Cyberattacks are not the matter of IF, but WHEN.
2️⃣ Evolving regulatory requirements
3️⃣ Difficulty in assessing and managing IT risks
4️⃣ Increasing need for effective security controls
5️⃣ Auditing emerging technologies
IT & Cybersecurity Audit
The 2-day IT & Cybersecurity Audit and Compliance course aims to address these challenges by equipping participants with the necessary knowledge and skills.
5 INTENSIVE MODULES
✅Risk Management
✅Security Controls
✅Planning & Execution
✅Reporting & Remediation
✅Emerging Technologies & Risk
5 PRACTICAL EXERCISES
✅IT risk management case study
✅Selection of different types of IT/ cyber audits
✅Selection of different types of IT/ cyber audits
✅IT audit planning memo
✅Audit planning on emerging technology or risk
- UNDERSTAND the fundamentals of IT/Cybersecurity audit and compliance, including key concepts, principles, and terminology.
- GAIN insights into relevant regulatory frameworks and industry standards such as ISO 27001, NIST, PCI DSS, HiTrust.
- DEVELOP a systematic approach to conducting IT/Cybersecurity audits, risk assessments, and vulnerability assessments.
- LEARN to identify, assess, and manage IT security risks in alignment with business objectives and compliance requirements.
- ACQUIRE knowledge of audit methodologies, techniques, and tools for evaluating the security posture of IT systems and infrastructure.
- UNDERSTAND the role of compliance in IT security and develop strategies for ensuring adherence to applicable laws and regulations.
- UNDERSTAND the importance of continuous improvement and ongoing monitoring to maintain a secure and compliant IT environment.
Hundreds of hours of research, study, planning and fine tuning go into the production of each of our trainings. Our course developers have looked at your industry’s needs. This course reflects the latest findings and best practices in your field today and addresses issues up-to-the-minute. You will get tools, tips, strategies that are proven and tested against real world situations as you learn from case studies and the experience of our expert trainers. Our trainings are comprehensive, in-depth, and packed with need-to-know information you can use as soon as you return to your workplace.
HO WAI KHIN
Wai Khin leads a team of professionals to manage the Firm’s and clients’ technology governance, risk, compliance (“GRC”) programmes to meet legal, human resources, audit, IT, risk management and information security requirements. With significant experience in this sphere, he engages in the innovation of ideas to implement value-added GRC programmes to support both the Firm’s and the client's organisational objectives to build robust GRC frameworks that go beyond regulatory compliance.
He is experienced in ISO 27001/Cyber Security Trust Mark certification projects, Singapore Monetary Authority of Singapore (MAS) Technology Risk Management review, MAS Outsourcing review, IT due diligence for mergers & acquisitions, SOX ITGC review, Singapore's Personal Data Protection Act (PDPA), and other internal and external IT compliance requirements.
Wai Khin previously provided in-house audit
assurances and security and business continuity advisory services for several organisations, while working for a Big 4 firm. He was also a recipient of the Cybersecurity Leader Awards 2022 and was conferred the “Leader Award” (Professional Category) in recognition of his contributions made in the cybersecurity space in Singapore.
This course is suitable for professionals seeking to enhance their knowledge and skills in the field of IT/ Cybersecurity audit and compliance:
- IT Security,
- Risk Management,
- Compliance,
- Auditing,
- Governance.
“This training went beyond my expectations as it brought more insights to scope of cyber security audit. I am now better equipped to handle risk and implement audit control. I can now apply the cyber auditing methodology to ensure that the bank is well protected.”
IT Group Risk and Compliance Executive, Bank Rakyat
“I found the key concept learnt very useful and really appreciated Mr Hoi’s sharing of his vast experience. My key takeaways are audit planning preparation, risk based assessment, top/bottom up evaluation, internalizing and utilising best practices.”
Head of IS and Project Audit, Telekom Malaysia
“A very informative course and there are many new things learnt! I will use all the techniques taught in my audit assignments moving forward. I have learnt about the importance of IT audit, emerging risks of IT audit and the various IT audit frameworks like NIST.”
Senior Internal Audit Manager, Securities Commission Malaysia
“Best training ever, the speaker teaches in a fun manner and is very well versed in this field. My main takeaways are IT cybersecurity review, IT risk assessment, checklist of Request of Information and many more.”
Senior Audit, Risk and Compliance Executive, Institut Jantung Negara
Akzonobel Paints,
Allianz General Insurance, Alstom, Arvato
Bertelsmann, AstraZeneca, BASF, Bayer, British American Tobacco, Canon Marketing, Chevron,
CIMB, Bank Negara, Crowne Plaza Group of
Hotels, EON, ETIQA, Fairchild, Gamuda Group,
Gleneagles Hospital Group, IOI Group of
Companies, JT International, LB Aluminum,
MARCO Corporation, Maybank, NEC, OSK,
Pantai Hospital Group, Pelabuhan Tanjung
Pelepas, PIDM, Prudential Assurance Malaysia,
SAMSUNG, Securities Commission, SHELL
Refinery, Takaful Malaysia, UMW Toyota,
Western Digital, and many more.
