The Institute of internal Auditors Philippines, Inc.

The Institute of Internal Auditors (IIA) Philippines is a professional organization dedicated to the advancement of the internal audit profession in the country. Our members, who work in internal auditing, risk management, governance, internal control, information technology audit, education and security, came from various industry or sectors in the Philippines and belong to a global network of almost 200,000+ professionals from more than 170 countries and territories sharing a common vision of a global profession of internal auditing.

The Institute of Internal Auditors Philippines Inc. (IIAP) was registered with SEC in 1982 and formerly known as The Institute of Internal Auditors, Inc. – Manila Chapter. It was founded on August 14, 1948 by Mr. Santiago F. Dela Cruz Sr. along with a small group of accountants actively engaged in the profession. Mr. Dela Cruz, who is considered to be the moving spirit of the association, is the same man who, two years earlier than IIAP, co-established the Philippine College of Commerce and Business Administration (PCCBA) which we now know as the University of the East.

The IIAP despite some struggles during its formative years was able to attain full-fledged stature as a professional association upon earning its “Institute” status from The Institute of Internal Auditors (IIA Global) in 1990. At the time, IIAP is 1 of the 6 (six) chapters in the Pacific Region (others were in Bombay, Tokyo, Sydney, Melbourne and Ceylon). On its 75th Anniversary Celebration and Global Business Meeting last 16-17 July 2016 at New York Hilton Midtown, the IIAP was acknowledged as the 3rd Chapter organized by the IIA Global since the latter’s founding in 1941 still then headquartered in New York City, USA

Contact us

Thei Parungao

Event Details

Focus and Features

This course will provide attendees with an introduction to cybersecurity concepts based on Cybersecurity Framework to help in the organization's cybersecurity risk assessment and audit engagements. This will provide detailed discussions of the different functions described in the core framework of the Cybersecurity Framework and how to apply this knowledge on risk assessment process.

Learning Objective(s):

  • Understand cybersecurity from risk and audit perspective,
  • Understand the NIST Cybersecurity Framework
  • Understand the five Framework Core Functions: Identify, Protect, Detect, Respond and Recover

What You Will Learn

Introduction to Cybersecurity

  • Definition of Cybersecurity
  • Current Cyber Threat Landscape
  • Cyber Attack Models

Introduction to NIST Risk Assessment Framework

  • Risk Assessment Process
  • Risk Model

Introduction to NIST CyberSecurity Framework

  • Core Functions
  • Implementation Tiers
  • Profiles

Assessing Cybersecurity Risks based on the NIST's Protect Core Function

  • Identity Management and Access Control
  • Awareness and Training
  • Data Security
  • Information Protection Processes and Procedures
  • Maintenance
  • Protective Technology

Assessing Cybersecurity Risks based on the NIST's Detect Core Function

  • Anomalies and Event
  • Security Continuous Monitoring
  • Detection Processes

Assessing Cybersecurity Risks based on the NIST's Respond Core Function

  • Response Planning
  • Communications
  • Analysis
  • Mitigation
  • Improvements

Assessing Cybersecurity Risks based on the NIST's Recover Core Function

  • Recovery Planning
  • Improvements
  • Communications

Who Should Attend:

This course is designed for beginning internal auditors involved or will be involved in assessing and/or auditing cybersecurity.

Time and Schedule:

May 25, 2023 | 9am - 12noon

May 26, 2023 | 9am - 12noon

May 27, 2023 | 9am - 12noon

Sponsors and Partners