Internal Audit is the backbone of any organisation's governance and compliance check for led out policy, process and controls. With the advancement in social, mobile, analytics, cloud and IOT technologies and its adoption by enterprise, cybersecurity posture has become one of the cornerstone of an enterprise resilience to cybersecurity threats.
The preparedness for cybersecurity threats and hence organisation risk management capacity is proportionate to the threat, vulnerability, likelihood and impact. Organisation risk management strategy with respect to cybersecurity threats not only depend on tools and technology deployment but policy, process and controls framework as well.
As part of organisation cyber security threat management, every medium and large organisation, often, implements information security management system in line with ISO 27001 standard. These systems are a combination of cyber security policy, process, controls and guidelines. Once the cyber security management system, also called as, Information security management system(ISMS) is implemented, it needs to be regularly audited to validate the compliance and improvement based on new cyber threats. The audit ensures that organisation cyber security strategy is in tune with the laid down process and is it at par with current threat vectors.
Hence, Cyber security Audit is always a difficult task. The stakeholder management becomes critical. There should be constructive discussion with auditee and auditor. The discussions and follow through requires a typical characteristic to be depicted during a fruitful audit exercise.
This course explains the need for internal cybersecurity audit i.e. why, how and what is being done during audits. It explains the preparation phase, audit conducting phase and post audit phase of audit. The soft aspect of audit are as much important as the audit itself. The Do and Don't are very crisply highlighted that can be applied as a practice by the auditors.
At the end of the course, you will be the most sought after auditor by the different unit of organisation.
I am a digital transformation consultant in the area of Social, mobility, analytics, cloud and IoT. With 27 years of industry experience with large multinationals, I have been the enterprise architect with key focus on business and IT alignment. I have steered multi-million IT and telecom transformation projects in one of the top 5 global telecom company.
I have put those experience in the courses with related technology to solve business problems. With that in mind, the course has been designed to understand the basics and apply them in business domain. As a technology enthusiast, I have seen programmers and analyst goes over board to create technology solution to a business problem. My courses will teach students, how to apply right technology in business situation and decision making. My courses will evolve around Big data analytics, telecom, cyber security, IOT from a business perspective. As a student, I welcome you to go through the courses and ask question. You can always reach me at my email-id [email protected] or my handphone +91 9810411656.