Cybersecurity yields potential business opportunities for a firm to better serve its clients. Cyber threats come in all shapes, sizes, complexity and are ever-evolving. Attacks are causing great financial loss and serious damage to companies. It is essential for organizations to establish a baseline for identifying critical components that must be incorporated into any cybersecurity risk management approach. Participants will learn how to keep abreast of the latest cybersecurity trends, manage risks, and ensure that clients have a sound risk management program to safeguard their organization. Once a baseline has been established, firms can take these competencies and conduct readiness assessments for their clients through consulting or advisory services.
Course ID: CSAE
Cybersecurity Advisory Services: Readiness Assessment Deep Dive
- Apply knowledge of an effective cybersecurity risk management program to analyze an entity’s program and conduct a readiness assessment.
- Differentiate the various frameworks available (e.g., NIST, ISO, TSC, or combination thereof), considering when and how to use each framework, including pros and cons of each.
- Apply tests to an entity’s cybersecurity controls and other risk management activities based on existing frameworks.
- Identify recommendations for improvements based on procedures performed.
- Recognize the client service opportunities and risks in providing advisory services in the cybersecurity space.
• Cybersecurity risks to businesses and firms • Different cybersecurity controls frameworks (i.e., NIST, ISO, TSC, etc.) • Components of a cybersecurity risk management program • Internal controls and other risk management activities • Client recommendations in a readiness assessment • Client service opportunities
Who Should Attend
Firm practitioners performing consulting or advisory services
Fields of StudyAuditing
Some knowledge of a cybersecurity risk management program