ISACA Launches New Audit Program for Security Incident Management
Announcement posted by Established Media 04 Mar 2020
Auditors can access clear control objectives, controls and testing steps for each step of the assurance process
Sydney, Australia (4 March 2020) – Security incidents are only growing in number—according to ISACA’s 2019 State of Cybersecurity survey report, part 2, 46 per cent of respondents believe that their enterprises are experiencing an increase in attacks relative to last year. In light of this, incident management programs are more important than ever, and with ISACA’s newly launched Security Incident Management Audit Program, audit professionals now have the tools to more effectively evaluate incident management programs and achieve greater assurance.
The audit program covers process areas of security incident management programs and clearly outlines process sub-areas —like detection and analysis, forensics, and change management during program implementation as well as control objectives, controls and testing steps in a customisable spreadsheet. The audit program examines assurance across areas such as:
The Security Incident Management Audit Program is US $25 for ISACA members and US $49 for non-members. To access, visit www.isaca.org/bookstore/audit-control-and-security-essentials/wapim2. To explore additional audit programs and other resources, visit www.isaca.org/resources.
About ISACA
For more than 50 years, ISACA® (www.isaca.org) has advanced the best talent, expertise and learning in technology. ISACA equips individuals with knowledge, credentials, education and community to progress their careers and transform their organisations, and enables enterprises to train and build quality teams. ISACA is a global professional association and learning organisation that leverages the expertise of its 145,000 members.
Contact:
Julie Fenwick, jfenwick@daylightagency.com.au, 0468 901 655
Lauren Graham, lgraham@daylightagency.com.au, 0432 614 401
The audit program covers process areas of security incident management programs and clearly outlines process sub-areas —like detection and analysis, forensics, and change management during program implementation as well as control objectives, controls and testing steps in a customisable spreadsheet. The audit program examines assurance across areas such as:
- Program design and implementation—Exploring processes including risk analysis; awareness and training; detection and analysis; and containment, eradication and recovery
- Tools and technologies—Covering areas such as software, vulnerability assessments, and configurations of workstations and servers
- Reporting best practices—Including reports and escalation documents, as well as a formal process for root cause analysis
- Lessons learned—Factoring in steps such as a protocol for post-incident reflection
The Security Incident Management Audit Program is US $25 for ISACA members and US $49 for non-members. To access, visit www.isaca.org/bookstore/audit-control-and-security-essentials/wapim2. To explore additional audit programs and other resources, visit www.isaca.org/resources.
About ISACA
For more than 50 years, ISACA® (www.isaca.org) has advanced the best talent, expertise and learning in technology. ISACA equips individuals with knowledge, credentials, education and community to progress their careers and transform their organisations, and enables enterprises to train and build quality teams. ISACA is a global professional association and learning organisation that leverages the expertise of its 145,000 members.
Contact:
Julie Fenwick, jfenwick@daylightagency.com.au, 0468 901 655
Lauren Graham, lgraham@daylightagency.com.au, 0432 614 401