© 2023 Ataya & Partners.

Cybersecurity Auditing Module | Ataya & Partners Academy
Cybersecurity • Audit & Assurance • CSA Module

Cybersecurity Auditing

The third line of defence in cybersecurity. Build the skills to plan, scope, conduct and report cybersecurity audit assignments with confidence.

Register interest Request syllabus
12 weeksLearning path
5 ECTSAcademic credits
OnlineDelivery mode
EnglishModule language
Built around Third line of defence Audit planning Fieldwork Reporting
Cybersecurity auditing training session
Upcoming session
12 weekly online sessions · 5 ECTS certificate
Online and Hybrid October 2026 On request

Our institutional partners

⚠️
Cybersecurity decision-makers need independent assurance. This module focuses on auditing as the third line of defence, validating the activities performed by business operations, IT, risk managers, CISOs and compliance teams.
View programme

Module purpose

This module provides students with the skills and understanding needed to build an annual audit programme, develop audit plans for specific assignments, conduct cybersecurity audit activities and produce the resulting report.

🛡️

Third line of defence

Use auditing to give assurance to decision-makers on the existence and efficiency of cybersecurity controls.

📋

Audit programme and plan

Learn to structure annual audit activities and develop specific audit plans aligned with business and technical needs.

📊

Findings and recommendations

Conduct fieldwork, document audit activities and produce reports that inform stakeholders on maturity, effectiveness and outcomes.

Learning outcomes

Participants learn to implement audit activities as part of an assurance process, from scoping and criteria selection to audit reporting.

By the end of the module

Students will be able to plan, develop and conduct a full audit assignment on cybersecurity activities, with the aim of informing stakeholders and aligning audit work with business requirements and good practices.

01
Implement audit activitiesApply scoping, criteria selection, audit process and audit reporting as part of the assurance process.
02
Conduct a full assignmentPlan, develop and conduct cybersecurity audit work to inform stakeholders on maturity, effectiveness and outcomes.
03
Create the audit planAdjust assignment scope to business needs, technical needs and stakeholder requests.

Practical audit capabilities

The module emphasizes practical audit work and the ability to translate evidence into findings and recommendations.

🧭

Assignment scoping

Develop the scoping of an audit assignment and select suitable criteria.

Criteria and practices

Align with usual audit practices, including the Certificate in IT auditing.

🔎

Fieldwork and reporting

Develop audit fieldwork and produce a report with findings and recommendations.

12-week programme

The delivery path moves from audit purpose and need to scoping, planning, fieldwork, documentation, reporting and complete assignment review.

🎯

Week 1: Audit Purpose

Clarify the role and value of audit activities in cybersecurity assurance.

🔍

Week 2: The Need for Audit Activities

Understand why audit activities matter for control assurance and decision-making.

🧭

Week 3: Audit Scoping

Define assignment boundaries, objectives and criteria.

🗂️

Week 4: Audit Plan

Translate audit objectives into a practical plan for execution.

🛠️

Week 5: Audit Activity

Conduct the assignment and gather relevant evidence.

📝

Week 6: Documenting Audit Activities

Capture work performed, evidence used and conclusions reached.

📄

Week 7: Audit Report

Produce clear findings and recommendations for stakeholders.

📅

Week 8: Planning Overall Audit Activities

Build a broader view of recurring and annual audit activities.

🧩

Week 9: Auditing Specific Domains

Apply the audit approach to selected cybersecurity domains.

🎤

Week 10: Student Deliverables

Presentation of selected students' deliverables.

💼

Week 11: Class Business Cases

Work through business cases to connect audit practices to real situations.

🧾

Week 12: Complete Assignment Overview

Review the full lifecycle of a complete cybersecurity audit assignment.

Also covered Reading list Exams and assessment formats
Recognition

Cybersecurity Auditing

5 ECTS

The module gives 5 ECTS and concludes with a certificate distributed at the end of the training.

Request registration details

Certificate and credits

Participation certificate distributed at the end of the module
5 ECTS awarded for successful completion
Recognition of audit planning, scoping, fieldwork and reporting capabilities
Final assessment and selected student deliverables included in the programme
Certificate of participation - Cybersecurity Auditing module
Certificate of participation Issued by Ataya & Partners Academy and distributed at the end of the Cybersecurity Auditing module. Upon successful examination, the module related ECTS credits are issued by the Digital4security Consortium and granting universities.

Your trainers

Our trainers are active cybersecurity practitioners with deep experience in cybersecurity governance, assurance, risk management and executive-level cybersecurity education.

Georges Ataya, cybersecurity expert and trainer at Ataya & Partners

Georges Ataya

Professor & Academic Director, Solvay Brussels School · Co-founder, Cybersecurity Coalition Belgium
CISSP CISM CISA CRISC COBIT

Georges Ataya is one of Belgium's foremost authorities in cybersecurity governance and risk management. Professor and Academic Director at Solvay Brussels School of Economics & Management, he co-founded the Cybersecurity Coalition Belgium and serves as its Vice-Chair. With 45 years of experience advising organisations across the public and private sectors, he brings both academic rigour and deep practitioner insight to every session.

45+Years experience
700+Professionals trained
Taco Mulder, CISO and cybersecurity trainer at Ataya & Partners

Taco Mulder

CISO, FPS Policy & Support (BOSA) · Topic Leader, Solvay Brussels School · Cybersecurity Coalition Belgium
Public Sector CISO Healthcare Cybersecurity Women4Cyber Coach

Taco Mulder is CISO at Belgium's Federal Public Service Policy & Support (BOSA) and a recognised voice in public sector cybersecurity. A former CISO at Brussels public hospitals, he coordinates the Cybersecurity in Healthcare Focus Group at the Cybersecurity Coalition and is a topic leader in Information Security Management at Solvay Brussels School. He is also a mentor and coach for the Women4Cyber programme.

30+Years experience
500+Professionals trained
Kian Bayat, cybersecurity expert and trainer at Ataya & Partners

Kian Bayat

Cybersecurity Stream Lead, Federale Assurance · ISACA Belgium Board Member & Director of Academic Relations
CISSP CRISC PMP NIS2 & DORA Vulnerability Management

Kian Bayat is Cybersecurity Stream Lead for Vulnerability Management at Federale Assurance, and previously held senior cyber risk, business continuity and crisis management roles at Nagelmackers Bank and ING Belgium. With over 20 years of experience spanning IT risk and security leadership, programme and project management, infrastructure and software development, he combines deep technical expertise with strong stakeholder engagement at executive and board level. He is an accredited APMG CRIS trainer, an ISACA Belgium board member, and a member of the Cyber Security Coalition Cyber Awards Task Force.

20+Years experience
5+Professional certifications
Tania Postil, cybersecurity expert and trainer at Ataya & Partners

Tania Postil

Senior Information Security Consultant · Vice-President, ISACA Belgium Chapter
CISA ISO 27001 Lead Implementer ISO 27001 Lead Auditor

Tania Postil is a senior cybersecurity and GRC consultant, currently strengthening the IT risk and security team at Banque Degroof Petercam on DORA compliance, IT general controls and security awareness. Certified CISA and ISO 27001 Lead Implementer, she has delivered CISO-as-a-service, internal audit and operational risk management engagements for organisations including Keytrade Bank, Generali Belgium and AXA Banque Europe. An accredited speaker and trainer, she serves as Vice-President of the ISACA Belgium chapter.

15+Years experience
3+Professional certifications

Target audience

The module is designed for professionals involved in audit, cybersecurity risk, compliance, implementation, advisory and investigation activities.

Audit professionals
Audit managers
Cybersecurity risk managers
Compliance managers
Cybersecurity compliance professionals
Cybersecurity implementers
Cybersecurity management advisors
Cybersecurity consultants
Cybersecurity legal experts
Digital forensic investigators

Discuss the Cybersecurity Auditing module

Request the syllabus, delivery details or registration information for the 2026-2027 edition.

Register interest Request syllabus

hidden

Protect-Privacy