Story image

ISACA adds credentials for cybersecurity audits

03 Oct 2018

Auditors are increasingly being required to audit cybersecurity processes, policies and tools to provide assurance that their enterprise has appropriate controls in place.

To help them acquire and prove these skills, ISACA - creators of the Certified Information Systems Auditor (CISA) certification - has introduced the new Cybersecurity Audit Certificate Program.

The Cybersecurity Audit Certificate Program provides audit/assurance professionals with the knowledge needed to excel in cybersecurity audits.

It provides security professionals with an understanding of the audit process, and IT risk professionals with an understanding of cyber-related risk and mitigating controls.

“Information security has become critical to understanding an enterprise, its risk and its processes,” says executive search provider to Fortune 500 companies in the IT audit and GRC space Candor McGaw president Caitlin McGaw.

“To add increased value now, IT audit and GRC professionals have to build solid information security skills. This is the golden ticket to short-term success and long-term career sustainability.”

ISACA’s Cybersecurity Audit Certificate exam is bundled with the training of the candidate’s choice - a self-paced online course, a virtual instructor-led course or an in-person training workshop - which teaches more than a dozen skills, including:

  • Understanding security frameworks

  • Identify cyber and legal regulatory requirements to aid in compliance assessments

  • Identify weaknesses in cloud strategies and controls

  • Perform cybersecurity and third-party risk assessments

  • Identify the benefits and risks of containerisation

The bundle includes a study guide that introduces candidates to cybersecurity and audit’s role, cybersecurity governance, and cybersecurity operations.

The Cybersecurity Audit Certificate exam is online, remote-proctored and can be taken at the candidate’s convenience.

Candidates who pass the exam will receive a certificate and digital badge.

SecOps: Clear opportunities for powerful collaboration
If there’s one thing security and IT ops professionals should do this year, the words ‘team up’ should be top priority.
Interview: Culture and cloud - the battle for cybersecurity
ESET CTO Juraj Malcho talks about the importance of culture in a cybersecurity strategy and the challenges and benefits of a world in the cloud.
Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.