Skip Ribbon Commands
Skip to main content
The Institute of Internal Auditors North AmericaBreadcrumb SeparatorLearning and EventsBreadcrumb SeparatorCoursesBreadcrumb SeparatorFundamentals of IT Auditing
Course Description Course Outline Bring Us On Site  

Fundamentals of IT Auditing

Course Description

Print-friendly Course Description and Outline

This course will provide attendees with an introduction to IT auditing, emphasizing the concepts through exercises and case studies. Internal audit professionals will develop knowledge of basic IT audit concepts that can be used to facilitate integrated audit efforts within their organization.

The course will also provide attendees the opportunity to perform an audit of IT applications supporting key business processes, coordinate the assessment of IT risk with the evaluation of IT general controls, and perform a risk assessment and evaluation of controls over end user computer applications.

Course Duration: 2 day(s)
CPEs Available: 16
Knowledge Level: Basic
Field of Study: Auditing
Prerequisites: 
​None
Advance Preparation: 
​None
Delivery Method: eLearning (Group-Internet-Based); On-site Training (Group-Live); Seminar (Group-Live)

Overview of IT Auditing, Concepts and Controls: Why IT Auditing and What Is It?

  • Why IT auditing?
  • What is IT auditing?
  • What are the benefits of an IT audit?
  • What is the role of an IT auditor?
  • Growth of the IT auditor, including background
  • Common IT audit certifications
  • IIA standards related to an IT audit
  • Key components of IT
  • How COSO and GAIT relate to IT audit
  • Guide to the Assessment of IT Risk (GAIT)
  • Major U.S. laws that impact IT audit
  • IT general and application controls
  • End-user computing
  • IT governance

Case Study

General Control: Logical Security

  • General security concepts
  • Access management concepts
  • Access management principles
  • Common access management controls
  • Password configuration and authentication

General Control: Business Continuity Planning (BCP), Disaster Recovery (DR), and Backup Processing

  • Business Continuity Management (BCM)
  • Disaster Recovery (DR)
  • Backup processing
  • BCM Implementation Requirements
  • Recovery solutions

Application Controls

  • Application control concepts
  • Input controls
  • Processing controls
  • Output controls
  • Interface controls
  • Audit trails
  • Application security

General Control: Change and Patch Management

  • What is change and patch management?
  • Why do change and patch management?
  • What are the types of changes?
  • Elements of a typical change process
  • Types of risks and controls
  • Indicators and recognizable symptoms of poor change management practices
  • Change management success measures
  • Variations in change management processes

Cloud Computing and Service Organization Control (SOC) Reports

  • Cloud computing
  • SOC reports

General Control: System Development Lifecycle (SDLC)

  • Aspects of the SDLC
  • SDLC phases
  • Impacts of project failures
  • Pre and post implementation reviews

End User Computing

  • User Developed Applications (UDAs)
  • Benefits, risks, and controls of UDAs
  • Auditor’s approach to UDAs

​Most courses can be delivered through on-site training. You might be surprised that the organization leading the profession is just as committed to the delivery of affordable training.

Contact us by calling +1-407-937-1388 or send an e-mail to GetTraining@theiia.org.

LocationsDates
eLearning
eSeminar
Details and pricing
December 4-13,
2017
Disney's Contemporary Resort
Orlando, FL
Details and pricing
December 11-12,
2017
Embassy Suites Hotel - Phoenix Biltmore
Phoenix, AZ
Details and pricing
February 13-14,
2018
eLearning
eSeminar
Details and pricing
February 19-28,
2018
Micro Tek Training Facility - New York
New York, NY
Details and pricing
April 10-11,
2018
eLearning
eSeminar
Details and pricing
May 1-10,
2018
Micro Tek Training Facility- San Francisco, CA (New location)
San Francisco, CA
Details and pricing
May 15-16,
2018
Hilton Garden Inn - Dallas Downtown
Dallas, TX
Details and pricing
June 5-6,
2018
Planet Hollywood Resort & Casino Las Vegas
Las Vegas, NV
Details and pricing
June 12-13,
2018
eLearning
eSeminar
Details and pricing
July 9-18,
2018
Micro Tek Training Facility - Chicago
Chicago, IL
Details and pricing
August 7-8,
2018
eLearning
eSeminar
Details and pricing
October 9-18,
2018
Micro Tek Training Facility - Washington, DC
Washington, DC
Details and pricing
October 16-17,
2018
Embassy Suites - Lake Buena Vista
Orlando, FL
Details and pricing
December 4-5,
2018
eLearning
eSeminar
Details and pricing
December 4-13,
2018