Cybersecurity Focus Areas, Risk Prioritization and Key Audit Steps

When:  Mar 15, 2019 from 08:00 to 16:30 (ET)
Associated with  Rhode Island Chapter

Register 3 and the 4th is free! 
After registering > 3 c
ontact with the name and email address of the 4th person who will be added to the event registration list.

Presentation Slides:


This course will provide a practitioner’s viewpoint for both audit and cyber security professionals. Beginning with underlying fundamentals of cyber security, then going step by step through the primary focus areas, risk prioritization and key audit steps, this is a course for any auditor wanting to learn how to address cyber security as a key audit risk.

  1. Select and implement a cybersecurity framework
  2. Audit against a cybersecurity framework
  3. Develop a prioritized remediation plan
  4. Audit cybersecurity maturity
I. Overview/Key Terms
II. Primary Focus Areas
III. Continuous Improvement
IV. IT Risk Management
V. Key Audit Steps

    John Sapp, CISSP, CGEIT, CRISC, HCISPP, is currently the Global Information Security Officer at Orthofix International, a global medical device company focused on improving patients' lives by providing superior reconstructive and regenerative orthopedic and spine solutions to physicians worldwide.

    John is a seasoned, visionary and strategic global Information Security
    professional, Data Privacy and IT Risk Management executive with 30 years of combined in-depth cross-industry experience, which includes (among others):
    • Healthcare (Clinical Trials, Payer, Provider and Technology Solutions Vendor)
    • Financial Services (Consumer Banking, Investment Banking and Insurance)
    • Management Consulting
    • Telecommunications
    John has worked at many highly-regarded organizations throughout his 30+ year career, including Oracle, McKesson, Cap Gemini and Coopers & Lybrand. John is also a first cousin of NFL Hall of Famer Warren Sapp. John is a celebrated leader in his field. He has been honored for his leadership and ingenuity in information technology, including:
    • 2013 ISE Nominee – Information Security Executive of the Year (Healthcare) North America Region
    • 2013 ISE Celebrated Information Security Executive of the Year – Central Region
    In 2012, John was one of 25 professionals awarded the TBS Cyber Security Visionary Award. Additionally, in May of 2012, John was one of 65 cybersecurity industry leaders invited to The White House in May 2012 to discuss the National Strategy for Trusted Identities in Cyberspace (NSTIC).

    Continental Breakfast and Lunch Included

    Registration Fee for Students: $60 (must present current student ID). Email for student registrations.

    Registration is limited, so please register early.


    100 Amica Way
    Lincoln, RI 02865
    Event Image