Two Day Seminar: Cybersecurity for Internal Auditors

Course Code:
CPE Hours:
Course Start Date:
November 19, 2019
Course End Date:
November 20, 2019
9.00 AM - 5.00 PM
Registration Deadline :
November 05, 2019
Level of course:
Level 1
Hoi Wai Khin
Competency areas:
Business Acumen [BA]
Course venue:

Oasia Hotel Novena, Singapore

Course fee (IIA/ ISACA member):
(Inclusive of GST)
Course fee (non-member):
(Inclusive of GST)
Other Memberships valid for discount:
10% off non-member rate for ISCA and ACCA member
Lunch Provided:
Tea Break:
Course Overview:

This 2-day course will assist with understanding the process of auditing cyber security, the practical issues relating to the governance and management of cyber security, the different cyber security controls, process and the standards available.

Auditors or IT auditors who are seeking to gain knowledge about the main processes of auditing a cybersecurity program

Course description :

The course will help professionals from any discipline to understand the critical aspects of governance, risk, security, control relating to cyber security and obtain the level of knowledge required to audit cyber security controls.

Evolution of Cyberthreats and Controls
• Phishing,
• Virus and Malware,
• Denial of Service Attack,
• Cyber Fraud,
• Zero day Attacks,
• Risks Associated with Internet, Servers/Desktop, WIFI, Cloud Security, Internet of Things (IoT) and some of the ready controls available

Business Impact Assessment on Cyber attacks
• To understand the impact and loss of Cyberattack to the different industries

Cybersecurity Law and Regulations
• Understanding different Cybersecurity Law and other regulations

Cybersecurity Best Practices
• Discussion on the different types of best practices/controls like ISO27001, Cloud, Cobit, MAS TRM, NIST standards etc.

Cyber Risk Assessment and Scoping
• Performing a cyber risk assessment using the Cyber security best practices to scope and prepare the audit work programme.

Other Types of Cyber Developments
Understand the other types of developing cyber security controls like:
• threat intelligence/analytics,
• user behaviour analysis,
• secure code development,
• automated threat modeling & attack simulations,
• pattern of life technologies,
• content disarming and reconstruction and more.

Cyber Security Maturity Model
• Understand how to measure the success of a cyber security programme

Other Security Considerations
• Discussion on other security threats like technology risks, information security risk, insider risks and more.

Skillsets of a Cyber Security Professional
• Discussion on the types of soft skills, training and certifications for cyber security professionals


Mr. Hoi Wai Khin specialises in information security and business continuity, and has vast overseas and local experience in managing technology risk. In his current position, he has extensive exposure to the management of risk/audit/security programmes to meet legal, human resources, audit, IT, risk management and information security requirements. This involves constant innovation of ideas to implement value-added security programmes to support the client's organisational objectives and building a robust security framework that goes beyond regulatory compliance.

His global experiences include assisting organisations in audits for IT due diligence, Sarbanes Oxley 404 IT General Computer Control, and IT diagnostics for mergers & acquisitions. Wai Khin has also supported clients in ISO 27001 certification projects, cloud technology, bring your own device (BYOD), as well as compliance with Singapore's Personal Data Protection Act (PDPA) and internal and external IT audit requirements.

Prior to joining the firm, he was an information security officer managing security, business continuity and audit programmes for a global B2B company. His experiences also include working as a data protection officer for a leading semiconductor manufacturer, tasked with protecting highly confidential R&D IP information. Wai Khin also previously provided audit assurances, security and business continuity advisory services at a Big 4 firm.

• Certified Information Systems Security Professional (CISSP), (ISC)²
• Certified Information Security Manager (CISM), ISACA
• Certified in Risk and Information Systems Control (CRISC), ISACA
• Certified Business Continuity Professional (CBCP), DRI International
• Singapore Certified Management Consultant (PSCMC), TUV SUD PSB
• Master of Science Information Security, University of London, Royal Holloway
• Master of Science Software Engineering, University of Essexline

Make the payment of your registration fees via PayNow/PayLah! transfer by following the steps below:


1. Upon completing your registration, proceed to payment and select the “Cheque/Fund Transfer” option.
2. Login to Internet Banking or Mobile Banking.
3. Scan our corporate PayNow/PayLah! QR code.
4. Verify our UEN number (S76SS0058D) and release funds.
NOTE: Kindly include the details below under the UEN/Bill Reference Number (text limit of up to 25 characters).


5. Once payment is made, please print screen the transaction and email to for our tracking purposes.

Please refer to PayNow and PayLah! for more information.line

Group Discount
Register as a group of 4 or more participants for the same course and enjoy a 10% group discount!
Applicable for participants from the same company registered within the same day. Discount will be indicated and processed on a single invoice.

Terms and Conditions
1. Registered participants will be liable for the full fee even in the event of non-attendance.
2. A processing fee of $100 will be imposed for any cancellation. Cancellation must be submitted in writing 7 days prior to the event date and subject to IIAS’s approval. Substitutions will be permitted and conditions will apply.
3. All registrations must "Proceed to Payment" to complete registration. Full payment must be received prior the course commencement.
4. Contact Person will be notified VIA EMAIL upon successful registration of the course.
5. Complimentary parking will be provided on a first-come-first-served-basis.
6. IIAS reserves the right to revise the programme as necessary.
7. IIAS reserves the right to cancel or postpone the training should the minimum class size is not met.line


A system generated email will be sent upon successful registration of the mentioned seminar.
Once the course is confirmed, an email confirmation will be sent to the registrants’ contact email addresses 1 week prior to the course commencement date
If you do not receive any email notification regarding your course registrations, please call IIA Academy at 6324 9029.

Registration Closed.