top of page

Auditing Cybersecurity - Auditing What Matters

Tichaona Zororo
Director of Enterprise Governance of IT (EGIT)

Workshop Outline

Introduction

Cybersecurity is one of the biggest risk facing today’s organizations. Recent cybersecurity attacks indicate more threatening ones ahead as evidenced by numerous disruptive breaches that often require affected organizations to pay hundreds of millions of US dollars to cover costs of the attacks.

​

While these enterprises share similar misfortune of experiencing incidents, the incidents themselves are normally not all the same.

​

In its 18th Global Risks Report on January 2023 the World Economic Forum mentioned widespread cybercrime & cyber insecurity as one of the top technological risks and cybersecurity on critical infrastructure amongst the top 5 currently manifesting risks that will have a severe impact at a global level in 2023.

​

As breaches become more significant, they are causing increased financial impact. The WannaCry, Petya and NotPetya attacks of 2017 had unprecedented financial effect some which are still being felt even today more than 5  years after they occurred.

​

Cybersecurity is probably the most discussed topic amongst Board of Directors, Senior Executives, Internal Auditors, Audit Committees, and Risk Management Committees.

​

In today’s world of increased digital vandalism Auditors play an integral role in ensuring that cybersecurity risks are addressed appropriately; It has not only become imperative that risk-based Auditors should include cybersecurity in their agile risk-based audit plans but audit what matters in cybersecurity.

​

Course Objectives

At the end of this course delegates will be able to:

Define & understand cybersecurity

  • Understand the difference between information security and cybersecurity

  • Comprehend cybersecurity concepts and definitions

  • Appreciate in-depth Incident Response Plan [IRP]

  • Understand Automotive Cybersecurity

  • Define Cybersecurity Governance

  • Gain Skills and Knowledge to Perform a Value-Adding Cybersecurity Auditing

  • Learn Practical Ways of Auditing Cybersecurity and Auditing Lessons from some renowned Cybersecurity Attacks:

  • Learn emerging trends in cybersecurity

​

​

​

​

​

​

bottom of page