All Episodes
Displaying 61 - 80 of 106 in total
Episode 61: System and Operational Resilience
Operational resilience is about sustaining essential services under stress. This episode explains how auditors evaluate systems for fault tolerance, high availability,...
Episode 62: Data Backup, Storage, and Restoration Practices
Backup and restoration processes are critical for protecting data integrity and ensuring continuity. In this episode, you will learn how to evaluate backup frequency, ...
Episode 63: Developing and Maintaining a Business Continuity Plan
Business continuity planning ensures the organization can operate during and after disruptions. This episode explains how auditors evaluate continuity plan development...
Episode 64: Disaster Recovery Planning Fundamentals
Disaster recovery focuses on restoring IT systems after an outage or catastrophic event. In this episode, you will learn how to audit DR plans, assess backup infrastru...
Episode 65: Overview of Domain 5 – Protection of Information Assets
Domain 5 is all about securing information against unauthorized access, alteration, or loss. This episode provides a strategic overview of confidentiality, integrity, ...
Episode 66: Information Asset Security Frameworks, Standards, and Guidelines
Security frameworks provide the structure for implementing effective controls. In this episode, you will learn how to evaluate ISO 27001, NIST, COBIT, and organization...
Episode 67: Physical and Environmental Controls
Physical security is a foundational element of protecting information systems. This episode covers perimeter defenses, badge access, fire suppression, climate control,...
Episode 68: Identity and Access Management (IAM)
Access control is a critical concept tested throughout the CISA exam. In this episode, you will learn how to audit identity provisioning, authentication mechanisms, ac...
Episode 69: Network and Endpoint Security
Network and endpoint security controls are essential for protecting IT infrastructure. This episode explains how to audit firewalls, intrusion detection systems, antiv...
Episode 70: Data Loss Prevention
Data loss prevention (DLP) tools and policies help prevent unauthorized exposure of sensitive information. In this episode, you will learn how to evaluate DLP strategy...
Episode 71: Data Encryption Methods and Controls
Encryption is one of the most powerful tools for protecting sensitive data. This episode explains how to audit encryption in transit and at rest, evaluate key manageme...
Episode 72: Public Key Infrastructure (PKI)
Public Key Infrastructure supports digital trust by enabling secure authentication and communication. In this episode, you will learn how to audit PKI components, such...
Episode 73: Cloud and Virtualized Environments
Cloud and virtual systems require unique controls and audit approaches. This episode focuses on how to evaluate cloud security, shared responsibility models, virtual m...
Episode 74: Mobile, Wireless, and IoT Device Security
Endpoint diversity brings complexity to audits. In this episode, you will learn how to evaluate controls for mobile devices, wireless networks, and Internet of Things ...
Episode 75: Security Awareness Training and Programs
Human error is a top cause of security breaches. This episode covers how to evaluate security awareness training programs, including content quality, delivery methods,...
Episode 76: Information System Attack Methods and Techniques
To audit effectively, you must understand how systems are attacked. This episode introduces common techniques such as phishing, malware, denial of service, and SQL inj...
Episode 77: Security Testing Tools and Techniques
Security testing reveals weaknesses before attackers can exploit them. This episode explains how to audit vulnerability scanning, penetration testing, static code anal...
Episode 78: Security Monitoring Tools and Techniques
Ongoing monitoring is vital for detecting and responding to threats. In this episode, you will explore how to evaluate log management, SIEM systems, network monitoring...
Episode 79: Security Incident Response Management
Incident response is a structured process that minimizes damage and recovers operations. This episode covers detection, escalation, containment, recovery, and reportin...
Episode 80: Evidence Collection and Digital Forensics
Auditors may need to evaluate how evidence is preserved and used in investigations. This episode introduces forensic readiness, chain of custody, data integrity contro...