From the European Union Data Protection Directive to Basel II and Sarbanes-Oxley, recent regulations require organisations to ensure appropriate levels of protection for their critical information assets. To be sure, the common thread through these mandates is the requirement for security and effective controls at all levels of the enterprise.
In this practical, three-day seminar you will immerse yourself in a risk-based approach to IT auditing that will ensure the confidentiality, integrity, and availability of your information assets throughout the enterprise. You will review COBIT, ISO-27002 and a number of other standards / frameworks and learn how they can be applied to your IT audits to provide an appropriate risk focus. You will concentrate on determining risk in critical areas of the IT environment, including operating systems, database management systems, networks, logical security, change management, business continuity planning and application controls. You will learn a pro-active audit approach that will provide a value-added service to your organisation. You will leave this intensive seminar with a thorough understanding of risk-based IT audit and control best practices that you can apply immediately to your next IT audit.
Why attend this course?
- Plan your IT Audit using risk-based approach, COBIT and COSO control framework
- Determine risk in critical areas of your IT environment, including operating systems, database management systems, business continuity and application controls
- Learn a pro-active audit approach to provide a value-added service to your organisation
- Auditing outsourced IT operations
- Learn why IT governance is critical
- Auditing system development projects