Alle episoder

The business impact analysis is a foundational activity in resilience planning. In this episode, you will learn how to audit BIA processes, assess doc...

Operational resilience is about sustaining essential services under stress. This episode explains how auditors evaluate systems for fault tolerance, h...

Backup and restoration processes are critical for protecting data integrity and ensuring continuity. In this episode, you will learn how to evaluate b...

Business continuity planning ensures the organization can operate during and after disruptions. This episode explains how auditors evaluate continuity...

Disaster recovery focuses on restoring IT systems after an outage or catastrophic event. In this episode, you will learn how to audit DR plans, assess...

Domain 5 is all about securing information against unauthorized access, alteration, or loss. This episode provides a strategic overview of confidentia...

Security frameworks provide the structure for implementing effective controls. In this episode, you will learn how to evaluate ISO 27001, NIST, COBIT,...

Physical security is a foundational element of protecting information systems. This episode covers perimeter defenses, badge access, fire suppression,...

Access control is a critical concept tested throughout the CISA exam. In this episode, you will learn how to audit identity provisioning, authenticati...

Network and endpoint security controls are essential for protecting IT infrastructure. This episode explains how to audit firewalls, intrusion detecti...

Data loss prevention (DLP) tools and policies help prevent unauthorized exposure of sensitive information. In this episode, you will learn how to eval...

Encryption is one of the most powerful tools for protecting sensitive data. This episode explains how to audit encryption in transit and at rest, eval...

Public Key Infrastructure supports digital trust by enabling secure authentication and communication. In this episode, you will learn how to audit PKI...

Cloud and virtual systems require unique controls and audit approaches. This episode focuses on how to evaluate cloud security, shared responsibility ...

Endpoint diversity brings complexity to audits. In this episode, you will learn how to evaluate controls for mobile devices, wireless networks, and In...

Human error is a top cause of security breaches. This episode covers how to evaluate security awareness training programs, including content quality, ...

To audit effectively, you must understand how systems are attacked. This episode introduces common techniques such as phishing, malware, denial of ser...

Security testing reveals weaknesses before attackers can exploit them. This episode explains how to audit vulnerability scanning, penetration testing,...

Ongoing monitoring is vital for detecting and responding to threats. In this episode, you will explore how to evaluate log management, SIEM systems, n...

Incident response is a structured process that minimizes damage and recovers operations. This episode covers detection, escalation, containment, recov...

Auditors may need to evaluate how evidence is preserved and used in investigations. This episode introduces forensic readiness, chain of custody, data...

Audit planning is the foundation of a successful engagement. In this episode, you will learn how to define audit scope, assess risk, allocate resource...

This episode focuses on ISACA's audit standards and how to apply them during each phase of the audit process. You will learn how to ensure consistency...

Auditors often lead projects that require formal planning and control. This episode explains how to apply project management principles within the aud...

Effective communication is a key skill for audit professionals. This episode covers how to present findings clearly, structure audit reports, and deve...

The audit is not complete until findings have been addressed. This episode focuses on follow-up activities, including how to verify remediation, reass...

Data analytics is transforming how audits are conducted. In this episode, you will explore how to apply analytic tools for risk assessment, control te...

Automated systems introduce unique risks and controls. This episode teaches you how to audit robotic process automation, decision engines, AI tools, a...

Audit functions must be continuously evaluated and improved. This episode covers quality assurance techniques including internal assessments, external...

IT strategy must support business goals and risk tolerance. In this episode, you will learn how to assess whether IT initiatives are aligned with ente...