Enquire Now
Login / SignUp
Get the course
Enquire Now

IT Auditing Governance, Risk and Compliance

Section-1: IT Audit Basics

  • Module-1: Fundamentals of IT Auditing

    By the end of this part of the course the attendees will be able to:

    • Understand the jargon of the computer world
    • Differentiate between types of systems and their major risk elements
    • Understand how computer systems are constructed and how this can influence the eventual running in the business environment
    • Utilize this knowledge to gain a greater acceptance by computer-literate auditees
    • Identify the role of the IS audit specialist
    • Identify potential areas for the audit use of computerized technology

    This module is designed to provide the participants with in-depth knowledge and experience of Technology and audit, Control objectives and risks, Batch and online systems, Programming computers, Database systems, Computer risks and exposures, Computer security, Application systems and their development, and Computer operations control.

  • Module-2: Auditing Database Structures

    By the end of this part of the course the attendees will be able to:

    • Identify the different types of database structures, their principal components, and the threats to them
    • Relate DBMS components to the operating system environment in which they operate
    • Identify potential control opportunities and select among control alternatives
    • Recognize vulnerabilities in multiple DBMS environments and make appropriate recommendations
    • Select the appropriate audit tool and technique to meet a given audit objective

    The module will cover Database types – Sequential, Hierarchical, Network, Inverted File Structures, Relational Models, Control opportunities in a database environment, Database tools and techniques, Auditing IMS; IDMS; ADABAS; DB2; DATACOM; Oracle; Access.

  • Module-3: Audit use of CAATs

    By the end of this part of the Course attendees will have an in-depth knowledge of:

    • The nature and usage of CAATS
    • Methods for determining the appropriate CAAT
    • Usage of differing types of CAAT
    • Interpretation of results
    • Verification of CAAT results

    The module will cover the areas like System testing techniques, Computerized application systems, Non-computerized systems, CAAT types, Source code review, Use of Test Data, Parallel Simulation, Integrated Test Facilities, Snapshot Techniques, SCARF, Retrieval Software, Generalized Audit Software, Specialized Audit Software, Utility Software, ACL, and IDEA.

  • Module-4: Auditing Contingency Planning

    By the end of this module, you will have the tools and techniques needed in your own environments to:

    • Assess the corporate risks
    • Identify their audit strategies
    • Establish their priorities
    • Develop their Audit Plan
    • Evaluate and test their Corporate Disaster Recovery Plan

    The module will cover What is a Disaster? What is a Disaster Recovery Plan? Who is Accountable? What are the Options? What is the cost? How can a C.P. be tested? What is Management’s Role? What is the User’s Role? What is the Information Services Role? What is the Internal Auditor’s Role?

  • Module-5: IT Fraud and Countermeasures

    By the end of this module, you will be able to:

    • Distinguish between the varying types of computer fraud, their nature and effect
    • Identify likely fraud indicators
    • Audit for computer fraud
    • Establish a Corporate Risk Profile
    • Structure an anti-fraud security environment
    • Distinguish between fraud and forensic auditing
    • Identify the requirements to ensure that audit evidence is acceptable as legal evidence
    • Identify the requirement and effect of reporting sensitive issues

    The module will cover the areas like the nature of computer fraud, the Corporate risk profile, Computer fraud techniques, why computer fraud and who commits it? Fraud auditing, Fraud awareness, EDI and fraud, the expectation gap, Forensic auditing, Sources of evidence and audit tools, Legal evidence and Reporting sensitive issues.

Section-2: Advanced IT-Auditing

  • Module-1: Advanced IT Audit Risk Analysis for Auditors

    By the end of this module, you will get an in-depth knowledge and experience of:

    • Risk and its nature in a corporate environment Risk analysis and Internal Auditing
    • The use of Risk-based auditing as an integrated approach
    • Risks within computer systems
    • Electronic trading risks
    • The IT Risk-based audit approach
    • Risk and materiality
    • A structured approach to audit risk evaluation
    • How to sell Risk-based audits

  • Module-2: Securing the Internet

    This module is designed to provide you with an in-depth knowledge of the risks as well as the benefits of Internet connection. You will learn about the tools and information sources available on the internet as well as the uses to which these might be put. The module will cover the following areas:

    • Internet Threats
    • Protection Strategies
    • Internet security and privacy
    • Use of Digital Certificates
    • Client-side Security
    • Downloading threats
    • Firewalling and encryption
    • Formulating an Internet security plan

  • Module-3: IT Security Reviews

    This module is developed to familiarize auditors with computer risk areas and security mechanisms, to provide auditors with an understanding of the building blocks of operational environments and operating systems, and to provide auditors with an appropriate methodology for reviewing computer security. The module will cover the following areas:

    • Computer risk areas
    • Criteria for effective security
    • Computer operations
    • Applications security
    • Change control
    • Control over viruses
    • The “ACCESS” model
    • Tailoring the Operating System
    • Auditing operating environments
    • The role of security packages: RACF, ACF2, TOP SECRET
    • The internet and Firewalls

  • Module-4: Performance Auditing of the IT Function

    The objectives of this module are to provide attendees with the tools and techniques needed in their own environments to familiarize auditors with the Key Performance Areas within IT, to introduce them to a VFMA methodology to determine whether the IT resources are being optimized, and to provide delegates with a complete VFMA audit plan for the IT function. The module will cover the following areas:

    • Background and objectives of VFMA
    • Operational auditing methods and techniques
    • Major operational areas in IT
    • Risks and control opportunities
    • Economy of resource utilization
    • Efficiency determination of the key performance areas
    • The quantification of effectiveness
    • Implementing the VFMA audit programmer
    • Performing the audit and following-u

  • Module-5: Managing the IT Audit Function

    IT Audit has developed into a maze of specialties with technical specialists requiring ever more. By the end of this part of the Course the attendee will be able to:

    • Distinguish between the varying types of computer fraud, their nature and effect
    • Identify likely fraud indicators
    • Audit for computer fraud
    • Establish a Corporate Risk Profile
    • Structure an anti-fraud security environment
    • Distinguish between fraud and forensic auditing
    • Identify the requirements to ensure that audit evidence is acceptable as legal evidence
    • Identify the requirement and effect of reporting sensitive issues

    The module will cover the areas like the Scope of IT Audit, narrowing the perspective, Objective setting, Staffing and recruiting, the use of audit automation, skills and training, measuring effectiveness and the role of the Specialist.

  • Module-6: Case Studies, Examples, Negotiating SKills

    • Case Studies and Practical Examples
    • Case-studies: Sources of Cybersecurity Risks
    • Practical Negotiating Skills for Auditors

Overview:IT Auditing

An Information Technology (IT) audit, or Information Systems audit, is an examination of the management controls within an IT infrastructure. The evaluation of obtained evidence determines if the information systems are safeguarding assets, maintaining data integrity, and operating effectively to achieve the organization’s goals or objectives. These reviews may be performed in conjunction with a financial statement audit, internal audit, or other form of attestation engagement.
iZen is brining you a structured learning curriculum for a program on ‘Analyst: IT Governance, Risk and Compliance Auditing’.

HIGH DEMAND

Most stringent government regulations, tighter lending standards, and demands for accountability keep IT auditors in high demand globally.

HUGE SUPPLY GAP

Demand for qualified IT auditing personnel far exceeds supply. That means less competition and more pay for highly trained-experts.

BRIGHT FUTURE

According to the Bureau of Labor Statistics, the employment rate for IT auditors is expected to grow by 15 percent over the next 10 years.

 

This course is aimed primarily at auditors, both internal and external, who are beginning their career in Computer Auditing or who wish to understand the complexities and vulnerabilities of computer systems. The course helps one to shorten the time period to productivity and effectiveness.

Benefits of the this program

  • Kick-start or re-ignite your career by completing this course. Improve your career opportunities by learning new skills.
  • Learn IT Auditing from world-class consultants, authors and thought leaders with over 30 years of experience in Risk, Audit, Governance, Forensic, Internal and IT auditing education
  • Learn by doing:
    1. Get hands-on experience by doing several industry-specific case studies
    2. Learn different IT Auditing tools and techniques
    3. Get in-depth knowledge and experience using different software
    4. Learn to assess corporate risks, identify audit strategies, and audit for computer fraud

Who is this program for?

  • If you are a student seeking employment to kickstart your career, this is a great opportunity for you to learn IT Auditing and build a rewarding, future-proof, and meaningful career
  • If you are already employed but are trying to rekindle your career in the exciting world of IT Auditing, this program is perfect for you
  • If you are already an auditor, this program can give you more confidence and thought leadership in IT-auditing, leading practices, tools, techniques

PREREQUISITES:

  • Basic knowledge of computers and IT-infrastructure

Who will you learn from?

PROGRAM FACULTY

 

Richard Cascarino, CIA, CISM, CFE is a consultant and lecturer with over 30 years’ experience in Risk, Audit, Governance, Forensic, Internal and IT auditing education. He is a principal of Richard Cascarino & Associates. He is a regular speaker to national and international conferences and has presented courses throughout Africa, Europe, the Middle East and the USA.

He is the author of the books “Internal Auditing-an Integrated Approach”, “Auditor’s Guide to Information Systems Auditing”, “Corporate Fraud and Internal Control: A Framework for Prevention” published by Wiley, and the book “Data Analytics for Internal Auditors”. He is also a contributing author to the Governance section of Finance: The Ultimate Resource and is a frequent speaker at IIA, ACFE and ISACA courses and conferences.

Richard Cascarino was the chairman of the Audit and Risk Committee of the Department of Public Enterprises in South Africa and served as chairman of the Audit Committee of Gauteng cluster 2 (Premier’s office, Shared Services and Health). He is also a visiting Lecturer at the University of the Witwatersrand.

He is a Past President of the IIA – South Africa and founded the African Region of the IIA Inc. He is also a member of the Board of Regents for Higher Education of the Association of Certified Fraud Examiners. He is a member of the Board of Regents (Higher Education) for the ACFE.

 

Jim Kaplan CIA CFE was President and Founder of AuditNet®, the global resource for auditors which is now acquired by Workiva.

Jim is a highly accomplished Internal auditor and audit manager with 26 years of progressive experience with solid background utilizing internal audit standards and audit procedures and techniques. He is recipient of the IIA’s 2007 Bradford Cadmus Memorial Award. Jim Kaplan is an Author of “The Auditor’s Guide to Internet Resources” 2nd Edition.

Specialties: As a writer, journalist, educator, lecturer and dedicated local government auditor, Jim has promoted and encouraged the use of technology and the Internet for audit productivity.

 

How will you Learn?

  • Online using desktop, laptop or mobile devices
  • Learn at your own convenient time, and pace
  • Video lectures delivered from a cloud LMS platform
  • Quizzes are given remotely
  • Case studies for the reinforcement of the learning

What is the Duration of the program?

  • 8 weeks, around 10 hours per week, or a total of 80 hours
  • Rolling enrolment allows you to start any time. The duration can be aligned to your requirements
AED 3,699.00
Purchase Now
AED 3,699.00
Purchase Now
About this course:
Level

Beginners

Lessons

11 Modules

Duration:

8 weeks

Language

English

Certification

Webster University

A learning platform powered that is highly Dynamic

info@mcroxford.com

Popular Courses

Useful Link

Contact Us

Address: Office No: 946, Tamani Arts Offices, Business Bay, Dubai, UAE

Email: info@mcroxford.com

Phone: +971 50 548 5324

© 2023 MCR Oxford Education and Training Software. All Rights Reserved | Developed By Naya Group
Facebook Twitter Instagram Youtube

Make a Course Enquiry