Date/Time
Date(s) - 02/04/2024 - 04/04/2024
8:30 am - 2:30 pm

Location

Course Overview:

This course aims to familiarize all audit personnel with IT auditing concepts and practices. The course has basic prerequisites and gradually introduces participants to introductory and more advanced topics of IT Auditing.

The advancement of IT in todays’ corporate landscape, makes it important for the Internal auditors to understand them fully and leverage the same into their audit strategy. The majority of process controls are embedded in IT systems and therefore testing them requires minimum IT audit skills.

The following course outline will be fully discussed and explained during the 3 day session:

Introduction – Refresher of IT Audit key concepts

• Definitions
• Why it is important
• Classifications of IT controls
• Evolution over the years

Information Technology General Controls and best practices

• Access controls
• SoD in IT
• Environmental controls
• SDLC methodology
• Program change management
• Physical security controls over the data
• System and data backup and recovery

IT Controls and the application

• Advantages of testing/relying on Application Controls
• Get to know the best practices on Controls with practical scenarios

IT Audit frameworks: fundamentals of COBIT 5

• Advantages from using frameworks
• Key features of COBIT® 5
• COBIT® 5 principles

Cloud computing

• Pros and cons
• Associated risks and best practice controls

Integration of innovative elements around IT audit like RPA, data analytics etc

• Introduction
• The audit approach
• The CAATs approach

Data management / RPA

• Data theory
• Overview of data analytics / RPA
• Practical demo
• Proper documentation of CAATs
• Implementation best practice

Course Duration: 3 days

CPE Credits: 21

Level: All

Field of Study: Auditing

Pre-requisites: None

Bookings