IT Auditing for the Non-IT Auditor

Course Field: Auditing
Delivery Method: Live/Internet-Based
Prerequisite: None
Level: Basic/Intermediate
Advance Prepration:No
INQUIRE
  • Seminar Overview

    A One Day Course on the Basics of IT Auditing, Taught by a Non-IT Auditor

     

    In today’s economy, all auditors must become multi-faceted and multi-purposed.  Regardless of background, internal auditors must have the basic knowledge of IT auditing to understand the general concepts, understand IT terminology and how IT auditing is integral to general auditing.  There is no complete view/opinion of one without looking at the other.  This one day course will take auditors through the basics of IT Auditing.

  • Who Should Attend
    Financial and Operational with any amount of experience that want to further understand IT Auditing.
  • Learning Objectives
    • Understanding of the basics of IT Auditing, including key terms and acronyms
    • Learn the importance of the IT risk assessment and integration with the audit risk assessment
    • Understand the difference between application controls and general controls and how to identify each
  • Agenda

    I. Introduction and Background

    a. Background

    b. Topics to Cover

    II. IT Risk Assessment

    a. What is an IT Risk Assessment?

    b. Understanding the IT Environment

    c. IT Risk Frameworks

    d. The Audit Plan

    e. Mapping the IT and Business Environment

    f. Heat Maps

    III. General Computer Controls

    a. Information Security

    b. IS Operations

    c. Application System and Maintenance

    d. Database Implementation and Support

    e. Network Support

    f. System Software Support

    IV. Pre and Post Implementation Audits

    a. Key Concepts

    b. Project Risk Management

    c. Pre-implementation Review

    d. Post-implementation Review

    V. Auditing Application Systems

    a. Auditing Application System Approach

    b. Application Configuration

    c. Input Controls

    d. Data

    e. Transaction Processing

    f. Security

    g. Reporting

    h. Data Interfaces and Conversions

    i. Benchmarking

    VI. Auditing Security

    a. Information Security Governance

    b. User Access Administration

    c. Technology Based Access Security Controls

    d. Secure Systems Development

    e. Incident Response

    f. Remote Access and Third Parties

    g. User Awareness and Training

    h. Physical Security

    i. Legal and Regulatory Compliance

    VII. Segregation of Duties

    VIII. Spreadsheets

Attendee Feedback

Course Offerings

latest book goldsrd