- Identify the business risks in automated environments and how to mitigate them
- Develop your knowledge of infrastructure essentials, including hardware and operating systems, the translation
- process, and analysing risk
- Explore security, operational, management, application, and systems software controls
- Discover what you need to know about databases, distributed systems, networks, and the Internet and e-commerce
This 5-day course is designed for financial, operational and business auditors who need to update their technical and operational knowledge to audit information technologies and automated business systems. It is also ideal for those who are new to IT Auditing who do not have an background in IT.
You will explore auditing standards, including Sarbanes-Oxley and PCAOB. You will discuss the controls required when auditing currently installed systems, new systems under development, and The various activities within the information technology department.
In addition, you will learn techniques for auditing automated systems. You will then turn your attention to auditing the management of application transaction activity, controls, and procedures. You will master techniques that can be applied to mainframe, distributed processing, and client/server-based applications. You will gain field-tested tools for identifying, recording, assessing, and evaluating application controls and procedures. You will leave this high-impact seminar with testing techniques, and auditfindings.
By attending this course you will leave with an understanding of
- How IT risks and controls have a direct impact on business risks.
- Integrated audit strategies and their focus on business risks.
- IT general controls and their impact on the reliability of application controls.
- Important application controls and their impact on business processes.
- Methods for testing automated and manual controls.
- Methods of documenting IT processes and controls.
- Why end user computing audits are important due to the general lack of effective controls thus potentially having a significant impact on the business.
- Network concepts and their impact on business operations and security.
- The Importance of databases to the security of business information.
Course Director Charles Pask
Charles delivers global IT security and IT audit consultancy services, including public training courses, in-house training courses, conferences, symposiums and general Infosec consultancy. Previously, he was a Director with MIS Training, and Director of Information Security Institute (ISI) European and Middle Eastern Security Services. He has over 20 years’experience in IT, IT audit, and IT security, and was the Information Security Manager for Alliance & Leicester plc prior to joining MIS. More recently he was the Global Head of Strategy, Development and Globalisation for the BT Business Continuity, Security and Governance Practice. Charles has been a member of the ITSEC Common Criteria team working with the DTI, and a committee member of the APACS Security Advisory Group and the LINK Security Group. He has spoken at a number of conferences, including CISO, WebSec, Compsec, the International Security Managers Symposium, and various ISACA events.
Past Delegate Feedback
“Starting the course without any knowledge of IT audit & leaving the course with a lot of knowledge to start IT
- audit work & documentation” Internal Auditor, CBFA
“Informative, well-structured, easy to understand, Chief Internal Auditor” The Tokio Marine & Nichido Fire Insurance
“It gives us the roadmap to introduce IT audit function in our office” IT Head , National Audit Office of Tanzania