Story image

ISACA adds credentials for cybersecurity audits

03 Oct 2018

Auditors are increasingly being required to audit cybersecurity processes, policies and tools to provide assurance that their enterprise has appropriate controls in place.

To help them acquire and prove these skills, ISACA - creators of the Certified Information Systems Auditor (CISA) certification - has introduced the new Cybersecurity Audit Certificate Program.

The Cybersecurity Audit Certificate Program provides audit/assurance professionals with the knowledge needed to excel in cybersecurity audits.

It provides security professionals with an understanding of the audit process, and IT risk professionals with an understanding of cyber-related risk and mitigating controls.

“Information security has become critical to understanding an enterprise, its risk and its processes,” says executive search provider to Fortune 500 companies in the IT audit and GRC space Candor McGaw president Caitlin McGaw.

“To add increased value now, IT audit and GRC professionals have to build solid information security skills. This is the golden ticket to short-term success and long-term career sustainability.”

ISACA’s Cybersecurity Audit Certificate exam is bundled with the training of the candidate’s choice - a self-paced online course, a virtual instructor-led course or an in-person training workshop - which teaches more than a dozen skills, including:

  • Understanding security frameworks

  • Identify cyber and legal regulatory requirements to aid in compliance assessments

  • Identify weaknesses in cloud strategies and controls

  • Perform cybersecurity and third-party risk assessments

  • Identify the benefits and risks of containerisation

The bundle includes a study guide that introduces candidates to cybersecurity and audit’s role, cybersecurity governance, and cybersecurity operations.

The Cybersecurity Audit Certificate exam is online, remote-proctored and can be taken at the candidate’s convenience.

Candidates who pass the exam will receive a certificate and digital badge.

Industrial control component vulnerabilities up 30%
Positive Technologies says exploitation of these vulnerabilities could disturb operations by disrupting command transfer between components.
McAfee announces Google Cloud Platform support
McAfee MVISION Cloud now integrates with GCP Cloud SCC to help security professionals gain visibility and control over their cloud resources.
WatchGuard announces A/NZ partners awards
Four Australian companies were named partner award winners at the WatchGuard conference in Vietnam.
Telstra’s 2019 cybersecurity report
Cybersecurity remains a top business priority as the estimated number of undetected security breaches grows.
Why AI and behaviour analytics should be essential to enterprises
Cyber threats continue to increase in number and severity, prompting cybersecurity experts to seek new ways to stop malicious actors.
Scammers targeting more countries in sextortion scam - ESET
The attacker in the email claims they have hacked the intended victim's device, and have recorded the person while watching pornographic content.
Cryptojacking and failure to patch still major threats - Ixia
Compromised enterprise networks from unpatched vulnerabilities and bad security hygiene continued to be fertile ground for hackers in 2018.
Why cybersecurity remains a top business priority
One in two Australian businesses estimated that they will receive fines for being in breach of new legislation.