top of page

Date:- 23 to 24 March 2016   

Where:- Johannesburg

ABSA In-house training

 

Date:

Where:- Cape Town

 

Date:- 

Where:- Durban

 

Date:-

East London

 

 

 

 

Price: R2000 pp ex VAT

IT Auditing for Non-IT Auditors

 

Course Objectives

To provide a basic understanding of IT auditing to persons who need to understand rather than practise IT auditing. Specific outcomes include a basic understanding of:

  • Information systems risk

  • Application controls

  • The systems development lifecycle

  • Logical security at the application, database, network and operating systems levels

  • Other IT general controls (non security)

  • Using CAATs

 

Course Content

Understanding the information systems environment

  • Centralised vs distributed systems

  • On-line vs batch systems

  • Network concepts

  • Databases

  • Operating systems

  • The systems development lifecycle

  • Risk in an outsourced environment

  • Key IT service management processes (ITIL):

  • Incident Management and the Service Desk

  • Change and Release Management

  • IT Service Continuity Management

  • Service Level Management

  • Understanding common risks related to the information systems environment

  • Understanding risk related to data

  • Performing an IT risk assessment

Understanding key information systems control

  • Key automated controls in the

  • Human resources and payroll processes

  • Procure to pay processes

  • Order to cash processes

  • Financial statement close process

  • Logical information security

  • Segregation of duties

  • User account management

  • Application layer security

  • Physical and environmental controls

  • Controls over IT service management processes (ITIL-based)

  • Systems development lifecycle controls

Auditing key information systems controls

  • Procedures to audit the adequacy and effectiveness of each of the key information controls identified:

  • Perform a walkthrough

  • Defining the population to be tested for control effectiveness

  • Test procedures

Audit of data files - use of CAAT s

  • Purpose of CAATs

  • Understanding data and meta data

  • Formulating the CAAT specification

  • Development, testing and implementation of CAATs

 

Auditing key information systems controls

  • Procedures to audit the adequacy and effectiveness of each of the key information controls identified:

  • Perform a walkthrough

  • Defining the population to be tested for control effectiveness

  • Test procedures

Audit of data files - use of CAAT s

  • Purpose of CAATs

  • Understanding data and meta data

  • Formulating the CAAT specification

  • Development, testing and implementation of CAATs

bottom of page