Cybersecurity Fundamentals for Non-IT Auditors: A Practical Approach

This course is part of the IT Audit Bootcamp. Learn more information here.

Overview

This training program is designed to empower non-IT auditors with essential knowledge and practical skills in cybersecurity. The program covers the basics of cybersecurity, major threats in the digital landscape, and practical protective measures. Participants will gain insights into the ever-evolving world of cybersecurity, enabling them to better assess and mitigate risks in their auditing processes.

LEVEL: beginner and intermediate

Target Audience

This training aims at non-IT auditors and other individuals engaged in auditing functions who are seeking foundational knowledge in cybersecurity. No specific technical background is required, making the program accessible to participants with diverse professional experiences.

Course Objectives

• Understanding Basics of Cybersecurity
  • Grasp fundamental concepts and terminology in cybersecurity.
• Identification of Major Threats
  • Identify and comprehend major threats in the cybersecurity landscape.
• Implementing Protective Measures
  • Learn practical protective measures and best practices to enhance cybersecurity
• Risk Mitigation Skills
  • Develop skills to assess and mitigate cybersecurity risks in auditing processes.
• Awareness of Evolving Threats
  • Stay informed about emerging cybersecurity threats and trends.
• Integration of Cybersecurity in Auditing
  • Understand how cybersecurity considerations integrate into the audit process.

Course Content

• Introduction to Cybersecurity
  • Definition and importance of cybersecurity
  • Role of non-IT auditors in cybersecurity awareness
• Major Threats in Cybersecurity
  • Overview of common cybersecurity threats (e.g., malware, (spear) phishing, ransomware, supplier chain, ddos, …)
  • Understanding social engineering attacks
• Protective Measures and Best Practices
  • Implementing strong passwords and multi-factor authentication
  • Best practices for secure data handling and storage
• Risk Assessment in Cybersecurity
  • Assessing and prioritizing cybersecurity risks
  • Understanding the impact of cybersecurity on business continuity
• Evolving Threat Landscape
  • Keeping abreast of emerging cybersecurity threats
  • Continuous learning and adaptation to evolving risks
• Cybersecurity in Auditing
  • Integrating cybersecurity considerations into audit processes
  • Reporting and communication of cybersecurity findings

Prerequisites 

No specific prerequisites are required for this training program. Participants should come with a basic understanding of business processes and a willingness to engage in discussions and hands-on activities to reinforce their learning in the field of cybersecurity.