Internal Audit Training, IT Audit Training Courses, Information Security Training - CPE Interactive

Continuing Professional Education for Audit, Assurance, & Info Security

View Training Register Now

Course Description

ISACA recently published its 2nd edition of Top Business/Technology Issues Survey Results. This document provides IT and Internal Audit assurance professionals with an understanding of senior IT management’s concerns. Using supporting surveys and status reports, as well as good business practices, we will discuss management’s top issues. This will permit us to build an audit response to their top technology issues that improves our relevance, develops confidence with our client/customer, and provides a necessary service.

You will discuss IT Management’s top issues:

  • Regulatory compliance
  • Enterprise-based IT management and IT governance
  • Information security management
  • Disaster recovery/business continuity
  • Challenges of managing IT risks

We will approach each issue by:

  • Defining the issue
  • Exploring the relationship of the issue to assurance
  • Using IT frameworks such as the IT Assurance Framework and CobiT to provide a baseline for addressing the issue
  • Exploring how Internal Audit can respond to these management concerns through either integrating these issues into the existing audit universe or establishing narrowly focused assessments to provide appropriate assurance

Learning Objectives:

  • Understand current IT management issues
  • Establish a basis for assigning assurance risk to IT’s top concerns
  • Define a strategy for incorporating IT management’s requirements into your audit universe
  • Identifty an approach to incorporate objective maturity model assessment into the evaluation

Course Outline

Regulatory compliance

  • Identifying compliance requirements
  • Building a compliance inventory
  • Integrating the compliance requirements into the audit universe
  • Building continuous monitoring/auditing practices into the regulatory compliance function
  • Normalizing regulatory compliance
  • Establishing operating efficiencies

Enterprise-Based IT Management and Governance

  • Identifying the scope and components of IT governance
  • Sources of IT governance best-practices
  • Minimizing IT project risk
  • Managing the IT portfolio

Information security management

  • Understanding current information security management gaps
  • Assessing the risks introduced by mobile assets and applications
  • Evaluating cloud computing risks
  • Reputational risk and social networking – the next frontier

Disaster recovery/business continuity

  • Gaps in business continuity ownership
  • Transforming the focus from recovery to continuity management
  • Business continuity as a management function

Challenges of managing IT risks

  • Establishing management risk assessment best practices
  • Integrating risk assessments into the IT management process
  • Understanding the different objectives of audit and IT management risk assessments
  • Integrating management risk assessments into the audit risk assessment
  • Establishing audit scope based upon the results of both management and audit risk assessments

Internal Audit as a Team Player with IT Management

  • Providing value as part of the audit process
  • Finding a middle ground between management “cheerleader” and “enforcer”
  • Using maturity models to provide objective reporting

Additional Information

Who Should Attend
  • Internal Audit and IT Audit Managers and Directors
  • Internal Audit departments seeking to establish a focused and responsive presence with their audit customers
Learning Level

Intermediate

Delivery

Group-Live & Group Internet-Based

Field

Auditing

Advanced Preparation

None

Recommended Prerequisites

Basic understanding of IT management, internal audit management, and audit frameworks

Session Duration

Online: Two 3-hour sessions

On Site: 1 Days

CPE Credits: 8