Cybersecurity Auditing

Conduct audits to assess and improve cybersecurity controls and organisational defences.

Key Details

This module is delivered in hybrid format, as a combination of online, in-person and self-learning activities. The module uses innovative hybrid learning methods that combine live (synchronous) and self-paced (asynchronous) activities, with particular focus on practical activities and real-world scenarios connected to cybersecurity. Expert tutors guide students through the material, ensuring a comprehensive learning experience.

This module aims at providing students with skills and understanding to build an annual audit programme and to develop an audit plan for specific audit assignments. Toward this goal the module employs periodic quizzes, class participation activities, assignments and projects.

Time commitment:

• Online activities: 7 hours
• In-person activities: 7 hours
• Self-learning: 28 hours
• Individual, team and guided projects and activities: 58 hours
• Total: 100 hours

Credit points: 4 ECTS

Grading:

• Lecture quizzes: 10%
• In-class participation: 10%
• Assignments: 10%
• Project: 20%
• Exam: 50%

Apply now

Subjects covered

The purpose of audit activities

The business and technical need of an audit assignment.

The scoping of the assignment and the selection of suitable criteria and a framework

The development of an audit plan

The management of audit work

The development of an audit report

The presentation of audit findings

The development of a yearly audit program

The specificities of cybersecurity auditing

A business case with a real-life audit

Presentation of the business case

A business case with a real-life need for developing a yearly audit program based on a given risk assessment and a typical audit universe

Apply now

Learning objectives

Implements audit activities as part of assurance process, including scoping, the selection of suitable criteria, the audit process and the audit reporting.

Plan, develop and conduct a full audit assignment on Cybersecurity activities with the aim at informing stakeholders on the maturity, effectiveness and outcome of audit activities to align with business requirements and good auditing and business practices.

Create the audit plan, adjust the scoping of the assignment to business and technical needs or stakeholders request

Develop a scoping of the assignment; select a suitable criteria; align with usual audit practices including the Certificate in IT auditing.

Develop an audit fieldwork and produce a report with findings and recommendations.

Apply now

Module leaders

Costin is an Assistant Professor at POLITEHNICA Bucharest, within the Computer Science and Engineering Department. His main interests lie in operating systems, cybersecurity, and blockchain technologies. He is passionate about mentoring students and building secure, efficient systems.

Costin has contributed to research in systems security, including uncovering iOS vulnerabilities and developing middleware for indoor positioning systems. In recent years, his focus has extended to blockchain, where he explores secure architectures and decentralized applications.

Beyond research, Costin is actively involved in student development, helping young engineers gain hands-on experience and build careers in tech. He supports open-source education and community initiatives.

Apply now