Skip Ribbon Commands
Skip to main content
The Institute of Internal Auditors North AmericaBreadcrumb SeparatorLearning and EventsBreadcrumb SeparatorCoursesBreadcrumb SeparatorIntroduction to IT Auditing
Course Description Course Outline Bring Us On Site  

Introduction to IT Auditing

Course Description

Print-friendly Course Description and Outline

Understanding the ins and outs of constantly changing information technology environments is critical in understanding the roles, responsibilities, and overall success of audit as a function in every industry. A key driver in doing your job effectively today and achieving greater success tomorrow resides in having baseline knowledge of the IT function and its alignment to business strategy, and knowing how information systems impact the organization.

This seminar outlines the concepts of information technology you need to know in order to address the audit concerns in your IT environment. It is a refreshed seminar covering current IT trends, evolving business risks, and revised control frameworks and standards. You will leave this session with a solid foundation in the basics of information technology as they apply to audits and security concerns. The seminar will cover hot topics such as cyber security, cloud computing, and IT considerations for COSO 2013. In addition, we will introduce other frameworks that govern IT controls such as COBIT5 and ISO27001:2013. Taught by practitioners with real-world IT audit experience, this seminar incorporates facilitated discussions, group discussions, and practical exercises for a wide range of IT audit considerations. It is a joint effort between The IIA and Deloitte & Touche.

Course Duration: 3.5 day(s)
CPE Hours Available: 32
Knowledge Level: Intermediate
Field of Study: Auditing


Advance Preparation: 


Delivery Format: On-site Training (Group-Live); Seminar (Group-Live)

​IT Audit Overview

  • IT overview
  • IT risks
  • General computer controls overview

Control Frameworks

  • COSO
  • ISO27001

Conducting an IT Audit

  • IT audit planning
  • Develop the audit program
  • Conduct fieldwork
  • Reporting Findings

IT Audit Focus Areas

  • Objective
  • Focus Areas Covered
  • Sections Summary

Information Systems Strategy and Planning

  • Overview
  • IS Budgeting
  • IS Staffing
  • IS Training

IT Governances

  • Overview
  • Frameworks, Standards and Leading Practices
  • Key Components

Information Security

  • General Areas of risks
  • Security Policies and Standards
  • Security Administration

Information Systems Operations

  • Overview
  • Job Scheduling
  • Performance Monitoring
  • Environmental Controls

Relationships with Outsourced Service Providers

  • SAS70
  • Outsourced Service Provider Selection
  • Service Level Agreements

Business Continuity Planning

  • Overview
  • Business Continuity Planning
  • Disaster Recovery Planning
  • Data Backup and Recovery

Application Systems

  • Overview
  • Project Planning and Management
  • E-Commerce Overview

Business Process Controls Testing

  • Application security controls
  • Input controls
  • Processing controls
  • Output controls

Database Implementation and Support

  • Overview
  • Key risks
  • Main audit steps

Operating Systems

  • Overview
  • OS acquisition
  • OS configuration
  • OS administration

Network Support

  • Overview
  • Network design
  • Network configuration
  • Network administration
  • Network performance monitoring

Hardware Support

  • Overview
  • Hardware approval and acquisition
  • Hardware implementation and testing
  • Hardware support and maintenance
  • Hardware disposal

Emerging Technologies

  • Digital enterprise
  • Cloud technology
  • Cyber security
  • Mobile technology
  • Social media
  • Data Analytics
  • Virtualization


  • IT auditing tools

​Most courses can be delivered through on-site training. You might be surprised that the organization leading the profession is just as committed to the delivery of affordable training.

Contact us by calling +1-407-937-1388 or send an e-mail to