Skip Ribbon Commands
Skip to main content
Sign In
The Institute of Internal Auditors North AmericaBreadcrumb SeparatorTraining and EventsBreadcrumb SeparatorCoursesBreadcrumb SeparatorIT Auditing Principles for Internal Audit Managers
Course Description Course Outline Bring Us On Site  

NEW! IT Auditing Principles for Internal Audit Managers

Course Description

Print-friendly Course Description and Outline​​

Information technology is an integral part of all financial and business processes. The internal audit manager requires a fundamental understanding of IT’s impact on the audit processes and associated risk to drive the audit process effectively.​

This course is aligned with our staff-level courses and utilizes the same basic outline, but has been designed for the internal audit manager. As each topic is introduced and discussed, we will keep the level of detail appropriate to the internal manager and focus on the execution of the audit.​

In this course, we will discuss:


  • ​IT concepts focusing on audit risk of IT controls on the audit process.
  • Integrating IT risks into the overall risk assessment. 
  • Reliance on IT control activities. 
  • Scoping and managing the application audit. 
  • Staffing and skill-set integration.​​​


Course Duration: 2 day(s)
CPE Hours Available: 14
Knowledge Level: Intermediate
Field of Study: Auditing
Advance Preparation: 
Delivery Format: On-site Training (Group-Live)

​Enterprise Scope of GRC​​

  • Compliance requirements
  • Organizational views of risk and compliance
  • Existing trends and approaches
  • Key roles and responsibilities (enablers, stakeholders, administrators)

Defining IT Risk

  • Audit risk
  • Financial risk
  • Operational risk
  • Reputational risk

Entity-level Controls

  • IT management
  • IT governance

Control Environment

  • Financial statements
  • Applications
  • IT infrastructure controls
  • IT development controls
  • IT operations controls

General Controls

  • Physical security
  • Hardware configuration management
  • Software change management
  • Network perimeter
  • Identity and access management
  • Data management
  • IT contingency management
  • IT operations
  • Information security management
  • Utilizing third-party reviews

Application Controls

  • Understanding the risks in IT process models
  • The key application processes

Performing the Risk Assessment

  • IT risk in relation to audit subject
  • Materiality
  • Control environment

Performing the Audit

  • Scope
  • Planning

Audit Resources

  • Skill set
  • Integration of teams
  • Staffing

Integrating Fieldwork

Documenting the Audit Processes

Writing High-impact Audit Reports That Minimize Jargon


​​Most courses can be delivered through on-site training. You might be surprised that the organization leading the profession is just as committed to the delivery of affordable training.​​

Contact us by calling +1-407-937-1388 or send an e-mail to​