Date(s) - 21/02/2023 - 24/02/2023
8:30 am - 3:30 pm
About this course:
This course aims to familiarize all audit personnel with IT auditing concepts and practices. The course has basic prerequisites and gradually introduces participants to introductory and more advanced topics of IT Auditing.
The advancement of IT in todays’ corporate landscape, makes it important for the Internal auditors to understand them fully and leverage the same into their audit strategy. The majority of process controls are embedded in IT systems and therefore testing them requires minimum IT audit skills.
The following course outline will be fully discussed and explained during the 2 day session:
Introduction – Refresher of IT Audit key concepts
- Why it is important
- Classifications of IT controls
- Evolution over the years
Information Technology General Controls and best practices
- Access controls
- SoD in IT
- Environmental controls
- SDLC methodology
- Program change management controls.
- Physical security controls over the data center.
- System and data backup and recovery controls.
IT Controls and the application
- Advantages of testing/relying on Application Controls
- Get to know the best practices on Controls with practical scenarios
IT Audit frameworks: fundamentals of COBIT 5
- Advantages from using frameworks
- Key features of COBIT® 5
- COBIT® 5 principles
- Pros and cons
- Associated risks and best practice controls
Integration of innovative elements around IT audit like RPA, data analytics etc
- The audit approach
- The CAATs approach
Data management / RPA
- Data theory
- Overview of data analytics / RPA
- Practical demo
- Proper documentation of CAATs effort.
- Implementation best practice