RE: IT Audit Training

["Cate, Jim" <Jim_Cate () BCBST com>]

I think it depends upon your existing skill levels and how in-depth you intend to audit.   CISA training is pretty high 
level stuff.   The SANS stuff is generally more thorough in my opinion.  I have done some of both.   

In reality, the training won't be as good as hands-on experience and most systems auditors I see are woefully short of 
experience and training despite their ethical requirements to have both prior to an audit engagement.    I was an 
auditor for many years and now am a systems administrator who gets audited a few times per year...  so I've worn both 
shoes.

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Stephanus J Alex Taidri
Sent: Monday, April 09, 2012 10:56 PM
To: Mohamed Farid
Cc: security-basics () lists securityfocus com
Subject: Re: IT Audit Training

Hi Farid,

For PCI audit, you can choose PCI QSA training.
For general IT audit in-broader, you may want to look for CISA training.

Kind Regards,
SJ Alex Taidri

On Sun, Apr 8, 2012 at 5:56 PM, Mohamed Farid <m.farid.shawara () gmail com> wrote:
> Dear All :
>
> We are looking to have a high level PCI DSS courses to a couple of
> experts guys who are already working on the Payment field for years
> ...
>
> The Course is needed to help them audit another branches their selves
> and to help QSA team whenever they need to audit these sites ...
>
> Normal PCI DSS is not sufficient - and we are looking for an expert
> courses ...
>
> Any advices ?
> Also if you can advise a good IT Audit course for them ?
>
> ------------------------------------------------------------------------
> Securing Apache Web Server with thawte Digital Certificate
> In this guide we examine the importance of Apache-SSL and who needs an SSL
> certificate.  We look at how SSL works, how it benefits your company and how
> your customers can tell if a site is secure. You will find out how to test,
> purchase, install and use a thawte Digital Certificate on your Apache web
> server. Throughout, best practices for set-up are highlighted to help you
> ensure efficient ongoing management of your encryption keys and digital
> certificates.
>
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
> ------------------------------------------------------------------------

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

-----------------------------------------------------
Please see the following link for the BlueCross BlueShield of Tennessee E-mail disclaimer:  
http://www.bcbst.com/email_disclaimer.shtm


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------