In addition, you will learn techniques for auditing automated systems and examine the impact of Sarbanes-Oxley on IT audit. You will leave this session with a solid foundation in the basics of information technology as they apply to audit and security concerns

In addition, you will learn techniques for auditing automated systems and examine the impact of Sarbanes-Oxley on IT audit. You will leave this session with a solid foundation in the basics of information technology as they apply to audit and security concerns

Internal Auditors, Auditors-in-Charge, Financial & Operational Auditors, Finance Personnel, External Auditors, Audit Managers and Supervisors, IT Auditors, Team Leaders and Directors, Operations Managers, Audit Managers

Introduction to IT Audit

•  Audit objectives and requirements
•  Role of IT within the organization
•  Management and security risks in an automated environment
•  What is a control?
• Internal control defined
•  Processes and control points
•  Physical space vs. Logical space
•  Identifying control points

Planning the IT Audit

• Definition of internal audit
• Objectives of an it audit
•  IT audit strategies
•  What is an application
•  Application vs. General controls
• IT audit control reviews
• IT control categories
•  The audit deliverable
• Building the audit team

Auditing Organizations and Standards

•  Maintaining audit objectivity
• What is a standard?, AICPA and SAS
• GAO and other certification organizations
• The Institute of Internal Auditors (IIA)

The Treadway Commission

• COSO Integrated Framework
• ISACA and the IT Governance Institute
•  COBIT®: Control Objectives for Information and Related Technology
• ISO 27002 security standard

IT Governance and Controls

• What is IT governance?
• Information security governance
• IT policies and procedures
•  Separation of duties and outsourcing
• Governance and control

Information Technology Basics

•  Why learn about technology?
• Computer hardware and CPU operation

Two different classes of computers

• Software, programs and processing
• Distributed systems and client/server technology
• The Open Systems Interconnection (OSI) model
• Maintenance and security

Network Technology and Controls

• Networking risks, Auditing networks
• What is a network?
• LANs, WANs and MANs
• Physical network media (cables)
•  Cabling audit objectives
• LAN Protocols
•  WAN connectivity and protocols
•  MAN protocols
• LAN/WAN/MAN audit objectives
•  Network devices
•  Network device audit objectives
• Complete networks
• The internet
• Intranets and extranets
•  Risks of internet use for business
• Using firewalls
•  Internet communications
•  Internet Protocol (IP) addressing
• Service (process) addressing
• Internet applications
• The World Wide Web (www)
•  Web page technologies
• Internet audit objectives

Shared General and Application Controls

• Logical security
• Data classification
• Logical access controls: system access
• Encryption: information access
• Remote access, PCS and mobile devices
•  Information security management
• Change management
•  Change management objectives
•  Program change control
•  Patch management
• Software licensing
• Business continuity/disaster recovery
• Bcp/drp defined
•  Business Impact Analysis (BIA)
• Disaster recovery strategy
• Maintaining the plan
• System development technologies
• SDLC, RAD, ERP purchases
• Internal audit involvement, Audit strategy

Application Controls

•  What is an application?
• Business application risks
• Application auditing
•  Transactions: the audit focus
• Transaction life cycle controls, End
•  User computing
•  Data warehouses
• The future of applications

Database Technology and Controls

• Managing information
• The program
•  Centric model
• Program
• Centric audit concerns
• The data
• Centric model
• What is a database?
• Database terminology
• Database management systems
• Types of databases
• Database audit concerns

Infrastructure General Controls

• Operations controls
• IT operations
• Operating system controls
• System utilities
• System software controls: a review
• Physical security
• Environmental controls

BTS attendance certificate will be issued to all attendees completing minimum of 75% of the total course duration.

Request Info

Salutation MR Miss ENG DR

Full Name*

Designation

Company*

Country * Egypt Saudi Arabia Ireland UAE France Turkey Bahrain South Africa Nigeria Oman Nethersland United Kingdom Malaysia Kuwait Online Indonesia Qatar Morocco Jordan Switzerland Singapore Spain Italy Uganda

City * Cairo Mansoura Ireland Abu Dhabi Riyadh Dubai Istanbul Manama Abuja Paris Kuala-Lumpur Amsterdam Muscat Salalah Jeddah Dammam Cape Town London Kuwait Online Indonesia Doha Casablanca Marrakesh Singapore Geneva Zürich Amman Barcelona Rome Marbella Milan Uganda Scotland Madrid Jakarta

Email*

Enquiry*

Captcha*

Enter Captcha*

Submit