Talk With an Expert

Elevating Your Audit Strategy: Insights from the CRF Audit Framework

  • Tue, Aug 13, 2024
  • 1:00PM - 2:00PM UTC
  • English
  • James Tarala
  • Technical Presentation
Webcast Hero

In an age where cybersecurity threats are ever-present and the regulatory environment is constantly shifting, establishing robust and strategic audit practices is crucial for safeguarding organizational integrity. The SANS Institute is proud to present "Elevating Your Audit Strategy: Insights from the CRF Audit Framework," a webcast designed for individuals committed to enhancing their organization's cybersecurity through effective audit strategies.

In this webcast, James Tarala, Senior Faculty at the SANS Institute and Managing Partner at Cyverity, will offer an in-depth exploration of the Cybersecurity Risk Foundation's Audit Framework (AF), providing participants with a structured approach to cybersecurity audits that not only meet compliance requirements but are also intricately aligned with their organization's cybersecurity goals. Attendees will gain comprehensive insights into formulating an audit program that bridges the technical aspects of cybersecurity with overarching business objectives, ensuring a balanced and effective strategy.

The webcast will cover the significance of the CRF Audit Framework in improving security postures, along with practical strategies for executing cybersecurity audits tailored to an organization's unique risk landscape and business aims. It will also touch upon the utilization of the Institute of Internal Auditors' (IIA) Three Lines Model for streamlined risk management and control and offer guidance on choosing audit types that best suit organizational needs for enhanced cybersecurity and regulatory adherence.

Moreover, participants will receive expert advice on crafting and sustaining a flexible, prioritized audit plan that evolves in response to new cyber threats and business dynamics. This session is poised to equip CISOs, IT professionals, and executive leaders with the essential strategies and insights required to refine their audit approaches, turning them into a pivotal element of their cybersecurity defense and organizational resilience strategy.

This webcast supports concepts from LDR419: Performing a Cybersecurity Risk Assessment and LDR519: Cybersecurity Risk Management and Compliance.

Meet the speaker

James Tarala
James Tarala

James Tarala

Managing Partner

James Tarala, managing partner at Cyverity, co-created the CIS Controls and Cybersecurity Standards Scorecard, transforming cybersecurity governance and empowering global organizations to operationalize risk into actionable defense strategies.

Read more about James Tarala