Skip Ribbon Commands
Skip to main content
Sign In
The Institute of Internal Auditors North AmericaBreadcrumb SeparatorTraining and EventsBreadcrumb SeparatorCoursesBreadcrumb SeparatorIT Auditing: Beyond the Basics
Course Description Course Outline Bring Us On Site  

IT Auditing: Beyond the Basics

Course Description

Print-friendly Course Description and Outline

​IT auditors must have the ability to adapt to a wide variety of situations and platforms. This course, a joint effort between The IIA and Deloitte & Touche, presents various technologies in a lab setting and aims to educate IT-related auditors and professionals about risks associated with specific infrastructure platforms.

Information technology auditors, IT security professionals, systems administrators, and integrated auditors will learn to manage their resources and use advanced techniques when structuring IT audits on different platforms. A CD containing course materials will be provided to all participants.

Course Duration: 4 day(s)
CPE Hours Available: 36
Knowledge Level: Intermediate
Field of Study: Computer Science


Advance Preparation: 


Delivery Format: On-site Training (Group-Live)


  • ISO17799
  • NIST
  • SANS
  • NSA
  • CIS


  • Sarbanes-Oxley
  • Gramm-Leach-Bliley
  • FCRA
  • EU Directive
  • SB1386

Network Infrastructure and Design

  • Defining different levels of a network
  • Defining types of networks: LAN, WAN, VPN
  • Common network devices: switches, routers, and bridges
  • Wireless networks
  • Roles within a distributed processing environment (workstations and servers)
  • Network protocols: OSI and TCP/IP
  • Network connections: internal and external
  • Remote access and authentication
  • Common vulnerabilities
  • Auditing networks: general control audits and beyond
  • Tools and resources

Operating Systems

  • Operating system overview
  • Windows (98, NT/2000, Server 2003)
  • Unix (HP, Solaris, AIX)
  • Novell (5,6)
  • Linux
  • Mainframe (RACF, ACF2)
  • AS/400
  • Common vulnerabilities
  • Auditing operating systems: general control audits and beyond
  • Tools and resources


  • Database overview
  • SQL
  • Oracle
  • Data quality and integrity
  • Common vulnerabilities
  • Auditing databases: general control audits and beyond
  • Tools and resources

Putting It All Together

  • Risk assessments
  • Audit planning and scoping
  • Reporting 
  • Ongoing monitoring

​Most courses can be delivered through on-site training. You might be surprised that the organization leading the profession is just as committed to the delivery of affordable training.

Contact us by calling +1-407-937-1388 or send an e-mail to