Global Leader in Information Security and Internal Audit Training
Link North America section Link Europe section Link Asia section
All Events Business Process Auditing Financial Institution Internal Audit Governance, Risk & Compliance Internal Audit - Tools & Techniques Managing and Leading the Internal Audit Department
All events
All events
All Events Audit & Security of Enterprise Applications Audit & Security of Networks and Operating Environments IT Auditing - Tools & Techniques
All events
All events
Upcoming conferences Previous conferences 10th CISO Summit & Roundtable 8th Audit, Risk & Governance Africa Summit 2nd Cloud Security Alliance EMEA Congress 2013 6th Fraud, Corruption and Investigations Summit CISO Latin America Summit 3rd Mobile & BYOD Security Summit 7th Chief Security Officer Summit (CSO) & Roundtable 2013
Internal Audit> Fraud>
IT Audit> Info Security> Corporate Security>
Africa Europe Middle East UK
More Information Past Sponsors
ABOUT MIS CONFERENCES COURSES LOCATIONS IN-HOUSE TRAINING  
Search MIS Training  
     Conferences      Sponsorship      Courses      Locations      In-House Training      Ways to Save      Request Info      Call for Instructors      Course Venues      Past Delegates      Contact MIS      Sitemap
Internal Audit> Fraud>
IT Audit> Info Security> Corporate Security>
Africa Europe Middle East UK
IT Audit School - IT Auditing for Non-IT Auditors - Dubai 
The Essential Skills You Need to Perform IT Audit and Become an Integrated Auditor
Learning Level: Basic
CPEs: 37 Fee: £2,895.00
Focus and Features Agenda Enquiry Register
In-house Who Should Attend Download Brochure FAQ
Agenda

Fundamentals of IT Auditing

  • Objectives of IT Audit
  • Business risks in an automated environment
  • Information systems security concerns
  • Role of IT auditors and business auditors

Auditing Standards

  • ISACA
  • The AICPA Guidance Statement on Auditing
  • SAS 55: consideration of the internal control structure in a financial statement audit
  • COBIT: control objectives for information and related technology
  • Sarbanes-Oxley Sections 302 and 404 compliance
  • PCAOB
  • GAO: government audit standards
  • IT standards

Infrastructure Essentials

  • Computer hardware and operating systems
  • How application systems software and systems programmes interact
  • Distributed systems hardware
  • The translation process from source to executable
  • Audit risk in programme management
  • Analysing infrastructure risk

 

Databases

  • Non-database and database management environments
  • Database risks on the applications, the data, and the operating environment
  • Network discovery
  • Address spoofing: IP and MAC addresses
  • Malicious software
  • Unauthorised entry
  • Denial-of-service

Distributed Systems

  • Comparing distributed systems to centralised systems
  • Fundamentals of client/server and its model
  • Server functions
  • Evaluating risk of distributed systems

Networks

  • Host-based environments
  • LANs and WANs
  • Data communication basics and risks
  • Bridges, switches, routers, and gateways

Internet and E-Commerce

  • Understanding Internet terms and concepts
  • Perimeter controls (firewalls) and security vulnerabilities
  • Assessing Internet-related risk
  • Confidentiality and authentication in e-commerce

General Controls

  • Information technology infrastructure
  • Security, operational, management and system software controls
  • Identifying and assessing risk
  • Placing reliance on general controls

Business Systems Applications

  • Types of business applications
  • How business applications affect the audit environment

Defining a Transaction

  • Transaction-based application auditing
  • Life cycle of a transaction
  • Transaction origination and authorisation
  • Processing, output, and input
  • Report distribution
  • Reconciliation
  • Error identification

General Flow of an Audit Application

  • The business environment
  • The technical environment
  • Data risk assessment
  • Transactional flow
  • Test process

Components of a Business Application

  • Transaction origination
  • Input
  • Processing
  • Output
  • Audit impact

Data Input and Processing Models

  • Characteristics and controls
  • Batch input: batch processing
  • Online input: batch processing
  • Online input: online processing
  • Real-time entry: real-time processing
  • Internet entry

Application Controls

  • Categories
  • Differentiating controls from procedures
  • Completeness and accuracy of input and processing
  • Output controls and authorisation
  • Inter-relationship between application controls and general controls

Beginning the Audit

  • Risk assessment factors
  • Quantifiable and lifiable factors
  • The opening meeting
  • Understanding the application

Training type: Group-live
Advance preparation required: none



For questions about your registration, course venues and group discounts, please e-mail mis@mistieurope.com  Alternatively please visit FAQ page. This course is also available In-house. For more information about bringing this or other MIS seminars to your organisation, please e-mail mis@mistieurope.com.

 

 


Dates/Locations
6 - 10 October 2013
Dubai
Related Events
IT Audit School - IT Auditing for Non-IT Auditors - Paris
10th CISO Summit & Roundtable