How To Audit IT General Controls

Seminar: ID# 1264236
Metropolitan Area:
MicroTek Computer Lab CH
230 West Monroe St
Suite 900
Chicago, IL 60606
7/13/2020 - 07/15/2020 (8:30am - 5:00pm)
Sorry, but this seminar took place already.

Click here to find other venues/dates for this seminar.
About This Course:
course-rating Rating: 4.87 - 266 reviews
In this three-day seminar, you will learn the IT general control areas that must be addressed to ensure confidentiality, integrity, and availability, as well as reliability and privacy of our sensitive and proprietary data and information assets.

During the session, we will discuss the most common IT related vulnerabilities, threats and risks facing most enterprises today and the key controls to help reduce those risks to an acceptable or tolerable level.

We also will explore critical aspects of the IT environment including the importance of data governance and data management, the Scenario-based Risk Assessment process commonly used by IT Risk Managers and will walk through many of the most common technologies and associated vulnerability, threats, risks and controls using common business language and using common applications as our examples. We will have several discussions examining various documents to allow attendees to apply the knowledge learned during the session.

By the end of this session attendees will have a better understanding on how to plan, scope and conduct an IT General Controls audit.


Data and Information Governance and Management
  • Effectiveness of IT Governance
Common IT Control Standards and Frameworks

IT Risk Management Using Scenario Analysis
  • Risk Identification
  • Risk Assessment (Analysis and Evaluation)
  • Risk Response
  • Risk Monitoring and Reporting
Technology overview, common controls, common vulnerabilities, threats, risks, and tests

IT Service Organizations - Roles and Responsibilities (SOD)

Contract Management

Technology Insurance

IT Service Management
  • Asset
  • Configuration & Hardening
  • Change/Release
  • Problem/Incident
  • Knowledge
Access Logical/Physical

Environmental Controls

Hardware and Software Infrastructure

Network Perimeter Security

Patch Management

Vulnerability Management (and Pen Testing)

Application Development

Business Continuity and Disaster Recovery

Incident Management

Project Management

Process Engineering

Third Parties and Cloud Providers

Assessing Information Technology
  • GCC Audit
  • Other Regulation Variations (SOX, PCI, etc.)
  • Adding GCC considerations to every audit engagement
Learning Level: Intermediate
Prerequisite: Fundamentals of Internal Audit, IT Audit School
Advance Preparation: None
Sorry, but this seminar took place already.

Click here to find other venues/dates for this seminar.
Qty: 3
Share This: 5755 North Point Parkway, Suite 227 | Alpharetta, GA 30022 | 770-410-9375 |
Copyright 2018 | Web Site Development by OTAU