back

Protection of Information Assets

8 H 2 M

Just you? Training a whole team? There's an ITProTV plan that fits.

Start Training Today
Episodes
Episodes
  • Information Asset Security and Control
    • Overview
    • Frameworks, Standards and Guidelines
    • Roles and Responsibilities for Auditing the IS Management Framework
    • Recommended IT Security Baseline
    • Principles of Data Privacy
    • Physical Access and Controls
    • Environmental Controls
    • Identity and Access Management
    • Logical Access and Authorization Issues
    • Audit Logging of System Access
    • Data Loss Prevention
  • Networks, Data Encryption and Techniques
    • Network Infrastructure
    • Applications in a Networked Environment
    • Network Infrastructure Security Firewalls
    • Change Management in Networks
    • Encryption Systems
    • Applications of Cryptography
    • The Public Key Infrastructure
    • IS Audits and Social Media
    • Virtualization and Cloud Computing
  • Security Event Management
    • Security Awareness Training
    • IS Attack Methods and Techniques
    • Testing Techniques for Security Controls
    • Network Penetration Testing
    • Monitoring Tools
    • Incident Response Management
    • Evidence Collection and Forensics

Overview

4 M

itprotv course thumbnailitprotv course thumbnailitprotv course thumbnail
  • Episode Description
  • Transcript

This is the fifth of five courses that help prepare you for the ISACA Certified Information Systems Auditor certification. In this course you will look at the key components that ensure the CIA triangle (confidentiality, integrity, availability) of Information Security is maintained. You will learn the proper design and application of logical and physical access controls, network infrastructure security, and the role of the IS auditor in regard to these procedures.

WEBVTT >> Hey, everyone, and welcome. My name is Anthony Sequero with ACI Learning, and I am thrilled to be here with my good friend of many decades, Chris Ward, as we are going to be discussing the protection of information assets. Chris, before we get started, how about a little background about yourself? I know you're qualified to deliver this content, but why not share a little bit about yourself with our students? >> Yeah, thanks, Anthony. Always good to be back with you, and I know we can now measure this in decades. That's a scary thing, my friend. That is a scary thing. But part of the reason why Anthony and I have been working together for decades is we both have been working in the information technology world and also in information systems for years and years. And one of the things that I bring to the table here for this course is my background in project management, IT service management. I am a PMP, project management professional, agile certified professional, professional scrum master. That's kind of the project management side of things. And then in IT service management, I am an ITIL 3 expert and an ITIL 4 master. So working in that realm. And part of that, of course, is working with the world of audit, especially when we're talking about information systems. And so that's kind of my background of what I want to do. And Anthony, I know you've got quite the background in security and governance as well. >> Yeah, I did not go as deep into these subjects as Chris, of course, but I've got my feet wet with this, and it's great. And it's interesting, just as Chris has come from, he didn't really play this up much, but he comes from an incredible IT background as well. So he is the perfect person to be leading us through this content. So Chris, as you look at this content on the protection of information assets, what is it that gets you most excited? What are you most excited for in this course? >> Well, I think one of the things that-- I mean, almost anybody who steps into this, they come maybe from a financial audit standpoint. Maybe that's you. Maybe you're here just because, hey, I want to get some CPEs, maintain my status. Or maybe this is a world that you know that, hey, technology, especially information technology and information systems, it's starting to take over almost everything. And so having that background is good. So what excites me the most, as Anthony says, is that some of the things that I learned in the world of IT, working in Cisco and Microsoft in the CompTIA world, when it comes to things like encryption and the public key infrastructure, well, how do we make sure that our organization is in compliance to both policies as well as regulatory requirements that come down from anything from the federal government here in the states to local governments making requirements for privacy and data protection? And so those are the things that really excite me about this, because we are truly talking about protecting the assets that our organization has in the realm of information. Because really, that's what we're looking at, right? Information systems, information technology, that big word right in front, information is huge. And so in these episodes, as we go through both Anthony and I, we're going to walk you through some of the things as an auditor that you're going to look at maybe from a slightly different perspective. Of course, hey, if you want to have somebody go in and set up your public key infrastructure maybe internally, or maybe you want to go out and use the cloud, hey, Anthony Sequera is one of the people you want on your team. I can come in and help out with some of the policies and controls, and that's what we're able to do. But see, it's a different perspective than somebody who is actually maintaining or installing or implementing these things. We still need to understand as auditors the basics behind this. And so Anthony, that's what we're going to be covering >> in these episodes. Super exciting, important courseware, and it just gets more important, it seems like with every passing year, this type of information is just so critical. Well, we've got a lot of great content planned for you. So with no further ado, we'll wrap up this introduction, and we hope to see you in the very next video.