Internal Audit Training, IT Audit Training Courses, Information Security Training - CPE Interactive

Continuing Professional Education for Audit, Assurance, & Info Security

Course Description

IT Auditing is an essential skill for internal auditors. To be an effective IT auditor, one needs to understand four major components of IT audit: IT Governance and Management, General IT Controls, Applications Controls, and Development Controls. This course is an introduction to these concepts will prepare you to pursue further training in IT Audit.

This course will introduce the fundamentals of IT auditing, core drivers behind why it is a specialized area of auditing, evolution of IT assurance, and the principle objectives of IT auditing and its relationship to integrated financial or operational auditing. It will introduce the role of IT auditing and how IT audit strategies can enhance non-IT audits.

We will introduce you to the four primary types of IT audits: audits of IT systems, IT processing environments, systems development, and technical and special topic audits. We will define critical IT concepts, governance requirements, risk assessment techniques, and related auditing concepts. You will be introduced to techniques for identifying operational and control requirements for IT systems, researching control objectives and related controls, evaluating control design or appropriateness, and assessing the reliability of IT audit evidence.

You will discuss:

  • The IT audit universe
  • Understanding the importance of the operating culture on IT control
  • Understanding the relationship of controls to control objectives
  • Meeting auditing standards for compliance and attaining IT audit value
  • Importance of applying comprehensive audit planning techniques to achieving audit success
  • Impact of outsourced IT functions

Learning Objectives

  • Gain a working understanding of IT audit concepts and practices
  • Clarify the difference and importance of general versus application control audits
  • Learn how to apply internal control fundamentals to the evaluation of IT system integrity, security and availability
  • Gain an understanding of the operational and control objectives of the principle areas of general control
  • Further your appreciation of the importance of IT in achieving organizational objectives and in providing assurance that appropriate controls are designed, implemented and in effect to attain system integrity, security and availability

Course Outline

Role of the IT Auditor

  • Objectives of IT Audit
  • Information Systems and its Impact on the Business
  • The IT Audit Universe

Understanding the IT Controls Frameworks

  • COSO
  • COBIT 4.1 & 5
  • ITIL
  • ISO27001/2
  • NIST Framework for Improving Critical Infrastructure Cybersecurity

Auditing General Controls

  • Objectives of the General Controls Review
  • IT Governance and Management
  • Information Security Management
  • Configuration Management
  • Network Security Management
  • Identity and Access Control Management
  • Data Management
  • Service Desk and Incident Management
  • Change Management
  • Third Party Services
  • Business Continuity Management
  • Backup and Media Management
  • Physical Security

Auditing IT Applications

  • Objectives of Application Systems Audits
  • Key Application Processes
  • Understanding the Risks and Controls in the IT Process Modules

Auditing Existing Applications

  • Planning
  • Identifying Control Objectives
  • Establishing an Audit Workplan
  • Key Controls in the Application Process

Auditing Systems in Development

  • Objectives of the Systems Development Audit
  • Phases in the Development Process

Additional Information

Who Should Attend

New IT auditors
Internal auditors assuming an IT or integrated role

This course will prepare you for the more in-depth training necessary to prepare you for a career in IT Audit.

Learning Level

Basic

Delivery

Group-Live

Field

Auditing

Advanced Preparation

None

Recommended Prerequisites

none

Session Duration

Online: N/A

On Site: 2 days

CPE Credits: 16