Programme in preparation

Cyber and Information Security Management


As stated on the ISACA website, Cyber security has become a prevalent issue that most organizations face—one that companies recognize as an enterprise-wide issue requiring thoughtful attention. Investments in controls are necessary to protect organizations from increasingly sophisticated and widely available attack methods. Intentional attacks, breaches and incidents can have damaging consequences.

The participants to these webinars will get acquainted with the key concepts of risk-based audit approach to cybersecurity.

Target Group

Internal auditors (all levels), operational risk analysts, compliance officers, risks controllers, business controllers, senior & middle level management officers who want to learn about cybersecurity from an audit perspective.

Preferred: at least 3 years’ experience in Audit and/or business control of bank’s processes, operations, procedures and organization.

Location & Duration

This content will be split over 8 sessions of 3 hours each via virtual classroom.



Detailed programme Explode

Cybersecurity governance

  • The evolving risk landscape
  • COSO ERM and cybersecurity

Cybersecurity trends, Best practices

  • Cybersecurity versus information security
  • Privacy versus security
  • Basic terminology and evolving trends

Risk based audit methodology

  • Cybersecurity risk management life cycle
  • Common methodology and tools
  • Risk based audit assessment (threat and vulnerability identification)
  • Risk based audit assessment (probability/impact analysis, risk determination)
  • Risk mitigation, cost benefit analysis and evaluation

Security metrics

  • Common security metrics and usage
  • Technical diagnosis security metrics
  • Technical metrics and programme metrics

Cybersecurity awareness and benchmarking

  • Evidence-based awareness and measures
  • Benchmarking cyber risk awareness
  • Benchmarking historical security performance
  • Benchmarking across business units
  • Benchmarking using competitors or industry average

Join us on  Follow us on LinkedIn Follow us on Twitter