How to Perform an IT Audit
What you need to know to perform IT audits
Description
We are glad to bring you a course to learn how to perform IT audits.
This course is ideal for:
IT and information security professionals who wish to learn techniques on how to assess their IT systems and the vulnerability of their IT systems; and
Auditors or others performing assessments who wish to learn more about performing IT audits.
The course will give you the knowledge and tools necessary to perform IT audits, starting from how to plan them, how to perform and how to report on the results of the engagement. It will teach you about which threats to assess and which controls should be put in place.
It is taught by Adrian Resag, an experienced and CISA certified IT and information security auditor who has decades of experience evaluating information security, IT and ISO 27001 in many organizations.
The course covers:
Performing IT Audits
Planning Engagements
Understand how to properly plan engagements by determining their objectives, criteria and scope.
Know how to create working papers to document an audit and learn about different ways to staff an audit.
Performing Engagements
Learn how to collect engagement information and then analyze and evaluate it. Learn how to supervise engagements.
Communicating Progress and Results
Learn how to communicate engagement results and the process of acceptance of risks. Learn how to monitor progress on the implementation status of internal audit recommendations.
IT Governance, Controls and Frameworks
IT Management
Know about the management of IT and the layers model of IT management.
Systems Development
Be able to assess systems development methods, including the Systems Development Life Cycle (SDLC) model and how to audit it and the waterfall, spiral, rapid development and agile methods.
Learn about application testing methods.
Databases
Understand and be able to assess relational databases.
Software and Application controls
Know about common application controls you should ensure are in place.
IT Governance, Frameworks and Reporting
Learn about IT governance, IT frameworks and reporting structures.
IT Infrastructure
Know IT infrastructure controls and how to test them.
Business Continuity and Disaster Recovery Planning (BRP/DRP)
Know how to test preparedness Business Continuity Planning and Disaster Recovery Planning (BRP/DRP).
Data Backup and Recovery Controls
Be able to test data backups and controls for recovery.
What You Will Learn!
- Understand how to properly plan engagements by determining their objectives, criteria and scope.
- Know how to create working papers to document an audit and learn about different ways to staff an audit.
- Learn how to collect engagement information and then analyze and evaluate it. Learn how to supervise engagements.
- Learn how to communicate engagement results and the process of acceptance of risks. Learn how to monitor progress on the implementation status of internal audit
- Know about the management of IT and the layers model of IT management.
- Be able to assess systems development methods, including the Systems Development Life Cycle (SDLC), waterfall, spiral, rapid development and agile methods.
- Learn about application testing methods.
- Understand and be able to assess relational databases.
- Know about common application controls you should ensure are in place.
- Learn about IT governance, IT frameworks and reporting structures.
- Know IT infrastructure controls and how to test them.
- Know how to test preparedness Business Continuity Planning and Disaster Recovery Planning (BRP/DRP).
- Be able to test data backups and controls for recovery.
Who Should Attend!
- Current or future IT and information security professionals who wish to learn techniques on how to assess the security of their information and the vulnerability of their IT systems.
- Auditors or others performing assessments who wish to learn more about performing IT audits.