Internal Audit Training, IT Audit Training Courses, Information Security Training - CPE Interactive

Continuing Professional Education for Audit, Assurance, & Info Security

View Training Register Now

Course Description

As we introduce new information technologies or approaches, our risks change, and, in many cases, have unintended consequences. This session focuses on 4 key issues in the audit world:

  • Transfer of computing resources to a utility model
  • Proliferation of smart mobile devices
  • Sophisticated communications and a 24 hour news cycle magnifying organizational missteps and outright errors
  • Social media as a communications monitoring vehicle

We will frame the risks, obtain an understanding of how these issues affect internal audit, and promote discussion on how we can effectively incorporate these issues into our audit universe.
You will discuss:

  • Cloud computing
  • Mobile data assets
  • Crisis management
  • Social media

Learning Objectives:

  • An understanding of the scope of these issues
  • A basis for assigning assurance risk
  • A strategy for incorporating these issues into your audit universe

Course Outline

Cloud Computing

  • Defining cloud computing
    • Infrastructure as a Service
    • Platform as a Service
    • Software as a Service
  • Evaluating new risks
    • How cloud computing differs from traditional outsourcing
    • The changing audit universe
    • Compliance issues
  • Essential best practices
    • Adapting controls to the new environment
    • Knowing when to say NO

Securing Mobile Data Assets

  • Identifying mobile data assets
    • Where is our data?
    • What is at risk?
    • What is personnel  versus business owned?
    • Wireless computing versus mobile computing
    • Balancing “for the convenience of the employer” against “for the convenience of the employee”
  • Key policy requirements
    • Ownership
    • Privacy
    • Compliance with regulations
    • Balancing control against ease behavioral issues

Crisis Management

  • Phases of crisis management
    • Pre-Crisis
    • Crisis
    • Post-Crisis
  • Crisis management versus business resumption planning
  • Consequences of failing to prepare
  • Crisis management components
    • Governance
    • Risk management
    • Communications
    • Third-party agreements
    • Plan development

Social Media

  • Defining Social Media
    • What is Social Media
    • Technologies That Support Social Media
  • Social Media Risks
    • Inherent Risks
    • Controllable Risks
  • Internal Audit’s Role
    • Governance
    • Controls
    • Operational and Financial Considerations

Additional Information

Who Should Attend
  • Internal audit directors, managers and supervisors
  • IT audit management and staff
  • Internal control professionals
Learning Level

Intermediate

Delivery

Group-Live & Group Internet-Based

Field

Auditing

Advanced Preparation

None

Recommended Prerequisites

3-5 years internal audit experience

Session Duration

Online: Two 3-hour sessions

On Site: 1 day

CPE Credits: 8