This course provides a unique, in-depth look at recent US-based information systems and IT infrastructure compliance laws in both the public and private sector. Written by industry experts, this course provides a comprehensive explanation of how to audit IT infrastructures for compliance based on the laws, and the need to protect and secure business and consumer privacy data.

In addition to premium instructional content from Jones & Bartlett Learning’s comprehensive Information Systems Security and Assurance (ISSA) curriculum, this course provides access to hands-on paper-based labs, case scenarios, and handouts, and eBook (via CourseSmart).

Certification:

This course covers content within the following industry certification exams:

  • Certified Information Systems Security Professional (CISSP) – “Telecommunications and Network Security” domain
  • Security + – “Network Security” domain
  • Systems Security Certified Practitioner (SSCP) – “Networks and Communications” domain.
  • 8570.01 – “Network Security” domain

Course Duration:

4 days

What You’ll Learn

  • Role of ISS compliance in relation to US compliance laws
  • Use of standards and frameworks in a compliance audit of an IT infrastructure
  • Components and basic requirements for creating an audit plan to support business and system considerations
  • Different parameters required to conduct and report on IT infrastructure audit for organizational compliance
  • Information security systems compliance requirements within the user domain
  • Information security systems compliance requirements within the workstation and LAN domains
  • Use an appropriate framework to implement ISS compliance within the LAN-to-WAN and WAN domains
  • Information security systems compliance requirements within the remote access domain
  • Information security systems compliance requirements within the system/application domain
  • Qualifications, ethics, and certification organizations for IT auditors

Who Needs to Attend

  • Information security analysts
  • Payroll specialists
  • IT infrastructure security specialists
  • Anyone making decisions about which information technology and cyber security products to use

Prerequisites

General knowledge of networking and management information systems

Course Outline

1. The Need for Compliance

  • The Need for Information Systems Security Compliance
  • Overview of US Compliancy Laws
  • What Is the Scope of an IT Audit for Compliance?

2. Auditing for Compliance: Frameworks, Tools, and Techniques

  • Auditing Standards and Frameworks
  • Planning an IT Infrastructure Audit for Compliance
  • Conducting an IT Infrastructure Audit for Compliance
  • Writing the IT Infrastructure Audit Report
  • Compliance within the User Domain
  • Compliance within the Workstation Domain
  • Compliance within the LAN Domain
  • Compliance within the LAN-to-WAN Domain
  • Compliance within the WAN Domain
  • Compliance within the Remote Access Domain
  • Compliance within the System/Application Domain

3. Ethics, Education, and Certification for IT Auditors

Labs

Lab 1: Assess the Impact of Sarbanes-Oxley (SOX) Compliance Law on Enron

Lab 2: Align Auditing Frameworks for a Business Unit within the DoD

Lab 3: Define a Process for Gathering Information Pertaining to a HIPAA Compliance Audit

Lab 4: Align an IT Security Assessment to Achieve Compliance

Lab 5: Define a Process for Gathering Information Pertaining to a GLBA Compliance Audit

Lab 6: Auditing the Workstation Domain for Compliance

Lab 7: Auditing the LAN-to-WAN Domain for Compliance

Lab 8: Auditing the Remote Access Domain for Compliance

Lab 9: Auditing the Systems/Application Domain for Compliance

Lab 10: Professional Information Systems Security Certifications-Charting Your Career Path