Objectives:
Peter Ducker (one of the most influential thinkers on the subject of management theory) said “What gets measured gets managed”. The same goes for information security – if you don’t know how well you are doing, you’ll have a very difficult time steering your information security in the desired direction.
And it is exactly this ‘desired direction’ that is an essential part of measurement – setting the objectives. Only if you know exactly what you want to achieve, will you be able to know how far or how close you are to actually achieving it. Equally important – you’ll be able to answer your management’s question: “Did our investment in security pay off?”
Target group: Entry Level to Senior Executives of Banks and Corporate offices
Contents:
- Fundamental principles of information security
- Fundamental audit concepts and principles
- Audit approach based on evidence and risk
- Communication during the audit
- Creating audit test plans
- Audit findings and non-conformity reports
- Audit and quality review
- Closing the audit
- Evaluating action plans by the auditor
- Beyond the initial audit
- Managing an internal audit programmer
Duration: 05 days
