Video Game

ITGC's Audit Planning Thru Reporting

Offered in-person in various cites each month on Thursday-Fridays in two eight hour CPE events

Are your ITGC audits really helping to reduce your cybersecurity risks?

This CPE internal auditor training event is designed for the financial auditor and IT auditor who need to improve their practical knowledge covering information technology general controls (ITGC). The attendees are walked through the concepts and frameworks that are important to the ITGC internal audit activities in order to create an added value for their organizations.

Are you ready to plan and execute audits concerning ITGCs? ITGCs are one of the weak links in most organizations internal control framework. They apply to all systems environments, components, processes, and data, and can be relevant to practically any internal audit project.

This timely, two day CPE internal auditor training event is designed for internal auditors with 2-10 years' experience who want to learn the concepts, tools, and techniques to enhance their effectiveness concerning information technology audits.

We use this delivery approach to allow for a focus on individual development and learning from our very experienced auditor educators.

This timely, in-person CPE training seminar is designed for the internal auditor who needs to lead ITGC audit projects.

Each attendee will receive 16 Auditing CPE Hours (YB). A certificate of completion will be provided.

The retail cost of this CPE event is $1,385.00 per attendee.

Program Level of Understanding: Intermediate
Prerequisites: Participants should come with a knowledge of the auditing process.
Advance Preparation: A number of documents will be provided in advance.
Delivery Format: On-site Training (Group-Live); Seminar (Group-Live)
NASBA Field(s) of Study: Auditing
CPE Credits: 16, based on 50 minutes of instruction per hour

CPE Event Highlights

We will cover in this program:

  • Review of the COBIT and NIST

  • Assess entity level ITGC using a comprehensive questionnaire

  • Creating an comprehensive information technology risk assessment

  • Testing ITGC activity level controls

  • Effective report preparation to create change

Learning Objectives

By the end of the course, participants will be able to:

  • Understand the relationship between ITGCs and SOX controls

  • Understand IT General Controls as defined by COBIT

  • Understand the cybersecurity principles presented by NIST

  • Learn to plan an audit of IT Security Policy

  • Learn to plan an audit of IT Change Management

  • Learn to plan an audit of Physical Access and Environmental Controls

  • Learn to plan an audit of Logical Access

  • Learn to plan an audit of IT Operations

  • Learn to plan an audit of Business Continuity Plan and Disaster Recovery Plan


Key Issues on the Agenda

Introduction Section 1 Defining IT audit universe
Section 2 Understanding the contents of COBIT
Section 3 Understanding NIST Cybersecurity Guidance
Section 4 Risk Assessment for the information technology landscape
Section 5 Assessment of Entity Level Controls
Section 6 IT Security Policy
Section 7 IT Change Management
Section 8 Physical Access and Environmental Controls
Section 9 Logical Access
Section 10 IT Operations
Section 11 Business Continuity Plan
Section 11 Disaster Recovery Plan
Section 12 Effective Report Creation
Section 13 Summary and Wrap-Up