AIR will host a semi­nar titled “IT Secu­ri­ty / Infor­ma­ti­on Secu­ri­ty” from Novem­ber 13–14, 2017 in Vien­na focu­sed from an audit perspective.

Semi­nar topic:

IT secu­ri­ty is very often unders­tood as tech­ni­cal mea­su­res that are inten­ded to sel­ec­tively address spe­ci­fic vul­nerabi­li­ties. From the audi­ting point of view, the­se mea­su­res are part of a super­or­di­na­te inter­nal con­trol sys­tem and must be desi­gned accor­din­gly. Start­ing from the legal frame­work, pos­si­ble solu­ti­ons are pre­sen­ted on the basis of con­cre­te case stu­dies from prac­ti­ce in order to redu­ce the exis­ting secu­ri­ty risks to an accep­ta­ble level and dis­cus­sed in the group.

In this semi­nar, par­ti­ci­pan­ts will learn about the requi­re­ments of IT secu­ri­ty or infor­ma­ti­on secu­ri­ty from the per­spec­ti­ve of audi­ting and pos­si­ble solu­ti­ons will be presented.

Tar­get group:

The semi­nar is inten­ded for employees of the audi­ting depart­ment, the IT depart­ment, but also for exe­cu­ti­ves and mana­ging direc­tors who want to be infor­med about the requi­re­ments. Howe­ver, it is also sui­ta­ble for can­di­da­tes of the CISA or CISM exam as a sup­ple­ment to the exam preparation.

No pri­or tech­ni­cal know­ledge is required.

From the IT Secu­ri­ty / Infor­ma­ti­on Secu­ri­ty Content :

  • Initi­al situation
  • Gene­ral conditions
  • Task of the audit
  • Requi­re­ments of the auditors
  • Laws and regulations
  • Risks and threats
  • Infor­ma­ti­on Secu­ri­ty Manage­ment Sys­tems (ISMS)
  • Gene­ral stan­dards (e.g. the ISO/IEC 27000 series of standards)
  • Audit stan­dards (e.g. COBIT)
  • Risk manage­ment
  • Mea­su­res / Controls
  • Sys­tem administration
  • Sepa­ra­ti­on of functions
  • User admi­nis­tra­ti­on
  • Net­work security
  • Ope­ra­ting sys­tem security
  • Cli­ent / Server
  • Social engi­nee­ring
  • Email / Internet
  • Pro­tec­tion against mali­cious soft­ware (virus protection)
  • Log­ging / Traceability
  • Back­up / Restore
  • Phy­si­cal security
  • Emer­gen­cy planning
  • Secu­ri­ty of mobi­le devices (cell pho­ne, PDA, etc.)
  • Chan­ge management
  • Secu­ri­ty awareness
  • Sys­tem deve­lo­p­ment (deve­lo­p­ment, test, production)
  • Mobi­le devices (smart­phone, note­book, iPad, etc.)
  • Social net­works (Face­book, XING, etc.)

The semi­nar lea­der is Man­fred Scholz. Ques­ti­ons about the semi­nar can be asked via the semi­nar orga­ni­zer or via our cont­act form.

More infor­ma­ti­on about the semi­nar and regis­tra­ti­on link:
http://www.internerevision.at/seminare/it-revision/seminar/it-security-informations-security-157/

Source: http://www.internerevision.at/