1. Identifying the information security risks to the organization and evaluation of Information security measures and effectiveness
  2. It is a systematic evaluation of the security of an organization Information systems by measuring how well it conforms to the best practices.
  3. an audit on the level of information security in an organization.
  4. auditing information security covers topics from auditing the physical security of data centers to the auditing logical security of databases and application.
  5. Audit is an integral part of InfoSec processes
  6. Steps to InfoSec Audit
  7. Types of Security Audit
  8. Security Audit Horizon
  9. Audit involves some standard techniques
  10. How Will Banks Address Gaps in Cybersecurity?
  11. Network security assessment
  12. Log Review
  13. Security Policy Review
  14. Guidelines for auditee organizations for Security Audit
  15. Role of information security auditor
  16.  Standard Security Techniques:
    • Network Scanning
    • Vulnerability Scanning
    • Password Cracking
    • Log Review
    • Integrity Checkers
    • Virus Detection
    • Review of standard techniques
    • Penetration Testing

Each topic is covered in a two-hour meeting for a total of 32 hours.