Due to the high demand WMISACA is adding this second (repeat) virtual training session for audit and security of cloud based services. Therefore, if you wanted to attend but were unable to register for the Thursday session you may now register for the Friday session.
Friday, April 17, 2020.
Where
Virtual Event - Online Seminar
This seminar is intended to provide the attendee the base level knowledge required to perform IT Governance audits. The seminar instructor, Mitch Levine, has an established track record of taking complex industry requirements and structuring a presentation that breaks them into easily understood approaches based on his “real life” audit and systems deployment experiences.
Learning Objectives
Cloud-Based Computing: An Architectural Overview
- Cloud network models
- key drivers for moving towards cloud-based services
Software as a Service (SaaS)
- SaaS security and audit concerns
Platform as a Service (PaaS)
- major development providers/platforms
- PaaS security and audit concerns
Infrastructure as a Service (IaaS)
- network security, host security in the cloud
- data storage/SAN in a cloud IaaS environment
- IaaS security and audit concerns
Brokered Cloud Services
- cloud aggregators
- cloud brokers
- cloud management service portals
Security as a Service
- identity management as a service
- security event monitoring/IDS as a service
- vulnerability management as a service
- data leakage prevention as a service/web filtering, e-mail filtering
Cloud-Based Security Standards and Dependencies
- directories and identity management
- federated identities
- security standards: SPML, XACML, OAuth, OpenID, others
Governance in a Cloud Services Environment
- key performance indicators
- audit trails for cloud-based services
- service level agreements, licensing
- legal complexities: data privacy, globalization, trans-border constraints
- third-party assessments and certifications: ISO 27001
Disaster Recovery in a Cloud-Based Environment
- SPI HA architectures
- virtualized environments and impact on disaster recovery
- updating and testing disaster recovery plans
Cloud Security and Audit
- key risks and audit concerns
- identifying key controls and mitigations
- cloud-based risk analysis models: ENISA, NIST, CSA
- security best-practices models for cloud-based services
- audit techniques and tests in a cloud-based environment
One case study will be presented during this seminar which will provide the attendee the understanding of how to assess the IT Governance structure, risk management and compliance functions.
Who Should Attend
Auditors; Audit Managers and Directors; Information Security professionals
CPE = 8 hours
COST = $175
Registration Deadline
Friday, April 10, 2020