Description
$150 (per person) includes an online webinar for 2 hours of CPE credit
Cybersecurity has become an ongoing and mission-critical risk for government agencies, driven by increased reliance on digital systems, evolving threat actors, and greater public accountability. This 2-hour webinar introduces government auditors to core cybersecurity concepts from an assurance perspective, focusing on how cyber risks impact mission achievement, data integrity, service availability, and public trust.
Instead of emphasizing technical details, this course provides auditors with a practical framework for understanding cyber risks, identifying relevant controls, and applying recognized standards like the NIST Cybersecurity Framework and The IIA Cybersecurity Topical Requirement. It also addresses common scoping challenges and shows how auditors can shift from broad “cyber audits” to targeted, risk-based reviews aligned with government operations and priorities.
Learning Objectives:
- Describe core cybersecurity concepts, including the CIA triad, threat actors, and common cyber risk categories, in a government audit context
- Distinguish between cybersecurity risk management activities such as risk assessments, business impact analysis, vulnerability management, and risk treatment
- Identify and categorize key cybersecurity controls, including administrative, physical, and technical controls, and understand how they work together to provide defense in depth
- Review control frameworks such as NIST CSF, NIST 800-53, and The IIA Cybersecurity Topical Requirement to structure audit scoping and testing
- Determine how to prepare a risk-based approach to scoping cybersecurity audit work by focusing on critical processes, high-risk systems, and priority threat areas rather than attempting to audit the entire cybersecurity program
Program Level: Basic
Field of Study: Auditing (Governmental)
Who Should Attend: Governmental auditors
Prerequisites: none
Advanced Preparation Required: none
Instructional Method: Webinar (Group Internet Based)
CPE Credit Hours: 2
Date: Wednesday, April 8, 2026
Time: 12:00 p.m. – 2:00 p.m. Central
Webinar Leader:
Toby DeRoche, MBA CIA CCSA CRMA CFE CISA SA cAAP
Toby DeRoche, MBA CIA CCSA CRMA CFE CISA SA cAAP focuses his career on advising governance and assurance professionals on solutions to their audit, risk, and compliance needs. Toby assists organizations in improving their internal audit, risk management, and compliance functions. Toby’s professional background includes nearly 20 years in internal audit, fraud examination, and technology enablement consulting.
As the founder of Insight CPE, LLC, Toby is dedicated to continued education for audit, risk, and fraud professionals. In this role, he partnered with cRiskAcademy to create the Certified Agile Auditor Professional (cAAP) course, the first of its kind in the world. Toby has authored over 100 blogs and the books Agile Audit: Transformation and Beyond and Only Audit What Matters. Finally, as Senior Manager of IT Control at Agilon Health, Toby also puts theory into practice.
Questions? You can find our FAQ here and our policies here.
To see a breakdown of how many polls and minutes of attendance are required for this webinar, see this page.
Yellowbook-CPE.com is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: