Education 

 
Sabine Charles - Education Committee Chair
Committee Members

Doug Souza

Michael Johnson

Sam Malla

Vasanthi Ramkumar

Ravi Tanikella

Steven Valance

Overview

The Education Committee develops a comprehensive annual training program covering information systems audit/assurance, risk management, controls, and governance. Check here periodically for updates as we continue to plan and finalize upcoming training classes.

If you require training in specific skills or knowledge areas, email [email protected].

Call to Action

Several opportunities are available for assisting the Education Committee:

  • Developing education curriculum
  • Instructing classes
  • Hosting educational events

If you are interested, please contact [email protected]  or click here for volunteering information.

Upcoming Education Classes

Auditing Network Security

May 1 - 3, 2017 
The Lofts at Prince, 177 Prince Street, New York, NY
During the 3 day Auditing Network Security course, participants will learn how to audit the key systems identified on a network. Networks need to be fortified to defend against threats such as APTs.  Students will learn how to audit key network components including routers, switches, firewalls, IDS/IPS and wireless networks. Students will also look at the risks to a network when introducing cloud computing solutions. Host based protections including endpoint protection, advanced malware protection, application whitelisting, data loss prevention and vulnerability scanning will also be investigated. The tools and techniques to audit such systems are discussed and utilized during hands-on exercises.  Students are required to bring a laptop.   

Intended audience: Internal Auditors, IT Specialist Auditors, IT Auditors, IT Audit Managers, Information System Auditors, Information Technology Auditors, Information Security Officers 

Level: Intermediate, 21 CPE

Click here for registration and information.

 

Modern Techniques for Risk Assessment

May 18, 2017
The Lofts at Prince, 177 Prince Street, New York, NY
The antiquated formula Risk = Impact x Probability is unprovable and unworkable.  In this one-day seminar participants learn why that formula is incorrect and which other techniques that are being used by advanced risk practitioners are more applicable to contemporary enterprises.  These methods will make the determination of risk align with both reality and expectation.  They make the concept of risk a meaningful determinant for management decision making.

Intended audience: Internal and External Auditors, Risk Managers, Security Professionals, Business Managers, Financial Executives, Legal Counsel

Learning objectives: Participants in this seminar will learn:

  • Why the commonly used formula fails
  • Which techniques provide greater insight of operational and financial risk
  • The standards that apply risk assessment
  • The tools and techniques that can be rapidly put in place in large and small businesses
  • How to interpret risk assessment results
  • Methods for portraying risk to aid management decision making 

Level: Intermediate, 8 CPE

Click here for registration and information.

 

Data Privacy for IT Auditors and Security Professionals 

September 13 -14, 2017
The Loft at Prince, 177 Prince Street, New York, NY
This is a two-day seminar, combining lecture with a hands-on, case study based workshop that introduces I.T. Auditors and Information Security Professionals to the principles, practices, legislation and governance of Personal Information Privacy.  It includes standards, methodology and audit and review techniques for both business and Information Technology resilience and recoverability.

Intended audience: I.T. Auditing managers and staff, Information Security managers and staff, Risk Managers, I.T. operations personnel, Internal Financial and Operational Auditors, Corporate Management, Chief Financial Officers, Chief Privacy Officers and their staff, compliance personnel.

Learning objectives: Participants will gain a deep understanding of personal information including:  

  • What’s privacy all about?
  •  What’s driving privacy? 
  • What are the business benefits of privacy compliance?
  • What are the risks of non-compliance? 
  • Dealing with multi-jurisdictional legislation and regulations 
  • Creating a privacy compliant organization 
  • Establishing privacy baselines 
  • Monitoring privacy initiatives 
  • Responding to a privacy breach 
  • Privacy reporting 
  • Sustainable compliance 
  • Addressing future privacy trends

 Level: Intermediate, 16 CPE 

Click here for registration and information.

 

Auditing Unix/Linux

November 15 - 16, 2017
The Lofts at Prince, 177 Prince Street, New York, NY
During this two day course, students will learn about the security issues that should be considered when conducting a UNIX/Linux audit. Students will understand how to identify and mitigate risks that affect UNIX/Linux operating systems. Hands-on exercises will be conducted to ensure that students have the opportunity to apply the concepts presented, as well as obtain hands-on experience with a UNIX/Linux systems. Multiple tools and techniques for conducting UNIX/Linux audits will be presented. 

Intended audience: Internal Auditors, IT Specialist Auditors, IT Auditors, IT Audit Managers, Information System Auditors, Information Technology Auditors, Information Security Officers 

Level: Intermediate, 14 CPE

Click here for registration and information.