IT Auditing Essentials for the Non-IT Auditor: Mandates, Objectives and Approaches


OVERVIEW
This webinar will assist those without technology experience in their pursuit of designing and executing audits that assess information security components. It is specially designed to meet the basic IT audit training needs of financial and operational auditors who audit IT governance, risks, management, and controls.
The objective of this training is to provide the necessary knowledge for non-IT auditors to allow them to perform a basic IT audit during a financial or an operational examination.
This course will also benefit IT-auditors by enhancing their general and application controls understanding.
During this webinar, you will acquire baseline knowledge for IT general and application control concepts and skills and their importance and relationship in your business processes. You will also learn the fundamentals of issues concerning IT controls, and the scope of addressable IT risks in today’s business environment.
WHY SHOULD YOU ATTEND
Strategic and tactical manager-leaders enable large supplier and buyer repositories of sensitive business and personal information that, if compromised, will have severe organizational and individual repercussions. Various news outlets such as Fox News, the Wall Street Journal, Forbes, and CNN Business have presented events concerning cybersecurity breaches.
Most of these reputable news organizations implied serious allegations regarding managerial due diligence during the lifecycle of collected data. Between July 2018 and April 2019, as compiled by the Ponemon Institute and sponsored by International Business Machines, the reported average annualized cybercrime cost of globally surveyed industry sectors was $3.92 million per organization.
The Ponemon Institute 2019 study also estimated that a typical company has a 29.6% probability of experiencing a data breach within the next two years.
Structures deployed by an organizational governance system allocate rights and responsibilities within the structures and necessitates assurance that manager-leaders are operating effectively and expectantly within the defined structures.
Undoubtedly, an individual or group authorized activation of the applications containing personally identifiable data. Nonetheless, it appears adequate precautions, such as application processing testing, were not performed either before deployment, during implementation, or after installation by the project team.
Thus, the question regarding the circumstances that produced financial and reputational losses is: Did organizational employees adequately perform IT control assessments using an appropriate audit system?
AREAS COVERED
Information Technology (IT) is a critical enabler of business. Assuring an enterprise's governance, including IT risk management and control processes, requires auditors to understand the role of IT within their organizations and to develop adequate knowledge and skills to audit IT systems as the line separating "IT" and "non-IT" audits are beginning to disappear, except in the very technical IT domains.
Auditors examine the adequacy of controls in information systems and related operations to assure effectiveness and efficiency in business processes. Additionally, among other assurance services, auditors evaluate the reliability of computer-generated data supporting financial statements and analyze specific programs and their processing results.
However, individual audit objectives and practices vary considerably from organization to organization, and there are many kinds of practitioners in audit-related activities, such as external auditors, internal auditors, self-assessment evaluators, quality reviewers, and security assessors. For this reason, the audit process must be adaptive in use and high-level in structure.
Guidelines on IT auditing for the non-IT auditor must include the fundamental goals for assurance services: to study and evaluate the control system and to collect evidence to form the basis of an opinion. Whereby, to accomplish these goals, non-IT auditors may conditionally perform compliance testing and substantive testing. This webinar will present guidance following the general structure of planning, studying, testing, reporting, and follow-up.
This course outlines essentials of IT auditing for the non-IT auditor including an overview of the various considerations and aides in audit planning to gain a greater understanding of how to evaluate defined audit areas. Covered areas in the session encompass:
  • Information system (IS) audit concepts, risks, and concerns in the IT environment
  • IT audit methodology
  • Globally recognized control frameworks for the audit of IT
  • Basics of how to perform an IT audit
  • Auditing IT governance
  • Auditing Information Systems acquisition, developments, and implementations
  • Auditing business continuity and disaster recovery
  • Available IT/IS audit tools
LEARNING OBJECTIVES
  • An understanding of audit mandates, mission, objectives, and approaches to examining systems and IT infrastructure
  • An understanding of the risks and audit concerns in the IT environment
  • How to identify globally recognized control frameworks for an audit of IT
  • Baseline conceptual knowledge of general IT controls and application IT controls
  • The role of IT governance and the connection to IT auditing
  • How to describe risk through useful IT audit risk profiling and management
  • Basics of how to perform an IT audit
  • When to apply some essential IT audit tools and techniques
WHO WILL BENEFIT
  • Financial, Operational and Information Technology auditors
  • Audit management, Information Security and Risk Management professionals
  • Audit Managers
  • Financial Auditors
  • Operational Auditors
  • Business Process Auditors
  • IT Professionals
  • Risk Managers
  • System administrators
  • Directors of security
  • Safety and continuity planning professionals
  • Human Resource managers
  • Financial officers (CFO, CAO)
  • Senior management (CEO, CIO, COO, CSO)
  • Chief Audit Executives
  • IT/IS Directors and managers
  • Accountants
  • Procurement officers
SPEAKER
Dr. Robert E. Davis obtained a Bachelor of Business Administration in Accounting and Business Law, a Master of Business Administration in Management Information Systems, and a Doctor of Business Administration in Information Systems Management from Temple, West Chester, and Walden University; respectively. Moreover, during his twenty years of involvement in education, Dr. Davis acquired Postgraduate and Professional Technical licenses in Computer Science and Computer Systems Technology. Dr. Davis also obtained the Certified Information Systems Auditor (CISA) certificate — after passing the 1988 Information Systems Audit and Control Association’s rigorous three hundred and fifty multiple-choice questions examination; and was conferred the Certified Internal Controls Auditor (CICA) certificate by the Institute for Internal Controls.
Use Promo Code XMSNY19 and get flat 20% discount on all purchases.
To Register (or) for more details please click on this below link:
http://bit.ly/2Tsuw9j
Email: support@trainingdoyens.com
Toll Free: +1-888-300-8494
Tel: +1-720-996-1616
Fax: +1-888-909-1882

Comments

Post a Comment

Popular posts from this blog

BCBS 239 – Principles of Effective Risk Data Aggregation and Risk Reporting

Image
OVERVIEW Understanding the process required to ensure compliance withBCBS 239 as well as tips on ensuring that the right data is utilized. Finally, a detailed step by step analysis of COSO requirements and what a business can do to meet expectations. COSO continues to provide guidance and establish standards for performance in risk related processes.  BCBS 239 is the latest in a series of instructions which focuses on risk data aggregation. This webinar will include discussions on the risk data aggregation capabilities and internal risk-reporting practices (the Principles) that enhance risk management and decision making processes at financial institutions. BCBS 239 Compliance WHY SHOULD YOU ATTEND Early in 2015, the Basel Committee published the second progress report on bank’s adoption of BCBS 239. Several banks, at that time, stated that they would not be able to comply with the new standards by the 2016 deadline date.  However, regulators are now looking a...
Read more

Effectively Handle Toxic People for Better Productivity and Less Drama in 2020

Image
We all have people who push our buttons and if that relationship is with our boss, colleagues or clients, it can drain our energy, take us off track and infect the other areas of our life. Our upcoming webinar discusses successful strategies and tips for building a positive, productive relationship by knowing how to effectively respond to, cope, and manage the impact of their negative and toxic behavior in the workplace. The webinar covers the following key areas: ·          Identify and control the impact of difficult people so that you can keep the situation from escalating further ·          Differentiate the 4 types of attitudes and understand how they develop in order to keep your cool in a variety of situations ·          Utilize various verbal and non-verbal communication techniques and situational strategies that you can use to de-escalate and effe...
Read more

Handling a Chaotic Work Environment: How to Prioritize Work and Make Good Decisions Under Pressure

Image
OVERVIEW This highly interactive webinar offers you and your team an array of practical tools to help you get things done in today's chaotic and constantly changing work environment. You’ll learn practical tips on how to make good decisions under pressure to earn buy-in from bosses, coworkers and customers. In a workshop environment, you will participate in valuable exercises utilizing real-world case studies.  You'll emerge with an action plan you can use right away for managing through chaos and to master expanding workloads and complex decisions. WHY SHOULD YOU ATTEND • Are you feeling overtasked, over-worried and overdone? • Could you use a ‘managing multiple priorities effectively refresher”, to help you get a better handle on things? • Would you like to brush up on your management and delegation skills? If you answered  “yes”  to any of these questions, then come laugh, listen and learn as Chris DeVany leads us all through those important topics, ke...
Read more