NJ ISACA - Manager’s Guide to CyberSecurity Risk Assessment and Audit Priorities


Please join our speaker Ken Cutler for our one day seminar:
Managers’ Guide to CyberSecurity Risk Assessment and Audit Priorities

CyberSecurity risks abound and are constantly in the forefront of today’s Information Technology (IT) systems management and internal audit concerns. Known but unmitigated vulnerabilities are among the highest CyberSecurity risks faced by many organizations - known vulnerabilities include: using software and/or hardware beyond the vendor's support lifecycle, declining to implement security patches, or failing to execute security-specific system configuration guidance. Addressing cybersecurity is not only about solving a particular problem…it is also about putting in place the people, processes, and technologies that can protect against the latest risks and respond to them when needed. Recent industry surveys have indicated that although the number of Chief Information Security Officer (CISO) positions have increased, the corresponding quality of CyberSecurity expertise within many organizations has not. In this highly practical management oversight workshop, you will cover the essential background information, resources, and strategies necessary to prioritize, plan and launch a wide range of CyberSecurity risk assessments and audits. We will explore not only CyberSecurity management and human resources controls, but also a high-level conceptual look at the fundamentals of important technical CyberSecurity controls for protecting valuable information assets and associated resources in today’s highly complex and rapidly changing Cyber world.


Learning Objectives:

  • Understand CyberSecurity terminology and associated risks • Gain familiarity with CyberSecurity regulatory requirements and best practices

  • How to develop an overall CyberSecurity audit program to effectively assess Cyber risks, including the critical human factor

  • How to gauge and effectively report CyberSecurity risks to The Board

Level: Basic


A basic understanding of fundamental IT audit controls and terminology is assumed.


  1. What is CyberSecurity????...Building your CyberSecurity vocabulary

  • Defining CyberSecurity 

  • Business Drivers for CyberSecurity 

  • Defining the CyberSecurity / Information Technology Landscape

  • Existing, Emerging…and Expanding CyberSecurity Regulatory Compliance

  1. The Many Faces of CyberSecurity Risks… and How to Detect Them

  • Defining the Elements of Risk Management

  • Inherent CyberSecurity Risks to Your Enterprise

  • Organization and Human Resource Factors That Can Increase CyberSecurity Risk

  • Notable CyberSecurity Incidents and…Lessons Learned

  • Frameworks and Methodologies for CyberSecurity Risk Assessment

  • Leveraging Information Ownership and Classification to Detect and Reduce CyberSecurity Risk


  1. Planning Audits of CyberSecurity 

  • CyberSecurity Architectures and CyberSecurity/Audit Frameworks

  • Tools, Techniques, and Resources Necessary for Conducting Effective CyberSecurity Audits

  • Do’s and Don’ts for Effectively Reporting CyberSecurity Risks to The Board


Who Should Attend

  • General Auditors and other Audit Management

  • IT Auditors • Operational Auditors

  • Information Security Managers, Analysts, and Architects

  • IT Management

  • IT Architects

  • Compliance Officers

  • Consultants

  • Anyone needing an insightful overview of CyberSecurity risks, controls, and assessments

CPEs: 7*(Type: Auditing)

* Continuing Professional Education Credits are estimated and based on the Continuing Professional Education requirements of the New Jersey Board of Accountancy (NJ BoA.) Actual CPEs (1 CPE credit for 50 minutes) are calculated based on actual instruction time and attendance.

Please note that NJ BoA now requires a more stringent monitoring of meeting attendance. Attendees who arrive late, leave early or are absent from the seminar room for extended periods, will have their CPE certificate adjusted accordingly.

  • When

  • Tuesday, March 6, 2018
    8:00 AM - 5:00 PM

  • Where

  • Ravello
    138 Eagle Rock Avenue
    East Hanover, New Jersey 07936

  • Capacity

  • 55 (6 remaining)

Outlook Outlook
iCal iCal
Google Google
Yahoo! Yahoo!