Tech500: Using ISO 27002 to Audit Mobile Technology

 

Description: This one day workshop starts with a quick review of the ISO series and why 27002 replaces ISO 17799-2005.  We include a short discussion on why such an approach is beneficial and how it can be used to ensure management buy-in and acceptance. The seminar provides a methodology for ensuring an effective audit of mobile technologies. Attendees follow a clearly documented and internationally based security standard which helps you stay abreast of current legislative requirements. This entertaining seminar guides you through the ISO standard in a detailed manner ensuring that all risks are reviewed and assessed with key explanations of how each area relates to mobile security. Essentially, you will be performing an audit during the seminar, providing the experience to launch your own detailed review when you return to the office.

 

Audience: This seminar is intended for internal and external audit professionals, security staff as well as security consultants who wish to learn more about performing an audit on Mobile technology.


Prerequisites: There is no prerequisite for this seminar.


Objectives: After completing this seminar, participants will be able to:

·         Recognize how the ISO standard can be used to enhance their audit

·         Describe how the approach improves audit acceptability

·         Understand best practices in mobile technology

·         Understand which steps within the standard are critical and which might be optional

·         Conduct an assessment and technical review of their organization's mobile technology


Course Outline:

Types of standards available

Why ISO 27002?

How does it differ from the older ISO 17799-2005?

Software tools and techniques for ensuring security

Understanding and Implementing Best Practices

Which parts of the Standard apply to Mobile Technology?

Performing the audit process, step by step

 

Mr. Lewis’ seminar will draw upon the experience gained in his almost 30 years of experience in the areas of IT operations and information security in both industry and consulting.