Auditing continues to become more critical to businesses in every sector. Businesses need to know how their IT systems are functioning, and understand the risk they pose. Regulatory requirements continue to dictate how risks need to be managed. Auditing can provide the perspective management needs in order to make an educated business decisions on how to manage these risks.
SANS has designed the auditing curriculum with a goal of providing auditors with the knowledge, skillset and tools to properly identify and assess the risks that exist. Furthermore, the curriculum provides students with the justification for why the recommended controls need to be implemented. Students are provided the knowledge to not only ask the right questions and gather the right information during an audit, but also provide valuable recommendations and business reasons why the recommendations need to be implemented.
Given the constant changes that occur related to technology, SANS is consistently updating courses and creating new courses. We are committed to providing high quality training that addresses the latest risks, as well as content that you can use the minute you return to the workplace. We know this process works since thousands of auditors have taken SANS courses and have been able to immediate apply the knowledge obtained. We look forward to seeing you at a future SANS conference, and we would love to have you as part of the SANS audit community! - Tanya Baccam
Tanya is a SANS senior instructor, as well as a SANS courseware author. With more than 10 years of information security experience, Tanya has consulted with a variety of clients about their security architecture in areas such as perimeter security, network infrastructure design, system audits, Web server security, and database security. Currently, Tanya provides a variety of security consulting services for clients, including system audits, vulnerability and risk assessments, database assessments, Web application assessments, and penetration testing. She has previously worked as the director of assurance services for a security services consulting firm and served as the manager of infrastructure security for a healthcare organization. She also served as a manager at Deloitte & Touche in the Security Services practice. Tanya has played an integral role in developing multiple business applications and currently holds the CPA, GIAC GCFW, GIAC GCIH, CISSP, CISM, CISA, CCNA, and OCP DBA certifications. Tanya completed a bachelor of arts degree with majors in accounting, business administration and management information systems.