| COURSE : CERTIFIED IT AUDITOR FOR CRITICAL CHANGE AND CONTROLS | |
|---|---|
| Course Overview | The role of information technology (IT) control and audit has become a critical mechanism for ensuring the integrity of information systems (IS) and the reporting of organization finances to avoid and hopefully prevent future financial fiascos such as Enron and WorldCom. Global economies are more interdependent than ever and geopolitical risks impact everyone. Electronic infrastructure and commerce are integrated in business processes around the globe. The need to control and audit IT has never been greater. |
| Training Duration | Total Training Hours : 30 Hours Training Duration : 1 Week Total Training Days : 5 Working Days |
| Training Schedules | Weekdays (Sunday to Thursday) Regular Sessions : 6 Hrs Per day (9am to 2pm or 3.00pm to 9.00 pm) Food & refreshments Included WeekEnds (Friday & Saturday) Fast Track Sessions: 8 Hours per day (9am to 5pm) Food & refreshments Included |
| Certifications: | 1) Certificate from Laurels Training Institute, Attested by Knowledge & Human Development Authority (KHDA) government of Dubai, UAE OPTIONAL 2) Certificate from American Institute of Professional Studies (AIPS) from USA (After 15 Days of course Completion which will couriered to the attendees office address) |
| Tests | Yes |
| Learning Aids | Yes |
| Course Material | Hard & Soft Copies of Study Material |
| Language of Instruction | English |
| Instructor Helpline | Yes 1. Email 2. Social Media (For Emergency requirements) |
| Registration Requirements | 1. Passport Copy 2. Curriculum Vitae 3. Passport size photographs 4. Course Fee |
| Mode of Payment: | Cash / Cheque / Credit Card / Bank Transfer. |
| Eligibility Criteria (Who should attend this training) |
Information assurance auditors System implementers or administrators Network security engineers IT administrators Department of Defense (DoD) personnel or contractors Federal agencies or clients Private sector organizations looking to improve information assurance processes and secure their systems Security vendors and consulting groups looking to stay current with frameworks for information assurance |
| Course Benefits |
Checks Susceptibility to Threat Evaluates the System and Ensures Its Integrity Secures Data Bolsters Controls Develops IT Governance |
| Course Contents / Outline |
Introduction and Overview of the 20 Critical Controls Overview of the Control How it is Compromised Defensive Goals Quick Wins Visibility & Attribution Configuration & Hygiene Advanced Overview of Evaluating the Control Core Evaluation Test(s) Testing/Reporting Metrics Steps for Root Cause Analysis of Failures Audit/Evaluation Methodologies Evaluation Tools Exercise to Illustrate Implementation Or Steps for Auditing a Control
1: Inventory of Authorized and Unauthorized Devices 2: Inventory of Authorized and Unauthorized Software 3: Secure Configurations for Hardware and Software on Laptops, Workstations, and Servers 4: Continuous Vulnerability Assessment and Remediation 5: Controlled Use of Administrative Privileges 6: Maintenance, Monitoring, and Analysis of Audit Logs 7: Email and Web Browser Protections 8: Malware Defenses 9: Limitation and Control of Network Ports, Protocols, and Services 10: Data Recovery Capability (validated manually) 11: Secure Configurations for Network Devices such as Firewalls, Routers, and Switches 12: Boundary Defense 13: Data Protection 14: Controlled Access Based On Need to Know 15: Wireless Device Control 16: Account Monitoring and Control 17: Security Skills Assessment and Appropriate Training to Fill Gaps 18: Application Software Security 19: Incident Response and Management 20: Penetration Tests and Red Team Exercises |