Course Overview The role of information technology (IT) control and audit has become a critical mechanism for ensuring the integrity of information systems (IS) and the reporting of organization finances to avoid and hopefully prevent future financial fiascos such as Enron and WorldCom. Global economies are more interdependent than ever and geopolitical risks impact everyone. Electronic infrastructure and commerce are integrated in business processes around the globe. The need to control and audit IT has never been greater.
Training Duration Total Training Hours : 30 Hours
Training Duration : 1 Week
Total Training Days : 5 Working Days
Training Schedules Weekdays (Sunday to Thursday)
Regular Sessions : 6 Hrs Per day (9am to 2pm or 3.00pm to 9.00 pm)
Food & refreshments Included

WeekEnds (Friday & Saturday)
Fast Track Sessions: 8 Hours per day (9am to 5pm)
Food & refreshments Included
Certifications: 1) Certificate from Laurels Training Institute, Attested by Knowledge & Human Development Authority (KHDA) government of Dubai, UAE

2) Certificate from American Institute of Professional Studies (AIPS) from USA (After 15 Days of course Completion which will couriered to the attendees office address)
Tests Yes
Learning Aids Yes
Course Material Hard & Soft Copies of Study Material
Language of Instruction English
Instructor Helpline Yes
1. Email
2. Social Media (For Emergency requirements)
Registration Requirements 1. Passport Copy
2. Curriculum Vitae
3. Passport size photographs
4. Course Fee
Mode of Payment: Cash / Cheque / Credit Card / Bank Transfer.
Eligibility Criteria
(Who should attend this training)

Information assurance auditors

System implementers or administrators

Network security engineers

IT administrators

Department of Defense (DoD) personnel or contractors

Federal agencies or clients

Private sector organizations looking to improve information assurance processes and secure their systems

Security vendors and consulting groups looking to stay current with frameworks for information assurance

Course Benefits

Checks Susceptibility to Threat

Evaluates the System and Ensures Its Integrity

Secures Data

Bolsters Controls

Develops IT Governance

Course Contents / Outline

Introduction and Overview of the 20 Critical Controls

Overview of the Control

How it is Compromised

Defensive Goals

Quick Wins

Visibility & Attribution

Configuration & Hygiene


Overview of Evaluating the Control

Core Evaluation Test(s)

Testing/Reporting Metrics

Steps for Root Cause Analysis of Failures

Audit/Evaluation Methodologies

Evaluation Tools

Exercise to Illustrate Implementation Or Steps for Auditing a Control

1: Inventory of Authorized and Unauthorized Devices

2: Inventory of Authorized and Unauthorized Software

3: Secure Configurations for Hardware and Software on Laptops, Workstations, and Servers

4: Continuous Vulnerability Assessment and Remediation

5: Controlled Use of Administrative Privileges

6: Maintenance, Monitoring, and Analysis of Audit Logs

7: Email and Web Browser Protections

 8: Malware Defenses

9: Limitation and Control of Network Ports, Protocols, and Services

10: Data Recovery Capability (validated manually)

11: Secure Configurations for Network Devices such as Firewalls, Routers, and Switches

12: Boundary Defense

13: Data Protection

14: Controlled Access Based On Need to Know

15: Wireless Device Control

16: Account Monitoring and Control

17: Security Skills Assessment and Appropriate Training to Fill Gaps

18: Application Software Security

19: Incident Response and Management

20: Penetration Tests and Red Team Exercises

© Laurels Training Institute 2017. All Rights Reserved.