Home | Services | Newsletter | Other Links | Contact Us

presents

OverviewSeminar Objectives/Course Content. This seminar will provide current information on the increased concerns for Privacy and explore responsibilities, methods and technologies to ensure privacy as it relates to confidentiality and integrity of corporate and personal information. Securing corporate information assets will be discussed while focusing on the audit implications of security assurance within a networked environment. We will review all areas of the Information Technology environment and the associated security risks and audit techniques for each area.This seminar will include multiple hands-on demonstrations of Privacy and Security related information gathering technologies and hacking techniques to gain privileged access to business information systems that may contain Personally Identifiable Information (PII). Objectives· Understand current Privacy Issues and regulations affecting corporate Privacy policy· Review Privacy/Confidentiality as it affects today's connected networks · Identify critical security devices and understand the audit processes to ensure proper security · Understand the network architectures and devices as it relates to security and audit · Identify five immediate steps to review for corporate privacy compliance and appropriate security assurance for corporate assets. Data PrivacyIntroductionPrivacy - the Hype and The Realities · Current State of Privacy · Data Aggregation · Privacy Examples Privacy Expectations - Employees/Customers · Communications - Email, Voice, Chat · Personal Information · Third Party Access Privacy Expectations - Business Management · Communications - Email, Voice, Chat · Personal Information · Third Party Access Privacy Law and Regulations · Health Insurance Portability and Accountability Act (HIPPA) · Gramm-Leach-Bliley Act (GLBA) · Federal Trade Commission (FTC) · Federal Regulation · State Regulation · International Issues Privacy Policies · What's Required · Writing a Policy - The Good, The Bad, Examples · Ensuring Compliance Future of Privacy · Certifications/Privacy Seals · Technologies · Legislation Providing Confidentiality and Integrity in Today's NetworksSecurity Overview· Legal Regulations and Requirements · The Realities of Security · Security in the News Risk Assessment Providing a Security Template - Security Policy Security Architecture Definition Security Testing & Validation · Penetration Testing · Third Party Validation Securing the Perimeter · Security by Obscurity · Routers · Gateways · Firewalls Securing Protocols Securing Network Infrastructure · Routers · Switches · Gateways · WAN Authentication & Authorization · Banners · Passwords · Strong Authentication · Biometrics · PKI Securing the Data - Encryption Secure Distributed Access · B2B · Traveling Clients · Broadband Clients (DSL and Cable Modem) · Virtual Private Networks Application Security · Development · WEB · Database · Application Data Flow Content and Liability Management · To Control or Not? · Legal Issues Security Management · Intrusion Detection · System Hardening · Monitoring and Response · Ensuring Policy Compliance · Documentation Business Continuity and Disaster Plan Learning Objectives. Completion of this course will result in improving your ability to audit data privacy and security related issues, including: (1) identifying what to audit, (2) how to audit, (3) and providing insight into the appropriate tools and techniques to use. Program Level/Professional Experience - Advanced. Course is designed for auditors with backgrounds and related experience in auditing in IT (information technology) enviornments. Additionally, knowledge of current data privacy and security related issues is recommended. Knowledge Requirements. Internal auditors with a working knowledge and hands-on experiences in auditing in IT environments. Advanced Preparation. None required. Additional seminar information:
Audit Services is registered with the National Association of State Boards of Accountancy
(NASBA), as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be addressed to the National Registry of CPE Sponsors, 150 Fourth Avenue North,
Suite 700, Nashville, TN 37219-2417. Web site: www.nasba.org To Register, contact us via email, telephone, or mail (information provided below)
Contact Us IT Audit / Pre-QAR / CIA / 1 Stop IA Shop / IA Manual |