Category : Cyber Security

Security Analyst - InfoSec audits preparedness

Start Date : June 17, 2021
Course Duration : 45 Hours
Course Type : Self paced
Course Validity : 180 days
15000
Description

This Course is Aligned to Competency Standards developed by SSC NASSCOM in collaboration with Industry and approved by Government

Infosec audits will help protect critical data, identify security loopholes, create new security policies and track the effectiveness of security strategies. Regular audits can help ensure employees stick to security practices and can catch new vulnerabilities and also it will help you to identify weak spots and vulnerabilities in your IT infrastructure.

Course Description

InfoSec audit preparedness is about supporting functional teams to prepare for and undergo information security audits carried out by internal or external auditors.


Prerequisites

  • Audit planning & preparation.
  • Establishing audit objectives.
  • Performing the review.
  • Issuing the review report.
  • Network vulnerabilities.

Controls.

  • Encryption and IT audit.
  • Logical security audit
  • Probely, Wireshark, Metasploit, Wireshark, nmap, Kali Linux, Maltego, FOCA, Burp, W3af


Course Outline

  • To establish the nature and scope of information security audits and your role and responsibilities in preparing for them.
  • To identify the procedures/guidelines/checklists that will be used for information security audits.
  • To identify the requirements of information security audits and prepare for audits in advance.
  • To liaise with appropriate people to gather data/information required for information security audits.
  • To organize data/information required for information security audits using standard templates and tools.
  • To provide immediate support to auditors to carry out audit tasks.
  • To participate in audit reviews, as required.
  • To comply with you organization’s policies, standards, procedures, guidelines and checklists when supporting teams to prepare for and undergo information security audits.


Learning Objectives

  • Determines the Current Security Posture.
  • Determines the need for Change in Policies and Standards.
  • Protect IT System & Infrastructure against Attacks.
  • Evaluates the Security of Data Flow.
  • Verifies Compliance.
  • Keeps Security Measures Updated.
  • Formulate New Security Policies & Procedures.
  • Effectiveness of Security Training & Awareness.
  • Incident Response Management.
  • Compliment Infrastructure with IT Security.


Target Audience

Information security professional, IT Auditor,Information Security Officer, IT Manager, Risk Officer, Internal Auditor, Directors, and Executives looking to improve processes for IT Auditing 


Keywords

Scope of internal audit, Information security audit-ISA, Accounting and Auditing, Audit Evidence, Information security controls, Information security management system(ISMS), ISO27001 Audit Techniques, IT Audit requirements, Security policy, Audit Roadmap, Audit Methods, Risk Analysis, Auditing Principles, PDCA, Compliance requirements

Course Duration (in Hours): 45

Announcements
Theory 1: Nature of Information Security Audits
Quiz: Nature of Information Security Audits
Lab 01 - Nature and scope of IS audit
Theory 2: Information Security Audit Guidelines
Quiz: Information Security Audit Guidelines
Lab 02 - IS audit procedures
Theory 3: Information Security Audit Preparation
Quiz: Information Security Audit Preparation
Lab 03 - IS audit requirements
Theory 4: IS Audit standard templates and tools
Quiz: IS Audit standard templates and tools
Lab 04 - Data collection in IS audit
Theory 5: Supporting auditors to carry out audit tasks
Quiz: Supporting auditors to carry out audit tasks
Lab 05 - Implementing IS audit with risk assessment
Theory 6: Audit review participation
Quiz: Audit review participation
Lab 06 - Roles and responsibilities on IS audit
Theory 7: IS compliance with organization’s policies, standards, procedures, guidelines and checklists
Quiz: IS compliance with organization’s policies, standards, procedures, guidelines and checklists
Lab 07 - Audit review techniques
Lab 08 - IS audit standard and guidelines
Infosec Audit Preparedness