Video Game

Information Technology General Controls

Offered four times a quarter on Tuesday-Wednesdays at 10:00 a.m. to 2:30 p.m. Central Time in two four hour sessions.

Learn the best practices for Information Technology governance, management, security, control and auditing under COBIT and COSO 2013.

This is a 8 CPE event is designed to provide an understanding of an effective program for the creation of a system of internal control within Information Technology (IT).


We use the COBIT framework as our basis for the control groups and assessment is under COSO 2013. It was created to allow organizations to create effective Section 404 documentation.


Be trained on how your organization can develop and maintain an effective IT internal control framework to comply with the Sarbanes-Oxley Act (SOX) Section 404 or other similar regulations.

Our attendees learn that a top-down, risk-based approach to COBIT compliance can produce better results for their companies by streamlining their operations, providing more accurate, timely and reliable information, avoiding litigation and reducing their IT costs.


Learn the "Best Practices" for COBIT, COSO 2013 and Section 404 from the methodology viewpoints provided by Control Objectives for Information and Related Technology (COBIT), IT Infrastructure Library (ITIL) and IT departments around the globe. Implement and update your IT SOX compliance and IT auditing programs.

This timely, in-person CPE training seminar is designed for the internal auditor who needs to lead or perform ITGC audit projects.

Each attendee will receive 8 Auditing CPE Hours (YB). A certificate of completion will be provided.

The retail cost of this CPE event is $495.00 per attendee.

Program Level of Understanding: Basic
Prerequisites: None
Advance Preparation: None
Delivery Format: Group Internet Based
NASBA Field(s) of Study: Auditing, Information Technology
CPE Credits: 8, based on 50 minutes of instruction per hour

CPE Event Highlights

Information Technology controls are described in two categories: General Controls and Application Controls.


The seminar will cover IT General Controls over the information technology (IT) environment, computer operations, access to programs and data, program development and program changes. IT application controls will be discussed concerning transaction processing controls.


The COBIT Framework (Control Objectives for Information Technology) is the most widely-used framework being used in SOX compliance efforts. This framework will be covered in detail.

Learning Objectives

Attendees will:

  • Understand the similarities and differences between the ITIL and COBIT standards.

  • Learn the compliance requirements of the Sarbanes-Oxley Act.

  • Discuss how internal controls can manage risk and reduce fraud.

  • Identify methods for improving the effectiveness of information process to effect the profitability of businesses


Key Issues on the Agenda

Section 1 - Introduction and Background

  • Instructor's Perspective on IT Myths

  • What is IT Governance?

Section 2 - Internal Control Frameworks

  • What are "Internal Controls"?

  • IT Risks

  • Balancing Risks and Controls

  • Internal Control Terminology

  • IT Control "Frameworks"

Section 3 - Managing & Governing the IT Organization

  • IT Organization Risk and Control

  • IT Organization Relationships

  • CoBIT Domain: Plan & Organize

Section 4 - Managing the System Life Cycle

  • CobiT Domain: Acquire & Implement

  • Managing the Systems Life Cycle

  • System Development and Change Controls

  • Change Control Board

  • System Change and Development Controls - Risk & Control Objectives

  • System Change and Development Controls - Internal Controls

Section 5 - Securing the Physical and Logical IT Environment

  • CoBIT Domain: Deliver & Support

  • Physical Security

  • Logical Security

  • Password Security

  • Anti-Virus Configuration

  • Security - Risk & Control Objectives

  • Security - Internal Controls

Section 6 - - Managing Computer Operations

  • CoBIT Domain: Deliver & Support

  • Managing Computer Operations

  • Computer Operations - Risk & Control Objectives

  • Computer Operations - Internal Controls

Section 7 - Managing the Continuity of IT Services

  • CoBIT Domain: Deliver & Support

  • Managing the Continuity of IT Services

  • IT Disaster Recovery Plan

Section 8 - Monitoring the Effectiveness of IT

  • CoBIT Domain: Monitor and Evaluate

  • Monitoring the Effectiveness of IT

Section 9 - IT Compliance with the Sarbanes-Oxley Act

  • SOX Titles

  • Mapping to PCAOB and CoBIT

  • Systems for SOX Compliance

  • Procedures for IT SOX Compliance

  • Tests for IT SOX Compliance

Section 10 - Going Forward

  • Regulatory Environment

  • Long-Term Effects of SOX

  • Roadmap to IT Compliance

  • Dave's Lessons Learned