search

IT Audit School Agenda

it-audit-school
Seminar: ID# 1264199
it-audit-school

Agenda

1. Introduction To IT Audit

  • Audit Objectives And Requirements
  • Role Of IT Within The Organization
  • Management And Security Risks In An Automated Environment
  • What Is A Control?
  • Internal Control Defined
  • Processes And Control Points
  • Physical Space Vs. Logical Space
  • Identifying Control Points

2. Planning The IT Audit

  • Definition Of Internal Audit
  • Objectives Of An IT Audit
  • IT Audit Strategies
  • What Is An Application
  • Application Vs. General Controls
  • IT Audit Control Reviews
  • IT Control Categories
  • The Audit Deliverable
  • Building The Audit Team

3. Auditing Organizations And Standards

  • Maintaining Audit Objectivity
  • What Is A Standard?
  • AICPA And SAS
  • GAO And Other Certification Organizations
  • The Institute Of Internal Auditors (IIA)
  • The Treadway Commission
  • COSO Integrated Framework
  • ISACA And The IT Governance Institute
  • COBIT®: Control Objectives For Information And Related Technology
  • ISO 27002 Security Standard

4. Information Technology Basics

  • Computer Hardware And CPU Operation
  • Two Different Classes Of Computers
  • Software, Programs, And Processing
  • Distributed Systems And Client/Server Technology
  • The Open Systems Interconnection (OSI) Model
  • Maintenance And Security

5. Network Technology And Controls

  • Networking Risks
  • Auditing Networks
  • What Is A Network?
  • Lans, Wans, And Mans
  • Physical Network Media (Cables)
  • Cabling Audit Objectives
  • LAN Protocols
  • WAN Connectivity And Protocols
  • MAN Protocols
  • LAN/WAN/MAN Audit Objectives
  • Network Devices
  • Network Device Audit Objectives
  • Complete Networks
  • The Internet
  • Intranets And Extranets
  • Risks Of Internet Use For Business
  • Using Firewalls
  • Internet Communications
  • Internet Protocol (IP) Addressing
  • Service (Process) Addressing
  • Internet Applications
  • The World Wide Web (Www)
  • Web Page Technologies
  • Internet Audit Objectives

6 Shared General And Application Controls

  • Logical Security
  • Data Classification
  • Logical Access Controls: System Access
  • Encryption: Information Access
  • Remote Access, Pcs, And Mobile Devices
  • Information Security Management
  • Change Management
  • Change Management Objectives
  • Program Change Control
  • Patch Management
  • Software Licensing
  • Business Continuity/Disaster Recovery
  • BCP/DRP Defined
  • Business Impact Analysis (BIA)
  • Disaster Recovery Strategy
  • Maintaining The Plan
  • System Development Technologies
  • SDLC, RAD, ERP Purchases
  • Internal Audit Involvement
  • Audit Strategy

7. Database Technology And Controls

  • Managing Information
  • The Program
  • Centric Model
  • Program
  • Centric Audit Concerns
  • The Data
  • Centric Model
  • What Is A Database?
  • Database Terminology
  • Database Management Systems (DBMS)
  • Types Of Databases
  • Database Audit Concerns

8. Infrastructure General Controls

  • Operations Controls
  • IT Operations
  • Operating System Controls
  • System Utilities
  • System Software Controls: A Review
  • Physical Security
  • Environmental Controls

9. Business Application Transactions

  • Objectives Of An Application Audit
  • What Is A Transaction?
  • Transaction
  • Based Application Auditing
  • Transaction Life Cycle
  • Application Risk Assessment Factors
  • Establishing Audit Priorities

10. Top-Down Risk-Based Planning

  • Planning The Application Audit
  • Top
  • Down, Risk
  • Based Planning
  • Defining The Business Environment
  • Determining The Application’s Technical Environment
  • Performing A Business Information Risk Assessment
  • Identifying Key Transactions
  • Developing A Key Transaction Process Flow
  • Evaluating And Testing Application Controls

11. Data Input And Processing Models

  • Comparing Pros/Cons Of Input And Processing Models
  • Batch Input/Batch Processing
  • On
  • Line Input/Batch Processing
  • On
  • Line Input/On
  • Line Processing
  • Real
  • Time Input/Real
  • Time Processing

12. Application Controls

  • Business Applications
  • Information Objectives
  • COSO: Application Controls
  • Business Application Auditing
  • Application Transaction Life Cycle
  • Transaction Origination
  • Logical Security
  • Completeness And Accuracy Of Input
  • Completeness And Accuracy Of Processing
  • Completeness And Accuracy Of Output
  • Output Retention And Disposal
  • Data File Controls
  • User Review, Balancing, Reconciliation
  • End
  • User Documentation
  • Training
  • Segregation Of Duties
  • Business Continuity Planning
  • Sarbanes
  • Oxley Application Control Requirements

13. Testing Application Controls

  • Testing Automated And Manual Controls
  • Testing Alternatives
  • Testing Sample Size
  • Sampling Terminology
  • Negative Assurance Testing
  • Types Of Audit Evidence
  • Functional/Substantive Testing
  • Computer Assisted Audit Techniques (Caats)
  • Data Analysis: Planning And Data Verification
  • Sarbanes
  • Oxley: Testing Requirements And Examples

14. Documenting Application Controls

  • Evaluating And Documenting Internal Controls
  • Internal Control Questionnaires
  • Narratives
  • Flowcharts / Process Flows
  • Control Matrix

15. End-User Computing

  • Growth Of End User Computing
  • End User Computing Risks
  • General IT Control Risks
  • Change Control Risks
  • Purchased Applications Risks
  • Spreadsheets: Typical Errors
  • Spreadsheet Risk Factors
  • Practical Steps For Evaluating Spreadsheet Controls
Order:
IT Audit School
Pricing:
$2,063.00
Metropolitan Area:
New York
Venue:
MicroTek Computer Lab NY
180 Maiden Lane
Suite 1102
New York
770-410-9941
Dates:
6/15/2020 - 06/18/2020 (8:30am - 5:00pm)
Qty:
View Applicable Discounts
Qty: 3
$206.30
$1,856.70
FacebookCPATrainingCenter.com. 5755 North Point Parkway, Suite 227 | Alpharetta, GA 30022 | 770-410-9375 | support@CPATrainingCenter.com
Copyright CPATrainingCenter.com 2024 | Web Site Development by OTAU