Semi­nar: IT Secu­ri­ty / Infor­ma­ti­on Secu­ri­ty on 13–14 Nov. 2017

AIR will host a semi­nar titled “IT Secu­ri­ty / Infor­ma­ti­on Secu­ri­ty” from Novem­ber 13–14, 2017 in Vien­na focu­sed from an audit perspective.

Semi­nar topic:

IT secu­ri­ty is very often unders­tood as tech­ni­cal mea­su­res that are inten­ded to sel­ec­tively address spe­ci­fic vul­nerabi­li­ties. From the audi­ting point of view, the­se mea­su­res are part of a super­or­di­na­te inter­nal con­trol sys­tem and must be desi­gned accor­din­gly. Start­ing from the legal frame­work, pos­si­ble solu­ti­ons are pre­sen­ted on the basis of con­cre­te case stu­dies from prac­ti­ce in order to redu­ce the exis­ting secu­ri­ty risks to an accep­ta­ble level and dis­cus­sed in the group.

In this semi­nar, par­ti­ci­pan­ts will learn about the requi­re­ments of IT secu­ri­ty or infor­ma­ti­on secu­ri­ty from the per­spec­ti­ve of audi­ting and pos­si­ble solu­ti­ons will be presented.

Tar­get group:

The semi­nar is inten­ded for employees of the audi­ting depart­ment, the IT depart­ment, but also for exe­cu­ti­ves and mana­ging direc­tors who want to be infor­med about the requi­re­ments. Howe­ver, it is also sui­ta­ble for can­di­da­tes of the CISA or CISM exam as a sup­ple­ment to the exam preparation.

No pri­or tech­ni­cal know­ledge is required.

From the IT Secu­ri­ty / Infor­ma­ti­on Secu­ri­ty Content :

• Initi­al situation
• Gene­ral conditions
• Task of the audit
• Requi­re­ments of the auditors
• Laws and regulations
• Risks and threats
• Infor­ma­ti­on Secu­ri­ty Manage­ment Sys­tems (ISMS)
• Gene­ral stan­dards (e.g. the ISO/IEC 27000 series of standards)
• Audit stan­dards (e.g. COBIT)
• Risk manage­ment
• Mea­su­res / Controls
• Sys­tem administration
• Sepa­ra­ti­on of functions
• User admi­nis­tra­ti­on
• Net­work security
• Ope­ra­ting sys­tem security
• Cli­ent / Server
• Social engi­nee­ring
• Email / Internet
• Pro­tec­tion against mali­cious soft­ware (virus protection)
• Log­ging / Traceability
• Back­up / Restore
• Phy­si­cal security
• Emer­gen­cy planning
• Secu­ri­ty of mobi­le devices (cell pho­ne, PDA, etc.)
• Chan­ge management
• Secu­ri­ty awareness
• Sys­tem deve­lo­p­ment (deve­lo­p­ment, test, production)
• Mobi­le devices (smart­phone, note­book, iPad, etc.)
• Social net­works (Face­book, XING, etc.)

The semi­nar lea­der is Man­fred Scholz. Ques­ti­ons about the semi­nar can be asked via the semi­nar orga­ni­zer or via our cont­act form.

More infor­ma­ti­on about the semi­nar and regis­tra­ti­on link:
http://www.internerevision.at/seminare/it-revision/seminar/it-security-informations-security-157/

Source: http://www.internerevision.at/