The Institute for Internal Audit Austria offers the seminar “IT-Security / Information Security” from September 28 to 29, 2020 in Vienna. The seminar will be led by SEC4YOU managing director Manfred Scholz.
IT security is very often understood as technical measures that are intended to selectively eliminate certain vulnerabilities. From the point of view of auditing, these measures are part of a superordinate internal control system and must be designed accordingly. Based on the legal framework, possible solutions are presented and discussed in the group using concrete case studies from practice in order to reduce the existing security risks to an acceptable level. In this seminar, participants will learn about the requirements of IT security and information security from the perspective of auditing, and possible solutions will be presented.
The seminar is intended for employees of the auditing department, the IT department, but also for executives and managing directors who want to be informed about the requirements. However, it is also suitable for candidates of the CISA or CISM exam as a CIA supplement to the exam preparation.
Principles taught:
- Auditor requirements
- Laws and regulations
- Risks and threats
- Information Security Management Systems (ISMS)
- General standards (e.g. the ISO/IEC 27000 series of standards)
- Audit standards (e.g. COBIT)
- Risk management
- Measures / Controls
- System administration
- Separation of functions
- User administration
- Network security / Operating system security
- Client / Server
- social engineering
- Email / Internet
- Protection against malicious software (virus protection)
- Logging / Traceability
- Backup / Restore
- Physical security
- Emergency planning
- Security of mobile devices (cell phone, PDA, etc.)
- Change management
- Security awareness
- System development (development, test, production)
- Mobile devices (smartphone, notebook, iPad, etc.)
- Social networks (Facebook, XING, etc.)
- Cyber security
- Cloud computing
To the registration:
https://www.internerevision.at/seminare/it-revision/seminar/it-security-information-security-338/