Duration
06 Days
Objectives
Peter Ducker (one of the most influential thinkers on the subject of management theory) said “What
gets measured gets managed”. The same goes for information security – if you don‘t know how well
you are doing, you‘ll have a very difficult time steering your information security in the desired direction.
And it is exactly this ‘desired direction’ that is an essential part of measurement – setting the objectives. Only if you know exactly what you want to achieve, will you be able to know how far or how close you are to actually achieving it. Equally important – you‘ll be able to answer your management‘s question: “Did our investment in
security pay off?”
Contents
- Fundamental principles of information security
- Fundamental audit concepts and principles
- Audit approach based on evidence and risk
- Communication during the audit
- Creating audit test plans
- Audit findings and non-conformity reports
- Audit and quality review
- Closing the audit
- Evaluating action plans by the auditor
- Beyond the initial audit
- Managing an internal audit programmer
Target group
Entry Level to Senior Executives of
Banks and Corporate offices