Cyber Security Auditor

A security role responsible for conducting a cyber security audit, which may be performed by a person who is trained in this activity and demonstrates professional competence in conducting cyber security audits or information security management system audits. The certificate proving the professional competence of security roles meets the requirements of ISO 17024, which is defined by Decree No. 82/2018 Coll.

Would you like to compare to other courses?

Virtual Training or e-Learning?

We offer flexibility. You can choose from our selection of in-class courses as well as online courses.

Try a live virtual course

Target audience

The Role of the Cyber Security Auditor

The cyber security auditor performs his role impartially and the performance of his role is separate from the performance of the role of Cyber Security Manager, Architect and Guarantor. The auditor's independence from the subject of the audit is a matter of course!

The role of the cyber security auditor is incompatible with the performance of the roles of cyber security manager, cyber security architect, operator of communication and information systems or the role of asset guarantor.

Functions and tasks of the cyber security auditor:

  • In cooperation with the  Cyber Security Manager he participates in audit planning;
  • Evaluates the compliance of implemented security measures with the requirements;
  • Provides independent feedback on the effectiveness of the information security system;
  • Based on the findings during the audit, it draws conclusions and documents the results.
Target audience

Course Objectives

  • Plan and prepare an audit
  • Evaluate the obtained outputs and implement measures
  • Prepare an audit report and implement corrective actions
  • Prepare a differential analysis of IS against the requirements of the Act on Cyber Security

Key responsibilities

This course contains the recommended requirements for cyber security management and security roles listed in § 6 and 7. You will learn the key activities required to perform the role of Cyber Security Auditor, which defines:

Decree on security measures, cyber security incidents, reactive measures, filing requirements in the field of cyber security and data disposal (Decree on cyber security)

a) Methodology and frameworks of information security audit. 

b) Internal audit processes and procedures. 

c) The role and function of internal audit. 

d) ICT security audit process. 

e) Strategic and tactical management of ICT. 

f) Acquisition, development and deployment of ICT. 

g) Management of ICT operation, maintenance and services. 

h) Asset protection. 

i) Cyber security assessment, testing and sampling methods. 

j) Relevant legislation. 

k) ICT security.

Klíčové činnosti role kybernetické bezpečnosti

Benefits for the organization

Today, more than 80% of the most important and up-to-date data is found by end users

The law is nothing more than a clear manual of proactive security. The biggest changes are in the approach to asset protection. Security must be seen as part of a comprehensive organization management system.

Meeting legislative requirements does not necessarily mean investing in new security products and technologies. The law requires the implementation and regular audits of the Information Security Management System. The key pillar is the correct setting of the security policy and its subsequent implementation / auditing across the organization. 

Vyhláška o bezpečnostních opatřeních

Your security team

The roles listed below will save companies and organizations the time and costs associated with implementing Cyber Security requirements. Clear implementation of the requirements of the Cyber Security Act step by step. You can easily manage the whole project yourself.

Cyber Security Manager 

You do not need to know where you come from, you need to know where you are going to adequately manage cyber protection.

Cyber Security Architect  

Proactive security (implemented and functional) is less expensive than reactive. Learn to build architecture.

Cyber Security Auditor 

Internal audits maintain better protection against cyber attacks. Gain the know-how of a Cyber Security Auditor.


09:00 - 10:30


  • Cyber security audit
  • Evaluation of the effectiveness of the measures taken
  • Assessment of controls, audits and impacts of incidents on the system
  • Update of risk assessment report, security policy and other plans

Risk management

  • Identification and evaluation of assets
  • Establish criteria for threat assessment
  • Declaration of applicability, risk management plan, benefits of measures

Safety requirements

  • Politics
  • Organizational security
  • Terms and conditions and recommendations
  • The role of suppliers in the development, operation and management of IS

Asset management

  • Asset protection audit
  • Dependence of primary and ancillary assets

10:30 - 10:45

Coffee Break

10:45 - 12:15

Human resources security

  • Role audit
  • Rights and obligations
  • Policy control by users, administrators

Traffic and communication management

  • Analysis of the rights and obligations of persons
  • Audit and evaluation of the information obtained
  • Assessment of the impacts of reactive measures on IS

Access control and secure user behavior (A)

  • Audit of access to systems
  • Results of vulnerabilities and potential exploits

Analysis, development and maintenance

  • Identification, assessment and management of risks
  • Risk assessment and management procedures, methodology
  • Safety testing of changes before commissioning

12:15 - 13:15

Lunch | Lunch menu

13:15 - 15:00

Cyber Events and Incidents Management

  • Investigation and causes of incidents
  • Classification of incidents and events

Business continuity management

  • Investigation and causes of incidents

Cyber Security Audit

  • Documentation, policies and results
  • Audit by a professionally qualified person
  • Vulnerability control and evaluation

15:00 - 15:15

Coffee Break

15:15 - 16:00


  • Summary
  • Additional questions

16:00 - 17:00


  • Exam

The basis of the Cyber Security Act is the ISMS (Information Security Management System).

  • Block duration 90 minutes
  • Hours 8 hours
  • Refreshments Yes
  • Exam Yes
  • Prerequisites

    Basic knowledge of ISMS (Information Security Management System) according to ISO / IEC 2700

Marek Mitáček

Accredited trainer, Workshop Leader, Coach, co-author of methodologies and TAYLLORCOX Toolkits (sets of templates and sample forms) for IT Service Management ITSM, Project Management PRINCE2 and cyber security according to ISMS ISO / IEC 27001 and ZoKB.

One of the very first IT auditors in the Czech Republic. His rich practice began in 1996 in the company. GiTyFurtherly spent almost 10 years as an ITIL implementer at Český Telekom and since 2007 he has been a key auditor, accredited trainer at the TAYLLORCOX certification body

  • Český Telekom
  • GiTy - Interní Auditor / Consultant


Vít Lidinský

  • Since 2012, he has been working as a forensic expert in the field of economics, prices and estimates, with a special specialization in information systems and personal data protection.
  • For more than 5 years he was the head of the department. and Chief Executive Officer at the Ministry of Informatics, the Ministry of Foreign Affairs of the Czech Republic and the State Treasury Shared Services Center (ICT Departments).
  • He graduated from the Faculty of Business and Economics, majoring in information management - CULS. Here he gradually obtained a master's (Ing.) And doctoral degree (Ph. D.)

Jan Cuřín

Graduate of ČVUT FEL, subsequently a consultant with an international dimension in the field of implementation and optimization of the information management system (ITSM) and cyber (ISMS) security. He applies the acquired experience from the position of an accredited Lead Auditor in the areas of IT Service Management, ISMS and GDPR.

  • Cyber Security standard author
  • Lead Auditor ITSM ISO 20000, ISMS ISO/IEC 27001
  • Approved Trainer & Lead Auditor GDPR (EU 2016/679) dle ISO/IEC 17067


Cyber Security Auditor | ISO 17024 accreditation

Certification Exam

Preparatory course including certification, which is defined by Decree No. 82/2018 Coll.

The certificate proving the professional competence of security roles meets the requirements of ISO 17024, which is defined by Decree No. 82/2018 Coll. on security measures, cyber security incidents, reactive measures, filing requirements in the field of cyber security and data disposal (Decree on Cyber Security)

As part of the certification, they must demonstrate practical knowledge and skills to implement the ISMS (Information Security Management System) so that it meets legislative requirements and at the same time is in accordance with the ISO / IEC 27001 standard in the current valid version.

Test information

  • Number of uestions: 30
  • Pass mark: 60%
  • Certificate validity: 3 years
  • exam language Czech
auditor kybernetické bezpečnosti

Graduate ratings

Excellent review from 371 reviewers

What makes our references exceptional? They are not one-off events. Clients come back to us regularly.

  • GDPR Anonymizováno
  • 27.03.24

Lidské vysvětlení problematiky, předání praktických rad a zkušeností. Pauza, odlehčení, důraz na řízení lektorem přiměřeně dle reakcí. Opravdu výborný kurz.

  • Kamila F:
  • 27.03.24
  • AGORS plus a.s.

Kurz je praktický zaměřený, školený člověkem, který dobře rozumí problematice.

  • GDPR Anonymizováno
  • 27.03.24

Rychlé, ale přínosné. Dobrý přehled.

  • Matouš P.
  • 27.03.24
  • Datacons s.r.o.

Velmi přátelský přístup školitele. Aktualizace vědomostí kybernetické bezpečnosti.

  • Helena N.
  • 27.03.24

Kurz splnil moje očekávání.

  • Petar S
  • 27.03.24
  • Aplis Solutions s.r.o.

Excelentní výklad velmi obsáhlé problematiky s důrazem na praktičnost a aplikovatelnost.

  • GDPR Anonymizováno
  • 27.03.24

Velmi dobrý vhled do problematiky auditu vztažený ke kybernetické bezpečnosti. Nemám co bych vytkl.

  • GDPR Anonymizováno
  • 18.10.23

Kurz OK, přínosné, fundovaný lektor - celkově skvělé.

  • Jan K.
  • 18.10.23
  • ČEZ

Skvělý výklad a praktické příklady z praxe, kladně hodnotím znalosti a přehled lektora a vstřícný přístup.

  • Jan Klášterka
  • 28.03.23
  • Všeobecná fakultní nemocnice

Skvělá praktická ukázka legislativy a perfektní zpětná vazba.

View the next 10 reviews of our graduates

View the full list of reference clients.

Your rating

Not sure if this is the right courese for you? Get in touch!

For assistance please give us a call.

We are available at +420 222 553 101 Always Monday to Friday: 9am - 5pm.

*items marked with an asterisk are mandatory

Would you like a gift for your birtday?