Auditing Information Systems

 

This class is geared towards information technology management and key staff but certainly will be beneficial to other corporate management personnel who might find themselves being audited one day. The following will give you an idea of what topics will be covered in class:

 

  • History of regulatory agencies

  • Sarbanes Oxley legislation

  • Control frameworks

  • Controls overview

  • Control definitions and control types

  • Establishment of a sound IT control environment

  • Proactive control activities

  • Assessment of IT controls and evaluation of effectiveness

  • The internal audit process

  • Development/maintenance methodology and project management

  • Production change management

  • Application controls

  • Operational controls

  • Database controls

  • Passwords

  • COSO

  • COBIT

  • Spreadsheet controls

  • Outsourcing controls (SAS70 and  SSAE16)