Raw and unfiltered corporate socially responsible (CSR) news, reports, and research distribution.
  HOME  | EVENTS  | REPORTS  | RATINGS  | MEMBERS  | BOOKS  | VIDEO, COMMENTARY & RESEARCH
July 19, 2008
Saturday
Search
 by Company Name
 by Keywords
Advanced Search

Corporate Social Responsibility Event

CSRwire

Logo
9.20.2007 - 9.20.2007

Auditing Information Security

CSRwire

Auditing Information Security - Evaluating the Effectiveness of Your Information Security Program



by Dan Swanson and Clint Kreitner



Description:

This 2-hour event will show you how to audit your information security program. The information security program is a critical component of every organization's risk management effort, providing the means to protect the organization's information and other critical assets. A well-managed business unit (and/or program) has robust plans, procedures, goals, objectives, trained staff, performance reporting, and ongoing improvement efforts.

The audit team will look for evidence that the information security program is well organized and well managed. The security program must also specifically mitigate risks in satisfying key business objectives, and this traceability must be clear.

Your information security audit should confirm that key risks to the organization are being identified, monitored, and controlled; that key controls are operating effectively and consistently; and that management and staff have the ability to recognize and respond to new threats and risks as they arise. Audits and reviews of your information security program and its management advance the goal of program oversight and ensuring continuous improvement and success.

Discussion topics will include:

  • Audit scope
  • What is the goal?
  • Planning efforts
  • The general audit steps
  • Audit risk assessment
  • Audit objectives
  • Audit approach
  • What auditors like to see
  • Audit testing
  • Issues to watch out for
  • Other considerations
  • The audit report

    Who will benefit?

  • CISOs
  • CIOs
  • Senior IT Managers
  • Chief Audit Executives
  • IT Auditors
  • Executive Management with oversight responsibilities for security
  • Risk Managers

    Faculty:

  • Dan Swanson - President and CEO, Dan Swanson & Associates

  • Clint Kreitner - President and CEO, The Center for Internet Security

    Downloads:

    This session will be interactive and include valuable downloads for members and participants to facilitate information security efforts:

  • Avoiding IS Icebergs

  • IT Audit Checklist: Information Security

  • Ask the Auditor: Who is Responsible for Information Security?

  • IT Audit Checklist: Payment Card Industry (PCI)


    • Date: September 20, 2007

    Time: 10:00 am PST / 1:00 pm EDT - 12:00 pm PST / 3:00 pm EDT

    Price: Free for Ethisphere Council members ($299 for non-members)
    All participants will receive an hour-long one-on-one consultation with Dan Swanson and an Ethisphere associate.

    To Register: Click here to register for this event.

    CSRwire

    Event Location

    Virtual Event

    CSRwire

    Sponsoring Company/Organization

    CSRwire

    Web Site

    ethisphere.com/sept-20-ethisphere-symposium/

    CSRwire

    For More Information Contact

    Erin Russell, Ethisphere Council Associate
    Ethisphere
    602-712-9919 ext. 125
    www.ethisphere.com