All Episodes
Displaying 61 - 90 of 105 in total
Episode 61: System and Operational Resilience
Operational resilience is about sustaining essential services under stress. This episode explains how auditors evaluate systems for fault tolerance, high availability,...
Episode 62: Data Backup, Storage, and Restoration Practices
Backup and restoration processes are critical for protecting data integrity and ensuring continuity. In this episode, you will learn how to evaluate backup frequency, ...
Episode 63: Developing and Maintaining a Business Continuity Plan
Business continuity planning ensures the organization can operate during and after disruptions. This episode explains how auditors evaluate continuity plan development...
Episode 64: Disaster Recovery Planning Fundamentals
Disaster recovery focuses on restoring IT systems after an outage or catastrophic event. In this episode, you will learn how to audit DR plans, assess backup infrastru...
Episode 65: Overview of Domain 5 – Protection of Information Assets
Domain 5 is all about securing information against unauthorized access, alteration, or loss. This episode provides a strategic overview of confidentiality, integrity, ...
Episode 66: Information Asset Security Frameworks, Standards, and Guidelines
Security frameworks provide the structure for implementing effective controls. In this episode, you will learn how to evaluate ISO 27001, NIST, COBIT, and organization...
Episode 67: Physical and Environmental Controls
Physical security is a foundational element of protecting information systems. This episode covers perimeter defenses, badge access, fire suppression, climate control,...
Episode 68: Identity and Access Management (IAM)
Access control is a critical concept tested throughout the CISA exam. In this episode, you will learn how to audit identity provisioning, authentication mechanisms, ac...
Episode 69: Network and Endpoint Security
Network and endpoint security controls are essential for protecting IT infrastructure. This episode explains how to audit firewalls, intrusion detection systems, antiv...
Episode 70: Data Loss Prevention
Data loss prevention (DLP) tools and policies help prevent unauthorized exposure of sensitive information. In this episode, you will learn how to evaluate DLP strategy...
Episode 71: Data Encryption Methods and Controls
Encryption is one of the most powerful tools for protecting sensitive data. This episode explains how to audit encryption in transit and at rest, evaluate key manageme...
Episode 72: Public Key Infrastructure (PKI)
Public Key Infrastructure supports digital trust by enabling secure authentication and communication. In this episode, you will learn how to audit PKI components, such...
Episode 73: Cloud and Virtualized Environments
Cloud and virtual systems require unique controls and audit approaches. This episode focuses on how to evaluate cloud security, shared responsibility models, virtual m...
Episode 74: Mobile, Wireless, and IoT Device Security
Endpoint diversity brings complexity to audits. In this episode, you will learn how to evaluate controls for mobile devices, wireless networks, and Internet of Things ...
Episode 75: Security Awareness Training and Programs
Human error is a top cause of security breaches. This episode covers how to evaluate security awareness training programs, including content quality, delivery methods,...
Episode 76: Information System Attack Methods and Techniques
To audit effectively, you must understand how systems are attacked. This episode introduces common techniques such as phishing, malware, denial of service, and SQL inj...
Episode 77: Security Testing Tools and Techniques
Security testing reveals weaknesses before attackers can exploit them. This episode explains how to audit vulnerability scanning, penetration testing, static code anal...
Episode 78: Security Monitoring Tools and Techniques
Ongoing monitoring is vital for detecting and responding to threats. In this episode, you will explore how to evaluate log management, SIEM systems, network monitoring...
Episode 79: Security Incident Response Management
Incident response is a structured process that minimizes damage and recovers operations. This episode covers detection, escalation, containment, recovery, and reportin...
Episode 80: Evidence Collection and Digital Forensics
Auditors may need to evaluate how evidence is preserved and used in investigations. This episode introduces forensic readiness, chain of custody, data integrity contro...
Episode 81: Planning Effective Information Systems Audits
Audit planning is the foundation of a successful engagement. In this episode, you will learn how to define audit scope, assess risk, allocate resources, and align obje...
Episode 82: Conducting Audits According to IS Audit Standards
This episode focuses on ISACA's audit standards and how to apply them during each phase of the audit process. You will learn how to ensure consistency, quality, and et...
Episode 83: Applying Project Management in IS Audits
Auditors often lead projects that require formal planning and control. This episode explains how to apply project management principles within the audit context. Topic...
Episode 84: Communicating Audit Results and Recommendations
Effective communication is a key skill for audit professionals. This episode covers how to present findings clearly, structure audit reports, and develop actionable re...
Episode 85: Conducting Post-Audit Follow-Up
The audit is not complete until findings have been addressed. This episode focuses on follow-up activities, including how to verify remediation, reassess risk, and upd...
Episode 86: Utilizing Data Analytics in Auditing
Data analytics is transforming how audits are conducted. In this episode, you will explore how to apply analytic tools for risk assessment, control testing, and anomal...
Episode 87: Evaluating Automation and Decision-Making Systems
Automated systems introduce unique risks and controls. This episode teaches you how to audit robotic process automation, decision engines, AI tools, and algorithmic lo...
Episode 88: Quality Assurance and Improvement of Audit Processes
Audit functions must be continuously evaluated and improved. This episode covers quality assurance techniques including internal assessments, external reviews, perform...
Episode 89: Evaluating IT Strategy Alignment
IT strategy must support business goals and risk tolerance. In this episode, you will learn how to assess whether IT initiatives are aligned with enterprise objectives...
Episode 90: Evaluating IT Governance Effectiveness
Strong governance ensures that IT delivers value and manages risk. This episode explains how to evaluate governance frameworks, board oversight, decision-making proces...
