Course description
Fundamentals of IT Auditing- Develop Knowledge to Streamline Internal Audits
This Fundamentals of IT Auditing course from The Institute of Internal Auditors (IIA), the leader and recognized authority of the internal auditing profession, emphasizes practical application of concepts through exercises and case studies to develop knowledge of basic IT audit concepts.
This course is ideal for those looking to facilitate integrated audit efforts within their organization and provide attendees the opportunity to perform an audit of IT applications as well as assess IT risk with the evaluation of IT general controls, and perform a risk assessment and evaluation of controls over end user computer applications.
Do you work at this company and want to update this page?
Is there out-of-date information about your company or courses published here? Fill out this form to get in touch with us.
Upcoming start dates
Who should attend?
This IIA Fundamentals of IT Auditing course has no prerequisites and requires no advance preparation.
Training content
The outline for this course includes:
Overview of IT Auditing, Concepts and Controls: Why IT Auditing and What Is It?
- Why IT auditing?
- What is IT auditing?
- What are the benefits of an IT audit?
- What is the role of an IT auditor?
- Growth of the IT auditor, including background
- Common IT audit certifications
- IIA standards related to an IT audit
- Key components of IT
- How COSO and GAIT relate to IT audit
- Guide to the Assessment of IT Risk (GAIT)
- Major U.S. laws that impact IT audit
- IT general and application controls
- End-user computing
- IT governance
Case Study
General Control: Logical Security
- General security concepts
- Access management concepts
- Access management principles
- Common access management controls
- Password configuration and authentication
General Control: Business Continuity Planning (BCP), Disaster Recovery (DR), and Backup Processing
- Business Continuity Management (BCM)
- Disaster Recovery (DR)
- Backup processing
- BCM Implementation Requirements
- Recovery solutions
Application Controls
- Application control concepts
- Input controls
- Processing controls
- Output controls
- Interface controls
- Audit trails
- Application security
General Control: Change and Patch Management
- What is change and patch management?
- Why do change and patch management?
- What are the types of changes?
- Elements of a typical change process
- Types of risks and controls
- Indicators and recognizable symptoms of poor change management practices
- Change management success measures
- Variations in change management processes
Cloud Computing and Service Organization Control (SOC) Reports
- Cloud computing
- SOC reports
General Control: System Development Lifecycle (SDLC)
- Aspects of the SDLC
- SDLC phases
- Impacts of project failures
- Pre and post implementation reviews
End User Computing
- User Developed Applications (UDAs)
- Benefits, risks, and controls of UDAs
- Auditor’s approach to UDAs
Costs
In order to ensure that you receive pricing best suited to your situation, please refer to IIA's website as well as to find out more about IIA's on-site training opportunities.
Certification / Credits
Certified Internal Auditors (CIAs) completing this course are eligible to receive 16 Continuing Professional Education (CPE) hours.
The Institute of Internal Auditors- Training from the Auditing Industry's Leading Authority
The Institute of Internal Auditors (IIA) is the global voice and leading educator for the internal auditing profession, providing innovative internal audit training as well as engaging, facilitated learning opportunities for its members and customers. IIA auditing courses help you add value...