ROLLING MEADOWS, Ill.--(BUSINESS WIRE)--Given IT auditors’ increasing information and cyber security responsibilities, and the widening cyber security skills gap, global technology association ISACA is providing expanded resources to help auditors make a greater impact on their organizations’ cyber security programs.
“IT auditors are being called to help mitigate cyber risks and prevent business interruption and damage,” said Christos Dimitriadis, Ph.D. CISA, CISM, CRISC, chair of ISACA’s Board of Directors and group director of Information Security for INTRALOT. “Based on customer needs, and ISACA member feedback, we will expand our resources available to help audit professionals provide the multilayered review that organizations need to strengthen their cyber security programs.”
New guidance from ISACA, Auditing Cyber Security: Evaluating Risk and Auditing Controls, provides insights on the controls needed to protect organizations from an increasingly sophisticated set of cyber threats. Among ISACA’s cyber security-related recommendations for auditors are:
- Leverage existing frameworks and guidelines
- Consider forthcoming legislation
- Understand what qualifies as a risk
- Recognize that users pose the biggest security risk
- Ensure a cyber incident response policy is in place
The guidance explores methods to evaluate organizations’ current and emerging cyber risk, and how to audit security controls to best protect critical information assets. The white paper and a related infographic are available as free downloads at www.isaca.org/auditing-cyber-security.
ISACA also is increasing the information and cyber security training opportunities for audit and assurance professionals at its North America Computer Audit, Control and Security (CACS) conference, 1-3 May 2017, in Las Vegas, Nevada, USA.
As part of the program expansion, sessions will be available at managerial and technical levels. Experts in audit, risk, governance and information security from around the world will converge at The Cosmopolitan of Las Vegas.
New cyber-related program additions include: “Threats and Challenges in Healthcare,” the “Top 10 Cyber Security Risks,” and “Protecting Sensitive Data in the Cloud.” North America CACS will feature 80 sessions in nine tracks:
- Audit and Assurance
- Audit and Assurance: Advanced
- Integrated Risk Management
- Data Analytics and Big Data
- Leadership Development and Career Management
- Industry Trends and Insights
Cyber security for auditors will be among the post-conference workshops topics. Other workshop topics, either before or after the conference, include data analytics, assurance and risk. Additionally, a workshop to help prepare for the Cybersecurity Fundamentals Certificate exam and a CISA Prep Course to help prepare for the Certified Information Systems Auditor (CISA) exam are available.
North America CACS attendees can earn up to 39 continuing professional education (CPE) hours. Additional details, registration and venue information can be found at www.isaca.org/NA-CACS2017.
ISACA® (isaca.org) helps professionals around the globe realize the positive potential of technology in an evolving digital world. By offering industry-leading knowledge, standards, credentialing and education, ISACA enables professionals to apply technology in ways that instill confidence, address threats, drive innovation and create positive momentum for their organizations. Established in 1969, ISACA is a global association with more than 140,000 members and certification holders in 187 countries. ISACA is the creator of the COBIT framework, which helps organizations effectively govern and manage their information and technology. Through its Cybersecurity Nexus (CSX), ISACA helps organizations develop skilled cyber workforces and enables individuals to grow and advance their cyber careers.