Summary:
The video discusses a Lunch and Learn session led by Gerald Auger, focusing on auditing using the CIS framework. Gerald shares insights into the importance of preparing for audits, methodologies, and effective communication with stakeholders. The session delves into the specifics of CIS controls, how to audit them, and highlights the necessary steps for successful audit execution and reporting.
The video discusses a Lunch and Learn session led by Gerald Auger, focusing on auditing using the CIS framework. Gerald shares insights into the importance of preparing for audits, methodologies, and effective communication with stakeholders. The session delves into the specifics of CIS controls, how to audit them, and highlights the necessary steps for successful audit execution and reporting.
Keypoints:
- Opening with a delay due to a family emergency and welcoming attendees.
- Introduction of the CIS framework as the basis for the audit discussion.
- Emphasis on audit preparation, including defining scope and gathering information.
- Highlighting the importance of effective communication and collaboration with stakeholders during the audit process.
- Identification of the nuances involved in the auditing process, including not making it personal against individuals.
- Discussion on the specific CIS controls and their significance for organizations, particularly small businesses.
- Procedures for evidence management and documentation during the audit.
- Outline of report structure and best practices for reporting findings to stakeholders.
- Encouragement to request feedback for continuous improvement in the auditing process.
- Conclusion emphasizing the importance of audit prep and the goal of improving security within the organization.
- Open floor for audience questions and final thoughts on auditing and the CIS framework.
Youtube Video: https://www.youtube.com/watch?v=JqQuGkEo5QA
Youtube Channel: Simply Cyber – Gerald Auger, PhD
Video Published: Tue, 15 Apr 2025 18:56:43 +0000
Views: 6