Your SlideShare is downloading. ×
CyberSecurity Auditor and Program Manager training with Mark E.S Bernard ID 14181 v01r01
CyberSecurity Auditor and Program Manager training with Mark E.S Bernard ID 14181 v01r01
CyberSecurity Auditor and Program Manager training with Mark E.S Bernard ID 14181 v01r01
CyberSecurity Auditor and Program Manager training with Mark E.S Bernard ID 14181 v01r01
CyberSecurity Auditor and Program Manager training with Mark E.S Bernard ID 14181 v01r01
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

CyberSecurity Auditor and Program Manager training with Mark E.S Bernard ID 14181 v01r01

261

Published on

CyberSecurity Auditor and Program Manager training

CyberSecurity Auditor and Program Manager training

Published in: Business, Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
261
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
13
Comments
0
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. CONTACT: MARK .E.S. BERNARD ON LINKEDIN OR SKYPE Page 1 of 5 CODE: CYBERSECURITY AUDITOR & PROGRAM MANAGER OFFERED: Mark E.S. Bernard, ISO 27001 LA, CISA, CISM, CGEIR, CRISC, CISSP TITLE: CYBERSECURITY AUDIT & PROGRAM MANAGEMENT TRAINING SUBJECT DESCRIPTION: The CyberSecurity Auditor and Program Manager training is a competency-based 4-day course that provides participants with the knowledge necessary to adopt and audit CyberSecurity programs in accordance with ISO 27001:2013 and ISO 19011, Guidelines for Quality and/or Environmental Management Systems Auditing. Experienced instructors will guide participants through the development and execution of establishing an audit program including procedure, scheduling, execution of the audit and reporting on the audit. In addition, experienced instructors will guide participants in the process used to implement and maintain a CyberSecurity Program based on ISO/IEC 27001 and Annex ‘A’ integrated in ITIL. Participants will gain necessary auditing and security management skills through a balance of formal classroom role playing, assignments, tests and informal discussions. CREDIT STATUS: n/a PREREQUISITES: Review ISO 27001, ISO 27002, ISO 19011 SPECIFIC OUTCOMES: Upon successful completion:  Participants will be able to manage all aspects of the audit programme.  Participants will be capable of implementing and managing CyberSecurity Program.  Participants will be capable of identifying & evaluating auditors or program admins.
  • 2. CONTACT: MARK .E.S. BERNARD ON LINKEDIN OR SKYPE Page 2 of 5 TOPIC OUTLINE: Managing an audit programme 15%  Audit programme objectives and extent  Audit programme implementation  Audit programme records  Audit programme monitoring and reviewing Audit activities 25%  Initiating the audit  Conducting document review  Preparing for the on-site audit activities  Conducting on-site audit activities  Preparing, approving and distributing the audit report  Preparing the audit report  Approving and distributing the audit report  Completing the audit  Conducting audit follow-up Competence and evaluation of auditors 10%  Personal attributes  Knowledge and skills  Education, work experience, auditor training and audit experience  Maintenance and improvement of competence  Auditor evaluation Clause 4. Context of the organization 5%  Understand the organization and its context.  Understand the needs and expectations of interested parties  Determine the scope of the information security management system  Information security management system Clause 5. Leadership 5%  Leadership and commitment  Policy  Organizational roles, responsibilities and authorities
  • 3. CONTACT: MARK .E.S. BERNARD ON LINKEDIN OR SKYPE Page 3 of 5 Clause 6. Planning 5%  Actions to address risk and responsibilities  Information security objectives and planning to achieve them Clause 7. Support 5%  Resources  Competences  Awareness  Communications  Documented information Clause 8. Operation 5%  Operational planning and control  Information security risk assessment  Information security risk treatment Clause 9. Performance evaluation 5%  Monitoring, measurement, analysis and evaluation  Internal audit  Management review Clause 10. Improvement 5%  Nonconformity and corrective actions  Continual improvement
  • 4. CONTACT: MARK .E.S. BERNARD ON LINKEDIN OR SKYPE Page 4 of 5 Information security management system 5%  Governance  Risk Management  Compliance Management  Vulnerability Management  Communication Management  Awareness Training  Access and Identity  Asset Management  Document Control  Records Management  Internal /External Auditing  Monitoring and Reporting Documentation requirements 5%  Control of documents  Control of records Annex 'A' 5%  A5. Management direction for information security,  A6. Organisation of information security,  A7. Human Resource security,  A8. Asset Management,  A9. Access control,  A10. Cryptography,  A11. Physical and Environmental security,  A12. Operations Security,  A13. Communications Security,  A14. System acquisition, Development and Maintenance,  A15. Supplier Relationships,  A16. Information Security Incident Management,  A17. Information Security Aspects of Business Continuity Management,  A18. Compliance
  • 5. CONTACT: MARK .E.S. BERNARD ON LINKEDIN OR SKYPE Page 5 of 5 MODES OF INSTRUCTION: Lectures, Texts, Case Studies, Role Playing, Final Exam PRESCRIBED TEXT(S):  ISO/IEC 27001:2013 REFERENCE MATERIAL:  Required: None.  Recommended: ISO/IEC 27001:2013, ISO 27002:2013, ISO 19011:2002 PROMOTION POLICY: To obtain a certificate in this subject, a participant must  Complete ALL assignments  Obtain 55% or better in the final exam  Have a weighted average of tests and assignments that is at or above 55%  Obtain a 55% overall average in the course MODES OF EVALUATION:  Two tests 40%  Two assignments 20%  Final examination 40% CHEATING AND/OR PLAGIARISM: Each student should be aware that cheating or plagiarism will result in failure of successfully completing this course. APPROVED BY: Mark E.S. Bernard SIGNATURE: NOTE: Any inquires concerning the training session can be directed to the instructor following attendance at our course.

×