search
search

Building an Effective IT Audit Program

Webinar: ID# 1005039
Date: Recorded
About This Course:
Every successful Information Security Program is built on 3 key elements. Decision-making risk management processes, clearly documented Information Security Policies, and an effective IT Audit Program. These elements work in conjunction with each other, feeding the next component information that continually improves the Information Security Program. The IT Risk Assessment process identifies key systems and information, threats against those systems, and helps management identify which controls are necessary to mitigate risk to an acceptable level. The controls have been selected in the risk assessment, are captured and solidified in the Information Security Policies. Which the bank then in turn implements to mitigate the identified risks. The IT Audit process comes in to identify two things; first are the controls which were established in the first two elements of the process and implemented in the organization, and second are the controls adequate for regulatory compliance and best practices.

A well-developed IT Audit Program will govern this process and provide the Board of Directors with assurances that the Information Security Program is implemented and working. This session will examine in more detail how the IT Audit Program integrates with the Information Security Program.

Covered Topics:
  • Risk-based Audit Models
  • Internal/External Audit Processes
  • FFIEC IT Audit Requirements
  • 6 Basic Audit Steps
  • Engagement Letters
  • Audit Workpapers
  • Reporting and Exception Tracking
Who Should Attend

Information Security Officer, IT Manager, Risk Officer, Internal Auditor, Directors, and Executives looking to improve processes for IT Auditing.

The Presenter

Chad Knutson is a Senior Information Security Consultant and serves as President of the SBS CyberSecurity out of Madison, SD. SBS is a leader in information security consulting for the financial industry in the US. SBS works with more than 900 banks around the country on information security services such as the development of Information Security Programs, Policies, and Risk Assessments, along with performing IT Audits, Penetration Tests, Vulnerability Assessment and other security services. Chad is a Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA) and Certified in Risk and Information Security Controls (CRISC), and received his Bachelor of Science in Computer Information Systems and his Master of Science in Information Assurance with an emphasis in Banking and Finance Security from Dakota State University. Chad has been with SBS since 2004 and has consulted with many financial institutions during this time.
Order:
Building an Effective IT Audit Program
Available on CD or On-Demand formats
Qty:
Share This:
About Us Privacy Guarantee Affiliate List Your Courses Contact Us My Account
Google+ FacebookBankTrainingCenter.com. 5755 North Point Parkway, Suite 227 | Alpharetta, GA 30022 | 770-410-9375 | support@BankTrainingCenter.com
Copyright BankTrainingCenter.com 2018 | Web Site Development by OTAU