COURSE OVERVIEW

This practical and highly-interactive course includes various practical sessions and exercises. Theory learnt will be applied using one of our stateof-the-art simulators. This course is designed to provide participants with a detailed and up-to-date overview of Auditing Operational Technology/SCADA/ICS (Intermediate). It covers the standards and frameworks for OT security and auditing including OT system architectures and network protocols; the key risks and threats to OT environments and the role of auditing in OT environments; the proper tools and technologies for OT auditing and the scope of an OT audit; the pre-audit preparations and risk assessments; and auditing governance and policies in OT and OT network segmentation. Further, the course will also discuss the physical security controls, audit plan and ICS inventory and asset management; the ICS network traffic and logs, authentication and access controls and security configurations in ICS systems; the vulnerability assessment and penetration testing in OT as well as incident detection and monitoring practices; the thirdparty and vendor risks audit and ensuring system resilience and availability; and the patch management policies and testing patch deployment processes. 
During this interactive course, participants will learn to assess the risks of unpatched vulnerabilities and evaluate compensating controls for legacy systems; inspect physical connections and interfaces, evaluate tamper detection mechanisms, review maintenance and repair logs and verify adherence to OT hardware lifecycle management; the business continuity in OT environments, reporting OT audit findings and conducting a live audit simulation; the best practices for OT cybersecurity audits; and examining the emerging trends in OT security.