IT security doesn't have to be scary. You can do many controls-based reviews without deep expertise. In this session, you will come along on a real-life journey of how Virginia Tech's internal audit team uses several common IT security frameworks to conduct a basic and intermediate-level security controls review of endpoints, servers, and applications. We will focus on the practical and share the pitfalls we've learned along the way with the goal of providing as many resources as possible to help ensure your success.
At the end of this session, attendees will be able to:
- Understand the common IT security frameworks.
- Use the foundational knowledge and resources gained to conduct IT controls reviews.
- Understand how internal audit can partner with IT to strengthen their organization’s information security programs.
Field of Study: Auditing
Instructional Delivery Method: Group Internet Based
Advanced Preparation: None