Internal Audit Training, IT Audit Training Courses, Information Security Training - CPE Interactive

Continuing Professional Education for Audit, Assurance, & Info Security

Course Description

IT Auditing is an essential skill for internal auditors. To be an effective IT auditor, one needs to understand four major components of IT audit: IT Governance and Management, General IT Controls, Applications Controls, and Development Controls. This course is an introduction to these concepts and will prepare you to pursue further training in IT Audit.

We will introduce you to the four primary types of IT audits: audits of IT systems, IT processing environments, systems development, and technical and special topic audits. We will define critical IT concepts, governance requirements, risk assessment techniques, and related auditing concepts. You will be introduced to techniques for identifying operational and control requirements for IT systems, researching control objectives and related controls, evaluating control design or appropriateness, and assessing the reliability of IT audit evidence.

You will discuss:

  • The IT audit universe
  • Understanding the importance of the operating culture on IT control
  • Understanding the relationship of controls to control objectives
  • Meeting auditing standards for compliance and attaining IT audit value
  • Impact of outsourced IT functions

Course Outline

Role of the IT Auditor

  • Objectives of IT Audit
  • Information Systems and its Impact on the Business

    The IT Audit Universe

Understanding the IT Controls Frameworks

  • COSO
  • COBIT 4.1, 5 & 2019
  • ISO27001/2
  • NIST Framework for Improving Critical Infrastructure Cybersecurity

Auditing General Controls

  • Objectives of the General Controls Review
  • Major components of the general controls review

    • IT Governance and Management
    • Information/Cyber Security Management
    • Configuration Management
    • Incident Response and Business Continuity
    • Cloud Computing and other Outsourcing
    • Change Management

Physical Security and Media Auditing IT Applications

  • Objectives of Application Systems Audits
    • Auditing Existing Applications
    • Auditing Systems in Development
  • Key Application Processes

Additional Information

Who Should Attend

New IT auditors
Internal auditors assuming an IT or integrated role

Learning Level






Advanced Preparation


Recommended Prerequisites

Fundamental knowledge of the audit process and auditing procedures. It is assumed that the attendees will have a minimal IT background.

Session Duration

On Site: 1

CPE Credits: 8

Questions? Contact us

Phone: +1 (781) 784-4390
Email: fill out form below

    [recaptcha size:compact class:captcha]