Official Training Partner

Home Courses CYBERSECURITY AUDIT AND CYBERSECURITY FUNDAMENTALS – Non-Technicians

CYBERSECURITY AUDIT AND CYBERSECURITY FUNDAMENTALS – Non-Technicians

With the continuous increase in cybersecurity threats, including cybersecurity detail in every organization’s audit plans is becoming an increasingly critical factor. This requires auditors to know how to adequately audit cybersecurity processes and policies and to manage the tools to ensure that their organizations implement the appropriate controls.
The course program covers the 4 key areas of Cybersecurity Audit: (1) cybersecurity and audit’s role, (2) cybersecurity governance, (3) cybersecurity operations, (4) cybersecurity technology topics. It also provides an in-depth look at how to link COBIT control objectives to the security measures defined according to the NIST Cybersecurity Framework .

The course can also be combined with the 8-hour SUPPLEMENTARY MODULE VA & PENTEST FUNDAMENTALS, in order to gain greater skills in evaluating and interpreting VA and PT activities.

In particular, the overall path provides:
– IT AUDITORS with a 360-degree understanding of the key Cybersecurity factors to consider in an Audit Plan, allowing them to understand how to assess and reduce Cybersecurity risks, how to audit Cybersecurity controls, and how to interpret Cybersecurity evidence;
– CYBERSECURITY EXPERTS with a clear understanding of Audit processes;
– IT RISK MANAGERS with the ability to deepen their understanding of Cybersecurity risks and control measures.

4.5

Successfully delivered 49 sessions for over 91 professionals

Certification & Provider Information

Certification

CYBERSECURITY AUDIT

Certification Body

ISACA

Course Provided By

Profice

The course prepares for the ISACA Cybersecurity Audit certification exam and enables participants to: - Understand Cybersecurity Frameworks, all aspects of cybersecurity governance, and identify appropriate best practices, and connections to COBIT control objectives - Oversee the Threat and Vulnerability Management System and tools and Identify legal and Cybersecurity requirements to support compliance assessments - Define and implement secure authorization and Access Management processes at the Enterprise level - Distinguish between firewalls and Network Security technologies and identify Application Security controls - Improve Asset Configuration and Change and Patch Management procedures - Identify weaknesses in Cloud strategies and controls - Perform Cybersecurity and Third-Party Risk Assessments Those who also attend the supplementary VA & PENTEST FUNDAMENTALS module will: - Understand how Vulnerability Assessment and Penetration Testing activities are performed and what results they produce. - Learn to read VAPT activity reports.

IT Auditors, Security Professionals, CISOs, Audit/Assurance professionals, IT Risk professionals, IT Risk Managers. The course is also aimed at Managers, Professionals, and Lawyers who wish to acquire the basic skills needed to understand cybersecurity risk scenarios, vulnerabilities, and threats, as defined by the NIST Cybersecurity Framework, internationally recognized as the cybersecurity reference framework.

A basic understanding of cybersecurity fundamentals is recommended for participation in this course.
If you are completely new to this knowledge, supplementary e-learning sessions are available upon request.

Accredited instructors: Cybersecurity Audit, Cobit2019 Foundation, and Cobit5 Foundation. Senior expert in IT Audit, IT Governance, and Cybersecurity, certified by CISA, CISM, ISO27001 A/LA, and ISO22301 A/LA, Privacy Officer - TUV, Cobit5, and Cobit 2019 Foundation, and Cybersecurity Audit. For the VA-PT Fundamentals module, the instructors will be CEH and CHFI certified, as well as senior experts in VA and PenTest.

The course includes the slides presented during the lectures.
Those who intend to take the exam will also receive the Official ISACA “Cybersecurity Audit Certificate Study Guide” in electronic format by purchasing the exam voucher.
The guide explores the following topics: Cybersecurity and the Audit’s role, Cybersecurity Governance, Cybersecurity Operations, case studies, examples, and insights into specific areas of Cybersecurity technologies.

For those wishing to take the exam, the official ISACA “Cybersecurity Audit Certificate Study Guide” will be provided in electronic format with the purchase of the voucher.

The guide covers the following topics: Cybersecurity and the Audit’s role, Cybersecurity Governance, Cybersecurity Operations, case studies, examples, and insights into specific areas of Cybersecurity technologies.

If you are interested in taking the three-day Cybersecurity Audit course, you can also purchase the additional day with the VA and PENTEST FUNDAMENTALS supplementary modules.

Up to 30 CPEs valid for the purpose of maintaining ISACA certifications

Course Information

Course Code: Cybersecurity Audit Certification
Duration: 24 Hours
Level: Professional
Language: English
Delivery Mode: Instructor Led Online Live, E-Learning Self-Paced

Need Help Choosing?

Talk to our course advisor for personalized guidance

Felice.deangelis@proficegroup.it

Course Curriculum

CYBERSECURITY FUNDAMENTALS and PREPARATION FOR THE CYBERSECURITY AUDIT CERTIFICATION

1) Cybersecurity vs Audit’s Role :
Digital Asset Protection; Lines of Defense; Role of Audit; Audit Objectives; Audit Scope

2) Cybersecurity Governance :
Security Organization Goals and Objectives; Cybersecurity Risk Assessment; Service Providers; Performance Measurement

3) Cybersecurity Operations – Cyberattacks :
Threat Assessment; Cybersecurity Measures; Vulnerability Management; Penetration Testing; Red Team/Blue Team/Purple Team Exercises

4) Cybersecurity Operations – Identity and Access Management :
Enterprise Identity and Access Management; Identity Management; Federated Identity Management; Key Objectives of Identity Management; Provisioning and Deprovisioning; Authorization; Privileged User Management and Controls; Third-party Access; Authentication Protocols; Configuration Management; Asset Management; Change Management; Patch Management; Network Security; Security Architecture; Security Perimeter; Network Perimeter; Interdependencies; Network Architecture; Remote Access; System Hardening

5) Cybersecurity Operations – Security Measures :
Incident Management; Digital Forensics; Client Endpoint Protection; Security within SDLC; Data Backup and Recovery

6) Cybersecurity Operations – Compliance and Cryptography :
Security Compliance; Cryptography

7) Security Technologies :
Firewall and Network Security technologies; Security Incident & Event Management (SIEM); Wireless Technology; Cloud Computing; Mobile Security; Internet of Things (IoT)

8) Correlations with COBIT
COBIT control objectives for the Cybersecurity Audit according to the NIST Cybersecurity Framework
Group exercises and practical examples

PRACTICAL INSIGHTS TO SUPPORT THE IT AUDIT and KEY CONCEPTS OF VA-PT

1) Basic concepts of Vulnerability Management
Main vulnerabilities, how and when to carry out an assessment and with which tools, remediation plan, criticality prioritization, reporting and classification.

2) Basic concepts of Penetration Testing and guidelines:
What is it for, who does it, when it should be done, Definition of the scope, recommendations on the use of tools, Non-Disclosure Agreement, etc.

3) Notes on the main frameworks that can be used (PCI, OSSTMM, etc.)

4) Phases of the PT with a focus on the attack phase

5)Definition, roles and skills of Blue/Red/Purple Team

6) Presentation and reasoned reading of a real Vulnerability Assessment and PenTest report

VA-PT INTEGRATIVE MODULE (EXTRA)

1) Fundamentals of Vulnerability Assessment for LAN networks
– Main types of host and application vulnerabilities
– The Vulnerability Assessment activity (Phases, standards, subjects involved, the final report)
– Vulnerability research (“Manual” research; General purpose vulnerability scanner (Nessus and OpenVas); Vulnerability scanner for web applications)

2) Fundamentals of Penetration Testing of LAN networks
– Penetration Testing activities
– Differences compared to VA
– Types of PenTest
– Critical issues in carrying out a PenTest
– The final report
– Frameworks that can be used for the Penetration Test of LAN networks

3) Group exercises and practical examples

Course Pricing Options

Choose the package that best fits your learning needs

Live course + exam

Regular Price

€ 1,340.00

Self Paced E-Learning + Exam

This price variant includes attendance of both the 24-hour Cybersecurity Audit course, also useful for the ISACA certification of the same name, and ALSO of the 8-hour VA and PenTest Fundamentals supplementary module.

Regular Price

€ 1,040.00

Early Bird Discount

Book 30 days in advance for 5% OFF

Group Discounts

10% OFF for >3 participants

Send Course Enquiry

Fill out the form and we will get back to you within 24 hours

Full Name *

Email Address *

Phone Number *

Training Mode *

Company Name (Optional)

Your Message *

Email: felice.deangelis@proficegroup.it

Whatsapp: +39 393 390 9401

Why Choose Profice?

India's Leading Training Partner with Proven Track Record

Official Partner

Authorized Training Partner delivering official curriculum

Expert Instructors

Learn from certified professionals with 10+ years experience

Hands-on Labs

Real-world projects and 24/7 lab environment access

95% Pass Rate

Industry-leading certification exam success rate

Job Assistance

Dedicated placement support with 500+ hiring partners

Lifetime Support

Ongoing mentorship and community access after course

Ready to Transform Your Career?

Join thousands of professionals who have achieved their certification goals with us

Enroll Now

2,500+ Alumni

4.8/5 Rating

NIS2 COMPLIANCE AND NIST2 CYBERSECURITY SPECIALIST

CCSP-Certified Cloud Security Professional

CISSP - Certified Information System Security Professional

ITIL® 4 FOUNDATION

ITIL® 4 LEADER: DIGITAL AND IT STRATEGY - DITS

ITIL® 4 SPECIALIST: ACQUIRING & MANAG. CLOUD SERVICES - AMCS

ITIL® 4 Specialist: Create, Deliver & Support Certification Course and Exam - CDS

ITIL® 4 Specialist: Drive Stakeholder Value - DSV

ITIL® 4 Specialist Certification Course with Exam: High Velocity IT- HVIT

ITIL® 4 SPECIALIST: IT ASSET MANAGEMENT - IT AM

ITIL® 4 STRATEGIST: DIRECT, PLAN AND IMPROVE - DPI

PRINCE2 FOUNDATION

PRINCE2 PRACTITIONER

AI ESSENTIALS

AI+ Everyone™

AI+ Executive™

AI+ Foundation™

AI+ Prompt Engineer Level 1™

AI BUSINESS

AI+ Chief AI Officer™

AI+ Finance™

AI+ Legal™

AI+ Marketing™

AI+ Product Manager™

AI+ Project Management Practitioner™

AI+ Project Manager™

AI+ Sales™

AI SECURITY

AI+ Ethical Hacker™

AI+ Security Compliance™

AI+ Security Level 1™

AI+ Security Level 2™

AI+ Security Level 3™

AI CLOUD

AI+ Architect™

AI+ Cloud™

AI DEVELOPMENT

AI+ Developer™

AI+ Engineer™

AI+ Prompt Engineer Level 2™

AI SPECIALIZATION

AI+ Agent™

AI+ UX Designer™

AI DATA & ROBOTICS

AI+ Data Agent™

AI+ Data™

AI+ Robotics™

BLOCKCHAIN & BITCOIN

Bitcoin+ Developer™

Bitcoin+ Everyone™

Bitcoin+ Executive™

Bitcoin+ Security™

Blockchain+ Developer™

Blockchain+ Executive™

ETHICAL HACKING

CEH v13

NETWORK SECURITY

CND v3

CCT

ICS/SCADA

COMPUTER FORENSICS

CHFI

Dark Web Forensic Workshop

EC-FDDW

INCIDENT HANDLING

CTIA v2

ECIH v3

CSA v2

TIE

PEN TESTING

CPENT v2

WAHS

APPLICATION SECURITY

CASE JAVA

CASE .NET

ECDE

DSE

ENCRYPTION

ECES

EXECUTIVE MANAGEMENT

ESCM Expert Scrum Master Certified