During this training, participants will engage in active security auditing exercises focused on both hardware and software components. They will learn to craft and refine policies that articulate the essential security requirements necessary for organizational compliance, covering elements such as computing devices, security controls, remote working environments, and communication protocols. This practical approach ensures that participants can apply their learning directly to real-world scenarios.

The course will also guide participants in establishing effective communication guidelines for interacting with external stakeholders. They will learn to create effective communication strategies that include the development of comprehensive guides, emergency plans, and templates. This training is crucial for maintaining operational integrity and ensuring that stakeholders are informed and compliant with security protocols.

Throughout the course, participants will not only learn to apply established and widely accepted industry standards but will also develop custom standards tailored to meet specific organizational needs. Additional modules include basic security principles and information security management in cloud environments, supplemented by guided case studies. These case studies provide participants with the opportunity to apply theoretical knowledge in controlled, realistic settings bridging the gap between learning and real-world application.

Upon completing this course, participants will emerge with advanced capabilities in:

• Developing templates and checklists for various audits, including Audit Charters, Engagement Letters, and System Acquisition Audits.
• Using CAATs (Computer-Assisted Audit Techniques) to enhance audit efficiency and thoroughness.
• Techniques for drafting information security policies and breach notification letters.
• Applying PCI DSS and ISO 27001 requirements within organizational audits.
• Disaster recovery and business continuity planning best practices.
• Managing and assessing risks in cloud environments, implementing a compliant System Security Plan (SSP) and continuous monitoring strategies.
• Conducting detailed information security audits and cyber security maturity assessments.

MCSI is one of the most respected and trusted names in cyber security education and training. Our certifications teach critical skills, knowledge and abilities needed to advance a career in cyber security. Our courses are comprehensive and up-to-date, and our instructors are experienced professionals who are dedicated to helping students learn. MCSI provides the real-world skills and knowledge you need to protect any organization from cyber threats.

• Information Security Governance and Concepts

  Information Security Governance and Concepts are crucial for IT program auditors as they provide the foundational framework for establishing, implementing, and maintaining effective security controls within organizations. Understanding governance principles ensures auditors can assess compliance with security policies, standards, and regulations, fostering a secure and resilient IT environment.

  Gap Analysis

  Gap analysis is essential for IT program auditors to identify discrepancies between current and desired security postures, guiding the prioritization of remediation efforts.

  Security Baselines

  Defining security baselines enables auditors to establish minimum standards for security configurations, aiding in consistent security posture assessments.

  Metrics

  Metrics allow auditors to measure and assess the effectiveness of security controls and compliance efforts, providing insights for improvement.

  RACI Charts

  RACI charts clarify roles and responsibilities in security governance, aiding auditors in understanding accountability across security functions.

  Plan Do Check Act (PDCA)

  PDCA cycles help auditors implement continuous improvement in security processes, ensuring systematic review and enhancement of security measures.

  Risk Appetite

  Understanding risk appetite informs auditors about acceptable levels of risk tolerance within an organization, guiding risk management decisions.

  Risk Transfer

  Knowledge of risk transfer mechanisms enables auditors to assess the effectiveness of risk transfer strategies, ensuring appropriate risk mitigation measures.

  Risk Responses

  Learning about risk responses helps auditors develop and evaluate risk response strategies, ensuring alignment with organizational goals and risk appetite.

  Writing Access Control Policies

  Developing access control policies allows auditors to establish guidelines for managing user access to resources, supporting security and compliance objectives.

  Writing Password Policies

  Password policies define rules for secure password practices, aiding auditors in strengthening authentication controls and reducing security risks.

  Writing Work from Home Policies

  Work from home policies provide guidelines for secure remote work practices, ensuring continuity of operations while managing associated risks.

  Writing Incident Response Policies

  Incident response policies outline procedures for handling security incidents, enabling auditors to assess preparedness and response capabilities.

  Writing Disaster Recovery Policies

  Disaster recovery policies establish processes for restoring critical systems and data after disruptions, supporting continuity and resilience objectives.

  Business Impact Analysis

  Conducting business impact analysis helps auditors identify critical business functions and prioritize recovery efforts, supporting continuity planning and risk management.

  Writing Guides on How to Manage Threats

  Guides on threat management provide resources for identifying, assessing, and mitigating threats, enabling auditors to enhance security posture and incident response capabilities.

  Writing Standards (e.g., Network Standard, Cryptography)

  Developing security standards establishes guidelines for implementing secure configurations and practices, facilitating consistent security assessments and compliance evaluations.

• Auditing and Compliance

  Auditing and compliance are essential for ensuring organizations adhere to regulatory standards and industry best practices, providing assurance to stakeholders about the effectiveness of security controls and risk management strategies. It helps identify gaps, ensure accountability, and maintain continuous improvement in security posture, crucial for mitigating risks and maintaining trust in the digital landscape.

  Developing Audit Checklists

  Developing audit checklists is critical for IT auditors to ensure thorough assessments of IT systems, controls, and processes. Checklists facilitate systematic reviews, helping auditors identify risks, compliance gaps, and necessary corrective actions efficiently.

  Engagement Letters

  Engagement letters are vital documents for IT program auditors as they establish the scope, objectives, and responsibilities of audit engagements. They provide a formal agreement between auditors and stakeholders, ensuring clarity and alignment throughout the audit process.

  Audit Charter

  An audit charter is essential for IT auditors as it defines the authority, objectives, and approach for conducting audits. It serves as a guiding document that aligns audit activities with organizational goals, compliance standards, and best practices.

  Privacy Audit

  Privacy audits are critical for IT auditors to assess and validate data protection measures within IT systems. They ensure compliance with privacy regulations (e.g., GDPR, CCPA) and identify potential privacy risks that require mitigation actions.

  Database Review Checklists

  Database review checklists enable IT auditors to evaluate database configurations, access controls, and data integrity. These checklists ensure the security and reliability of databases, safeguarding sensitive information from unauthorized access or breaches.

  Environmental Control Audit Checklists

  Environmental control audit checklists are important for IT auditors to assess physical security measures within data centers and IT environments. They help identify vulnerabilities related to environmental controls (e.g., HVAC systems, physical access) that could impact IT operations and data security.

  Third Party Services Checklist

  Third party services checklists assist IT auditors in evaluating risks associated with outsourcing IT functions to external vendors. These checklists ensure proper vendor management, contractual compliance, and risk mitigation strategies to safeguard organizational data and operations.

  Request for Information Document

  Request for Information (RFI) documents are valuable for IT auditors to gather essential details about IT systems, processes, and controls from auditees. This information aids in audit planning, risk assessment, and ensures comprehensive audits of IT environments.

  Service Level Agreement Documents

  Service Level Agreement (SLA) documents are important for IT auditors as they define performance standards, availability, and responsibilities for IT services. Auditors use SLAs to assess service delivery, compliance, and evaluate the effectiveness of IT service management.

  Creating Privacy Breach Documents

  Developing privacy breach documents is crucial for IT auditors to establish protocols for incident response, notification procedures, and remediation actions in case of data breaches. These documents ensure compliance with data protection laws and enhance incident management capabilities.

  Creating Website to Report Customer Breach

  Implementing a website to report customer breaches enhances transparency and compliance with data breach notification laws. IT auditors benefit from this by ensuring effective incident reporting, accountability, and maintaining stakeholder trust in data protection practices.

• Cloud Security and Management

  Cloud security and management are crucial for IT program auditors because they involve ensuring the integrity, confidentiality, and availability of data stored and processed in cloud environments, which is essential for maintaining compliance with regulatory standards and mitigating security risks associated with cloud-based technologies.

  Additionally, effective cloud management allows auditors to monitor and enforce proper governance frameworks, assess controls, and evaluate the implementation of security measures to safeguard organizational assets and data in the cloud.

  Deploying Virtual Machines

  Deploying virtual machines in cloud environments is relevant for IT auditors to assess proper provisioning, configuration, and security controls, ensuring compliance with organizational standards and best practices.

  Cloud-Based Risk Management

  Cloud-based risk management involves evaluating and mitigating security risks specific to cloud services, enabling IT auditors to address vulnerabilities, data breaches, and compliance gaps associated with cloud deployments.

  Compliant System Security Plan (SSP)

  Developing a compliant System Security Plan (SSP) ensures auditors understand security controls and measures in place within cloud systems, aiding in risk assessment and regulatory compliance evaluations.

  Information System Continuous Monitoring (ISCM) Strategy

  Implementing an effective ISCM strategy allows auditors to continuously monitor cloud environments for security incidents, performance issues, and compliance deviations, enhancing overall risk management and governance.

  'Shared Responsibility Model' in the Cloud

  Understanding the shared responsibility model clarifies roles and responsibilities between cloud service providers and users, enabling auditors to assess accountability and ensure proper security measures are implemented by all parties.

  Protect Access to Data in an S3 Bucket Using a Customer Managed Key

  Configuring access controls and encryption using customer-managed keys in S3 buckets is critical for auditors to enforce data protection and privacy requirements, reducing the risk of unauthorized access and data breaches.

  Configuring S3 Buckets

  Properly configuring S3 buckets involves implementing security policies, access controls, and encryption settings, allowing auditors to assess data protection measures and ensure compliance with security standards.

  Compliance Checking AWS Instances

  Conducting compliance checks on AWS instances helps auditors verify adherence to security configurations, patch management, and regulatory requirements, ensuring the integrity and security of cloud-based infrastructures.

This course teaches the specific Knowledge, Skills, Abilities, and Tasks (KSATs) aligned with the DoD Cyber Workforce Framework (DCWF) as outlined in DoD 8140. By focusing on these critical competencies, the course ensures that you develop the essential capabilities required for various cybersecurity roles within the Department of Defense. This alignment not only guarantees that the training is relevant and comprehensive but also that it prepares you to meet the specific operational needs and standards of the DoD cyber workforce.

• knowledge

  ID	Description
  22	Knowledge of computer networking concepts and protocols, and network security methodologies.
  108	Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  1158	Knowledge of cybersecurity principles.
  1159	Knowledge of cyber threats and vulnerabilities.
  6900	Knowledge of specific operational impacts of cybersecurity lapses.
  6935	Knowledge of cloud computing service models Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS).
  6938	Knowledge of cloud computing deployment models in private, public, and hybrid environment and the difference between on-premises and off-premises environments.
  62	Knowledge of industry-standard and organizationally accepted analysis principles and methods.
  68	Knowledge of information technology (IT) architectural concepts and frameworks.
  69A	Knowledge of risk management processes and requirements per the Risk Management Framework (RMF).
  107	Knowledge of resource management principles and techniques.
  129	Knowledge of system life cycle management principles, including software security and usability.
  296	Knowledge of how information needs and collection requirements are translated, tracked, and prioritized across the extended enterprise.
  954	Knowledge of import/export control regulations and responsible agencies for the purposes of reducing supply chain risk.
  979	Knowledge of supply chain risk management standards, processes, and practices.
  1004A	Knowledge of information technology (IT) acquisition/procurement requirements.
  1021	Knowledge of risk threat assessment.
  1037	Knowledge of information technology (IT) supply chain security and risk management policies, requirements, and procedures.
  1061A	Knowledge of the acquisition/procurement life cycle process.
  1125	Knowledge of Cloud-based knowledge management technologies and concepts related to security, governance, procurement, and administration.
  1130	Knowledge of organizational process improvement concepts and process maturity models (e.g., Capability Maturity Model Integration (CMMI) for Development, CMMI for Services, and CMMI for Acquisitions).
  1133	Knowledge of service management concepts for networks and related standards (e.g., Information Technology Infrastructure Library, current version [ITIL]).
  1136A	Knowledge of use cases related to collaboration and content synchronization across platforms (e.g., Mobile, PC, Cloud).
  6290	Knowledge of how to leverage government research and development centers, think tanks, academic research, and industry systems.

• skills

  ID	Description
  203	Skill in identifying measures or indicators of system performance and the actions needed to improve or correct performance, relative to the goals of the system.
  1002	Skill in conducting audits or reviews of technical systems.
  6942	Skill in designing or implementing cloud computing deployment models.
  6945	Skill in migrating workloads to, from, and among the different cloud computing service models.

• abilities

  ID	Description
  325A	Ability to ensure security practices are followed throughout the acquisition process.
  6918	Ability to apply cybersecurity strategy to cloud computing service and deployment models, identifying proper architecture for different operating environments.
  6919	Ability to determine the best cloud deployment model for the appropriate operating environment.

• tasks

  ID	Description
  537	Develop methods to monitor and measure risk, compliance, and assurance efforts.
  1143A	Conduct import/export reviews for acquiring systems and software.
  811	Provide ongoing optimization and problem solving support.
  813	Provide recommendations for possible improvements and upgrades.
  840B	Review or conduct audits of programs and projects.
  936	Develop security compliance processes and/or audits for external services (e.g., cloud service providers, data centers).
  949	Evaluate the effectiveness of procurement function in addressing information security requirements and supply chain risks through procurement activities and recommend improvements.
  1147A	Develop data management capabilities (e.g., cloud based, centralized cryptographic key management) to include support to the mobile workforce.
  1148B	Ensure supply chain, system, network, performance, and cyber security requirements are included in contract language and delivered.
  5610	Review service performance reports identifying any significant issues and variances, initiating, where necessary, corrective actions and ensuring that all outstanding issues are followed up.