search
search

IT Audit School

Seminar: ID# 1218534
IT Audit School
Metropolitan Area:
New York
Venue:
MicroTek Computer Lab NY
180 Maiden Lane
Suite 102
New York, NY 10038
Contact Phone:
770-410-9941
Dates:
10/15/2018 - 10/18/2018 (Days 1-3: 8:30am - 5:00pm, Day 4: 8:30am - 3:00pm)
Pricing:
$2,495.00
About This Course:
This four-day course is designed for financial, operational, business, and IT auditors who need to update their technical and operational knowledge to audit information technologies and business application systems.

Focusing on a top-down, risk-based approach to auditing application system transactions, you will master techniques you can apply to all types of applications from batch, to on-line, to real-time systems.

You will learn:

  • The concepts of information technology as they relate to key risks in the IT environment
  • Explore such IT areas as operating systems, database management systems, and networks
  • The IT audit concepts you need to know to effectively audit existing application systems
  • New systems under development
  • Mainframes
  • Distributed systems

You will leave this intensive seminar with a solid foundation in the basics of information technology as they apply to IT risks, audit, information security, and business application systems.

Bonus: You will receive a copy of MIS′ Information Technology &Audit Acronym Dictionary, defining hundreds of IT terms and acronyms. and the MIS Applications Control Handbook.

Agenda

1. Introduction To IT Audit

  • Audit Objectives And Requirements
  • Role Of IT Within The Organization
  • Management And Security Risks In An Automated Environment
  • What Is A Control?
  • Internal Control Defined
  • Processes And Control Points
  • Physical Space Vs. Logical Space
  • Identifying Control Points

2. Planning The IT Audit

  • Definition Of Internal Audit
  • Objectives Of An IT Audit
  • IT Audit Strategies
  • What Is An Application
  • Application Vs. General Controls
  • IT Audit Control Reviews
  • IT Control Categories
  • The Audit Deliverable
  • Building The Audit Team

3. Auditing Organizations And Standards

  • Maintaining Audit Objectivity
  • What Is A Standard?
  • AICPA And SAS
  • GAO And Other Certification Organizations
  • The Institute Of Internal Auditors (IIA)
  • The Treadway Commission
  • COSO Integrated Framework
  • ISACA And The IT Governance Institute
  • COBIT®: Control Objectives For Information And Related Technology
  • ISO 27002 Security Standard

4. Information Technology Basics

  • Computer Hardware And CPU Operation
  • Two Different Classes Of Computers
  • Software, Programs, And Processing
  • Distributed Systems And Client/Server Technology
  • The Open Systems Interconnection (OSI) Model
  • Maintenance And Security

5. Network Technology And Controls

  • Networking Risks
  • Auditing Networks
  • What Is A Network?
  • Lans, Wans, And Mans
  • Physical Network Media (Cables)
  • Cabling Audit Objectives
  • LAN Protocols
  • WAN Connectivity And Protocols
  • MAN Protocols
  • LAN/WAN/MAN Audit Objectives
  • Network Devices
  • Network Device Audit Objectives
  • Complete Networks
  • The Internet
  • Intranets And Extranets
  • Risks Of Internet Use For Business
  • Using Firewalls
  • Internet Communications
  • Internet Protocol (IP) Addressing
  • Service (Process) Addressing
  • Internet Applications
  • The World Wide Web (Www)
  • Web Page Technologies
  • Internet Audit Objectives

6 Shared General And Application Controls

  • Logical Security
  • Data Classification
  • Logical Access Controls: System Access
  • Encryption: Information Access
  • Remote Access, Pcs, And Mobile Devices
  • Information Security Management
  • Change Management
  • Change Management Objectives
  • Program Change Control
  • Patch Management
  • Software Licensing
  • Business Continuity/Disaster Recovery
  • BCP/DRP Defined
  • Business Impact Analysis (BIA)
  • Disaster Recovery Strategy
  • Maintaining The Plan
  • System Development Technologies
  • SDLC, RAD, ERP Purchases
  • Internal Audit Involvement
  • Audit Strategy

7. Database Technology And Controls

  • Managing Information
  • The Program
  • Centric Model
  • Program
  • Centric Audit Concerns
  • The Data
  • Centric Model
  • What Is A Database?
  • Database Terminology
  • Database Management Systems (DBMS)
  • Types Of Databases
  • Database Audit Concerns

8. Infrastructure General Controls

  • Operations Controls
  • IT Operations
  • Operating System Controls
  • System Utilities
  • System Software Controls: A Review
  • Physical Security
  • Environmental Controls

9. Business Application Transactions

  • Objectives Of An Application Audit
  • What Is A Transaction?
  • Transaction
  • Based Application Auditing
  • Transaction Life Cycle
  • Application Risk Assessment Factors
  • Establishing Audit Priorities

10. Top-Down Risk-Based Planning

  • Planning The Application Audit
  • Top
  • Down, Risk
  • Based Planning
  • Defining The Business Environment
  • Determining The Application’s Technical Environment
  • Performing A Business Information Risk Assessment
  • Identifying Key Transactions
  • Developing A Key Transaction Process Flow
  • Evaluating And Testing Application Controls

11. Data Input And Processing Models

  • Comparing Pros/Cons Of Input And Processing Models
  • Batch Input/Batch Processing
  • On
  • Line Input/Batch Processing
  • On
  • Line Input/On
  • Line Processing
  • Real
  • Time Input/Real
  • Time Processing

12. Application Controls

  • Business Applications
  • Information Objectives
  • COSO: Application Controls
  • Business Application Auditing
  • Application Transaction Life Cycle
  • Transaction Origination
  • Logical Security
  • Completeness And Accuracy Of Input
  • Completeness And Accuracy Of Processing
  • Completeness And Accuracy Of Output
  • Output Retention And Disposal
  • Data File Controls
  • User Review, Balancing, Reconciliation
  • End
  • User Documentation
  • Training
  • Segregation Of Duties
  • Business Continuity Planning
  • Sarbanes
  • Oxley Application Control Requirements

13. Testing Application Controls

  • Testing Automated And Manual Controls
  • Testing Alternatives
  • Testing Sample Size
  • Sampling Terminology
  • Negative Assurance Testing
  • Types Of Audit Evidence
  • Functional/Substantive Testing
  • Computer Assisted Audit Techniques (Caats)
  • Data Analysis: Planning And Data Verification
  • Sarbanes
  • Oxley: Testing Requirements And Examples

14. Documenting Application Controls

  • Evaluating And Documenting Internal Controls
  • Internal Control Questionnaires
  • Narratives
  • Flowcharts / Process Flows
  • Control Matrix

15. End-User Computing

  • Growth Of End User Computing
  • End User Computing Risks
  • General IT Control Risks
  • Change Control Risks
  • Purchased Applications Risks
  • Spreadsheets: Typical Errors
  • Spreadsheet Risk Factors
  • Practical Steps For Evaluating Spreadsheet Controls

Prerequisites: None
Learning Level: Basic
Field: Auditing

Dates &Times

Classes start on the date(s) posted herein, and run from 8:30am to 5pm daily, except for the last day of class, which ends at 3pm.

Order:
IT Audit School
Metropolitan Area:
New York
Venue:
MicroTek Computer Lab NY
180 Maiden Lane
Suite 102
New York, NY 10038
Contact Phone:
770-410-9941
Dates:
10/15/2018 - 10/18/2018 (Days 1-3: 8:30am - 5:00pm, Day 4: 8:30am - 3:00pm)
Pricing:
$2,495.00
Qty:
Qty: 3
$249.50
$2,245.50
Share This:
About Us Privacy Guarantee Affiliate List Your Courses Contact Us My Account
Google+ FacebookBankTrainingCenter.com. 5755 North Point Parkway, Suite 227 | Alpharetta, GA 30022 | 770-410-9375 | support@BankTrainingCenter.com
Copyright BankTrainingCenter.com 2018 | Web Site Development by OTAU