Internal Audit Training, IT Audit Training Courses, Information Security Training - CPE Interactive

Continuing Professional Education for Audit, Assurance, & Info Security

View Training Register Now

Course Description

In several recent surveys, C-level management has indicated one of the greatest risk to their organization is the inability for project teams to deliver automated application systems on-time, on-budget, AND with the required functionality. These projects tend to go off track when the project controls fail, or are not adequately enforced. IT-related budgets are often up to 30% of expenses, routine business processes are embedded in these systems, and strategic decisions are often based upon the reporting from these systems. Accordingly, the involvement of the internal audit function focusing on delivery of key applications is an essential management practice to ensure appropriate project governance, risk management, and realization of asset value.

The development process is often subject to financial, operational, and political constraints and pressures. The results can be devastating if not properly addressed. Internal Audit can provide major value in reviewing the process by phase. Our contribution can be both in content (internal controls) and governance oversight. Using CobiT® as a framework, we will develop an audit approach that achieves both objectives.

We discuss the:

  • Objectives of the IT-Enabled Project Audit
  • Use of CobiT® as a resource for control objectives
  • Reliance on the standard audit universe
  • Key phases in the project life cycle
  • Key control components by phase
  • Audit process by phase

Learning Objectives:

  • How to execute an audit of the various phases of the project
  • When to audit the phase
  • How to incorporate objective maturity model assessment into the evaluation
  • How to report findings to line management and senior management
  • When and how often to re-audit the project
  • How to integrate audit resources
  • Common issues that have arisen at each project phase

Bonus: You will receive the ISACA Systems Development and Project Management Audit/Assurance Program Using COBIT 4.1

Course Outline

Understanding the Project

  • The Components of a Business Project
    • Defining IT-Enabled Projects
    • Program vs. project
    • Organizations Involved in Projects
    • Project Management’s Role
  • Business Impact of Developed Product
  • Business Risks Associated with Project
  • Systems Development Approaches
  • Components of Systems Development

Design Methodology

  • Top-Down vs. Bottom-Up

Establishing A Development Framework

  • PMBOK
  • Typical Activities at Each Phase
  • CobiT® as a Systems Development Framework

Assurance Framework

3 Objectives of the IT-Enabled Project Management Review

Audit Scope Attributes and their Components at Each Project Phase

  • Governance
  • Project Management
  • Budget
  • Internal Controls
  • Business Process
  • Third-party providers and other external influences

Audit Approach

Auditing Internal Controls

The Auditor as a Project Customer

Reliance on the Audit Universe

  • General Controls
  • Application Controls
  • Financial Interfaces

Reporting Process

Using a Maturity Model to Establish Objective Assessment

Key Points for Success

Case studies and exercises*

*Included in 2 day course only

Additional Information

Who Should Attend
  • Internal auditors (IT, operational, financial) seeking to establish audit projects in development
Recommended Prerequisites

At least two years internal audit or relevant experience. Attending Introduction to IT Auditing (AA01) and/or Auditing IT Application Systems (AA02) would be beneficial.

Learning Level

Intermediate

Delivery

Group-Live & Group Internet-Based

Field

Auditing

Advanced Preparation

None

Session Duration

Online: Two 3-hour sessions

On Site: 1 or 2 days

CPE Credits: 8 or 16