Evaluating the security of an information system
Organizational, functional and intrusion tests
This training is intended for audit partners/associates (RSSI, Risk Managers or Operational Managers) and aims to provide them with the tools needed to implement security audits in order to improve the security of their organization.
The course lasts 1 day (7 hours).
To provide participants with the skills and information to enable them to determine the different types of audits to be carried out according to the security issues requiring attention.
Participants will have the knowledge to set audit objectives and develop an information system security audit program.
Course level: Basic
General understanding of the principles of security of information systems.
Thomas BOUSSON :
Consultant Manager, ON-X, more than ten years of experience, certified 27001 Lead Auditor.
- Topics covered during this training:
- The role of the audit in ISS
- The ISO 19011 standard for auditing
- Auditor approval/labeling (PASSI) (French auditing body)
- Right and duty of the partner and the auditor
- Setting objectives for audits and their perimeters
- Overview of present audit types: architecture audit, configuration audit, source code audit, intrusion test, organizational and physical audit
- Preparation of the audit
- Pitfalls to avoid
- Using audit results
Scheduled in French:
PARIS: NEXT DATE - PLEASE CONSULT US
For the English realization, please, consult us.
€680 excluding tax (20% VAT)