5 hours
In Person Training or Virtual Instructor Led Training (VILT): 1-2 days
Course Topics:
Introduction / Cybersecurity and Audit’s Role
• Digital Asset Protection
• Lines of Defense
• Role of Audit
• Audit Objectives
• Audit Scope
Cybersecurity Governance
• Cybersecurity Roles and Responsibilities
• Security Frameworks
• Security Organization Goals & Objectives
• Cybersecurity Policy and Standards
• Cyber and Legal/ Regulatory Requirements
• Information Asset Classification
• Cybersecurity Insurance
• Cybersecurity Risk Assessment
• Cybersecurity Awareness Training & Education
• Social Media – Risk and Control
• Third-Party Assessment
• Service Providers
• Supply Chain Risk Management
• Performance Measurement
Cybersecurity Operations
• Concepts and Definitions
• Threat and Vulnerability Management
• Enterprise Identity and Access Management
• Configuration Management / Asset management
• Change Management
• Patch Management
• Network Security
• Build and Deploy/Secure Authorization Process for Information Technology
• Incident Management
• Client Endpoint Protection
• Application Security
• Data Backup and Recovery
• Security Compliance
• Cryptography
Cybersecurity Technology Topics
• Firewall and Network Security technologies
• Security Incident & Event Management (SIEM)
• Wireless Technology
• Cloud Computing
• Mobile Security
• Internet of Things (IoT)
• Virtualization Security
• Industrial Control Systems (ICS)