Skip to main content

Beta What do you think of this service? Your feedback will help us to improve it.

  5. Cyber Security Audit and Assurance Lead

Cyber Security Audit and Assurance Lead

Role summary

A Cyber Security Audit & Assurance uses their knowledge and experience to understand business scenarios, communicate the issues and recommend next steps. They support and guide other Cyber Security Audit & Assurance.

Role expectations

At this role level you will:

  • Support finding deficiencies in the testing, monitoring and management of security controls, so that an organisation’s data and information systems are secured.
  • Contribute to assessing the correctness of cyber security risk assessments and risk management plans, taking account of the organisation’s business goals
  • Produce plans for cyber security audits
  • Use specific auditing tools to conduct efficient audits
  • Audit the implementation, operation and maintenance of security controls
  • Contribute to the review of compliance with legal and regulatory requirements
  • Provide advice on audit, assurance and risk management
  • Support the implementation of Cyber Security Policy, Standards and Cyber Security Assurance Framework
  • Contribute to formal reports
  • Present findings to colleagues and managers, in both cyber security and general roles

Entry route and progression

Accreditation

For further information on accreditation in this role see the UK Cyber Security Council’s guide on audit and assurance.

Skills

Compliance monitoring and controls testing

Working

Incident management, incident investigation and response

Working

Legal and regulatory environment and compliance

Working

Risk understanding and mitigation

Practitioner

Secure supply chain management

Working

Sign up to UK Government Security

Subscribe to our newsletters to receive notifications when changes to strategy, policy, standards, and guidance are published on the website.

Sign up now