Online course: Introduction to Information Systems Auditing

Lisätiedot

Aika

10.10.2023 10:00 - 11.10.2023 18:00

Paikka

Online, via Teams

Hinta

Jäsenet: 995€ (+VAT)
Muut: 1295€ (+VAT)

Tapahtuman kuvaus

NOTE! This course has been moved, new date is October 10-11.

This intensive course provides the perfect starting point for someone new to Information Systems Auditing. This course aligns to the latest standards and best practice approaches and is updated each year. Please note that the seats are limited.

Who is this course for?

This course is open to all, but an understanding of audit terminology and of the risk-based auditing process is assumed.

What will I learn?
Upon completion you will be able to:

  • Identify risks and controls that impact an organisation’s information processing;
  • Perform reviews of live application systems;
  • Perform reviews of systems under development;
  • Review physical security within the organization;
  • Review contingency and business resumption plans;
  • Review logical security; duck
  • Perform elementary network reviews.

The course is accompanied by a softcopy manual that contains course text, practical examples and will be accompained by work programmes to use on return to work.

Course programme

RISKS ASSOCIATED WITH SYSTEMS

  • Generic IT risks – confidentiality, availability, integrity, and accountability
  • Specific IT risks – those associated with applications or services
  • Creating an Audit Plan for IT – the IT Audit Universe

AUDITING LIVE SYSTEMS USING A RISK-BASED APPROACH

  • Control by design
  • Where to look for controls

AUDITING NEW SYSTEMS AND CHANGE

  • Formal methods and Semi-formal methods
  • Rapid application development – RAD
  • Agile

AUDITING IT CONFIGURATION AND CHANGE MANAGEMENT

  • Configuration Management – key questions for reviewers
  • Change Management – key questions for reviewers

PHYSICAL SECURITY LOGICAL SECURITY

  • Registration, Identification, Authentication, Authorisation and Logging
  • The user community – finding them, extracting them
  • Permissions or authorisations
  • Event logging – journals – trails
  • Systems administration

CONTINGENCY AND DISASTER AVOIDANCE

  • ISO 27031
  • Determining the range of services that you require and their priority
  • Additional supplier support options to supplement organisational capacity
  • Maintaining the plan
  • Testing the plan

SIMPLE NETWORKING TERMINOLOGY AND CONCEPTS

  • Network terminology – short and long haul – LAN / WLAN and WAN
  • Network diagrams – contextual, logical, physical
  • LAN – Local Area Network
  • WANs – Wide Area Networks
  • Switches – separating parts of networks – segmenting networks
  • Routers – the traffic policemen controlling flow according to rules and a route map
  • Firewalls – blocking the unacceptable by checking moving traffic against rules
  • General issues to consider with WANs, WLANs and LANs
  • Key questions to probe concerning network risk

Teacher: Stan Dormer

CPE points: 13

Details will be sent to participants in advance of the course. Approximately a week before training.

Cancellation policy

  • In case of cancellation 30 days before the start of the course, 0% of the participation fee needs to be    paid.
  • In case of cancellation 30-15 days before the start of the course, 50% of the participation fee must be paid.
  • In case of cancellation 15 days or less before the start of the course, as well as non-attendance, 100% of the participation fee will be invoiced. This applies for whatever reason, such as illness.

You can transfer your place to a colleague free of charge.

We reserve the right to cancel the training up to 14 days before the date.

Aikataulu

10.10.2023

10:00 - 18:00

Details will be sent to participants in advance of the course.

11.10.2023

10:00 - 18:00

Details will be sent to participants in advance of the course.

Tulevat tapahtumat