provides CE (continuing education), professional development, and designation study courses for IT professionals

Format: Seminar

The following provides course information and pricing information for the course you selected.

Course/Product Description

IT Audit School

Duration: 4 days
Find A Class Near You: View Dates And Locations For This Seminar

IT Audit School
This four-day course is designed for financial, operational, business, and IT auditors who need to update their technical and operational knowledge to audit information technologies and business application systems.

What Is IT Auditing?

IT auditing is distinguished from traditional auditing in that it specifically involves the auditing of automated information processing systems, as well as any related non-automated processes and any processes that connect the two. The typical goal of an IT audit is to make sure controls exist within the IT environment that work to ensure the company is in legal and regulatory compliance. Areas with IT controls that need to be evaluated include data integrity, security and control of corporate assets.

IT auditors also need to have an understanding of how to effectively report their findings to management and make recommendations based on their compliance and substantive testing.

How Do I Become An IT Auditor?

If you are seeking a position as an IT Auditor, you should obtain your bachelor’s degree first. Unlike many types of auditors who tend to seek degrees in areas like finance or accounting, your pursuit of an IT auditor position may be best suited with a degree like Computer Information Systems or Information Technology.

Regardless of the major, students interested in IT auditing should take courses like business database design, business information systems development and enterprise process analysis and design. Adding business-related courses outside the major such as accounting, finance or general business principles can also be very useful.

Following your degree, you may wish to obtain work experience in the field by pursuing an internship with a company that has an IT auditing team. Most companies looking to hire an IT auditor will be looking for experience, so this can be an important aid to your position search.

Finally, although it is not required, you will probably want to eventually seek IT auditor certification. IT auditor certification options include Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM) and Certified Internal Auditor (CIA).

Why Do I Need An IT Auditor Training Course?

There is a great deal to know when it comes to the world of IT auditing, and the knowledge required is evolving constantly. The right IT Audit Training courses can keep you on top of your game and make you a greater asset to the company that employs you. It can also make you more appealing if you are seeking out a promotion or new employment.

Our IT Audit Training Seminar is a four-day intensive course, meaning you can take it while interning or working at your current position. The IT Audit Seminar covers a wide range of information that will be valuable to you as an auditor in the modern IT environment and can be an extremely useful resource.

About Our "IT Audit School Seminar"

Focusing on a top-down, risk-based approach to auditing application system transactions, you will master techniques you can apply to all types of applications from batch, to on-line, to real-time systems.

You will learn:

  • The concepts of information technology as they relate to key risks in the IT environment
  • Explore such IT areas as operating systems, database management systems, and networks
  • The IT audit concepts you need to know to effectively audit existing application systems
  • New systems under development
  • Mainframes
  • Distributed systems

You will leave this intensive seminar with a solid foundation in the basics of information technology as they apply to IT risks, audit, information security, and business application systems.

Bonus: You will receive a copy of MIS' Information Technology &Audit Acronym Dictionary, defining hundreds of IT terms and acronyms. and the MIS Applications Control Handbook.


1. Introduction To IT Audit

  • Audit Objectives And Requirements
  • Role Of IT Within The Organization
  • Management And Security Risks In An Automated Environment
  • What Is A Control?
  • Internal Control Defined
  • Processes And Control Points
  • Physical Space Vs. Logical Space
  • Identifying Control Points

2. Planning The IT Audit

  • Definition Of Internal Audit
  • Objectives Of An IT Audit
  • IT Audit Strategies
  • What Is An Application
  • Application Vs. General Controls
  • IT Audit Control Reviews
  • IT Control Categories
  • The Audit Deliverable
  • Building The Audit Team

3. Auditing Organizations And Standards

  • Maintaining Audit Objectivity
  • What Is A Standard?
  • GAO And Other Certification Organizations
  • The Institute Of Internal Auditors (IIA)
  • The Treadway Commission
  • COSO Integrated Framework
  • ISACA And The IT Governance Institute
  • COBIT®: Control Objectives For Information And Related Technology
  • ISO 27002 Security Standard

4. Information Technology Basics

  • Computer Hardware And CPU Operation
  • Two Different Classes Of Computers
  • Software, Programs, And Processing
  • Distributed Systems And Client/Server Technology
  • The Open Systems Interconnection (OSI) Model
  • Maintenance And Security

5. Network Technology And Controls

  • Networking Risks
  • Auditing Networks
  • What Is A Network?
  • Lans, Wans, And Mans
  • Physical Network Media (Cables)
  • Cabling Audit Objectives
  • LAN Protocols
  • WAN Connectivity And Protocols
  • MAN Protocols
  • LAN/WAN/MAN Audit Objectives
  • Network Devices
  • Network Device Audit Objectives
  • Complete Networks
  • The Internet
  • Intranets And Extranets
  • Risks Of Internet Use For Business
  • Using Firewalls
  • Internet Communications
  • Internet Protocol (IP) Addressing
  • Service (Process) Addressing
  • Internet Applications
  • The World Wide Web (Www)
  • Web Page Technologies
  • Internet Audit Objectives

6 Shared General And Application Controls

  • Logical Security
  • Data Classification
  • Logical Access Controls: System Access
  • Encryption: Information Access
  • Remote Access, Pcs, And Mobile Devices
  • Information Security Management
  • Change Management
  • Change Management Objectives
  • Program Change Control
  • Patch Management
  • Software Licensing
  • Business Continuity/Disaster Recovery
  • BCP/DRP Defined
  • Business Impact Analysis (BIA)
  • Disaster Recovery Strategy
  • Maintaining The Plan
  • System Development Technologies
  • SDLC, RAD, ERP Purchases
  • Internal Audit Involvement
  • Audit Strategy

7. Database Technology And Controls

  • Managing Information
  • The Program
  • Centric Model
  • Program
  • Centric Audit Concerns
  • The Data
  • Centric Model
  • What Is A Database?
  • Database Terminology
  • Database Management Systems (DBMS)
  • Types Of Databases
  • Database Audit Concerns

8. Infrastructure General Controls

  • Operations Controls
  • IT Operations
  • Operating System Controls
  • System Utilities
  • System Software Controls: A Review
  • Physical Security
  • Environmental Controls

9. Business Application Transactions

  • Objectives Of An Application Audit
  • What Is A Transaction?
  • Transaction
  • Based Application Auditing
  • Transaction Life Cycle
  • Application Risk Assessment Factors
  • Establishing Audit Priorities

10. Top-Down Risk-Based Planning

  • Planning The Application Audit
  • Top
  • Down, Risk
  • Based Planning
  • Defining The Business Environment
  • Determining The Application’s Technical Environment
  • Performing A Business Information Risk Assessment
  • Identifying Key Transactions
  • Developing A Key Transaction Process Flow
  • Evaluating And Testing Application Controls

11. Data Input And Processing Models

  • Comparing Pros/Cons Of Input And Processing Models
  • Batch Input/Batch Processing
  • On
  • Line Input/Batch Processing
  • On
  • Line Input/On
  • Line Processing
  • Real
  • Time Input/Real
  • Time Processing

12. Application Controls

  • Business Applications
  • Information Objectives
  • COSO: Application Controls
  • Business Application Auditing
  • Application Transaction Life Cycle
  • Transaction Origination
  • Logical Security
  • Completeness And Accuracy Of Input
  • Completeness And Accuracy Of Processing
  • Completeness And Accuracy Of Output
  • Output Retention And Disposal
  • Data File Controls
  • User Review, Balancing, Reconciliation
  • End
  • User Documentation
  • Training
  • Segregation Of Duties
  • Business Continuity Planning
  • Sarbanes
  • Oxley Application Control Requirements

13. Testing Application Controls

  • Testing Automated And Manual Controls
  • Testing Alternatives
  • Testing Sample Size
  • Sampling Terminology
  • Negative Assurance Testing
  • Types Of Audit Evidence
  • Functional/Substantive Testing
  • Computer Assisted Audit Techniques (Caats)
  • Data Analysis: Planning And Data Verification
  • Sarbanes
  • Oxley: Testing Requirements And Examples

14. Documenting Application Controls

  • Evaluating And Documenting Internal Controls
  • Internal Control Questionnaires
  • Narratives
  • Flowcharts / Process Flows
  • Control Matrix

15. End-User Computing

  • Growth Of End User Computing
  • End User Computing Risks
  • General IT Control Risks
  • Change Control Risks
  • Purchased Applications Risks
  • Spreadsheets: Typical Errors
  • Spreadsheet Risk Factors
  • Practical Steps For Evaluating Spreadsheet Controls

Prerequisites: None
Learning Level: Basic
Field: Auditing

Dates &Times

Classes start on the date(s) posted herein, and run from 8:30am to 5pm daily, except for the last day of class, which ends at 3pm.

More Details: Agenda/Table Of Contents/Course Outline
Licenses / Designations / Educational Credits: CPE
All US States: 32
About The Provider: Founded in 1978, MIS Training Institute is the international leader in audit and information security training, with offices in the USA, UK, and Asia. MIS' expertise draws on experience gained in training more than 200,000 delegates across five continents.

Helping audit and infosecurity professionals stay at the top of their game has always been at the core of MIS' mission. To that end, MIS has developed and focused its seminars, conferences, and symposia on the wide-ranging needs of internal and IT auditors and information security practitioners who are charged with controlling complex systems and business environments.

MIS' unparalleled course curriculum covers the most up-to-the-minute topics, provides proven audit and security practices, and delivers the information needed to be successful in today's organizations.

All MIS programs are led by industry experts…hands-on pros who have been in the field and who practice what they teach. Attendees of MIS Training Institute events benefit from unbiased practices, proven strategies, and lessons learned in the real-world.

MIS Training Institute is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing education on the National Registry of CPE Sponsors. NASBA Sponsor Number: 103321

Cancellation/Refund Policy

A full refund less a $100 administrative fee will be given for cancellations received 15 days or more before the event. Tuition is non-refundable for cancellations made 14 days or less before the event. You may, however, transfer your tuition to another MIS Training Institute event, less a $195 administrative fee. Transfers are valid for 12 months from the time of initial cancellation. Substitutions are welcome at any time.

Those who do not cancel before the event date and who do not attend are responsible for the full non-refundable, non-transferable tuition.
Price: $2,695.00
More Info: Contact Us For More Information

Currently Scheduled Locations & Dates For This Seminar

Course Title Date City/State Price
IT Audit School 1/27/2020 Las Begas, NV $2,695.00
IT Audit School 2/10/2020 New York, NY $2,695.00
IT Audit School 3/9/2020 San Francisco, CA $2,695.00
IT Audit School 4/6/2020 Chicago, IL $2,695.00
IT Audit School 5/18/2020 Washington DC, DC $2,695.00
IT Audit School 6/15/2020 New York, NY $2,695.00
IT Audit School 8/17/2020 Boston, MA $2,695.00
IT Audit School 9/14/2020 Dallas, TX $2,695.00
IT Audit School 10/26/2020 Atlanta, GA $2,695.00
IT Audit School 12/7/2020 Orlando, FL $2,695.00

Keywords For This Course:
IT Auditing

Feature Items
Cisco Certifications
Cisco Certifications
Project Management
Project Management
Microsoft Certification Paths
Microsoft Certification Paths
Cisco Certified Network Professional (CCNP) Certificate Program
Cisco Certified Network Professional (CCNP) Certificate Program
Cisco Certified Network Associate (CCNA) Certificate Program
Cisco Certified Network Associate (CCNA) Certificate Program
Cisco Certified Entry Networking Technician (CCENT) Certificate Program
Cisco Certified Entry Networking Technician (CCENT) Certificate Program
Certified Information Systems Security Professional (CISSP) Certificate Program
Certified Information Systems Security Professional (CISSP) Certificate Program
Oracle Certifications
Oracle Certifications
IT Audit School
IT Audit School
IT Auditing And Controls
IT Auditing And Controls
Fundamentals Of Internal Auditing
Fundamentals Of Internal Auditing
Advanced Auditing For In-Charge Auditors
Advanced Auditing For In-Charge Auditors
Auditing Business Application Systems
Auditing Business Application Systems
Fraud Auditing Boot Camp
Fraud Auditing Boot Camp
Adobe Training
Adobe Training