Description
Information Systems Audit for Beginners
Course Outline
Course Description
The Information Systems (IS) Audit for Beginners Course is primarily for new IS auditors or those working in other types of audits that would like to learn the foundation concepts and practices of IS audits. This Course aims to discuss the objectives, frameworks/principles, and practices of IS audits particularly the different areas or domains such as:
IS audit process
Governance and management of IT
Systems development and acquisition
IS Service Delivery and Support
Course Objectives
- To understand the basic framework and principles of IS audit
- To know the different areas or domains of IS audit
- To learn practical approaches to conducting IS audits
Target Participants
- Auditors (financial, operations, or beginner IS auditors
- Risk and compliance managers
Course Outline
DAY 1
1. Information Systems (IS) Audit Process
- Auditing and IS Auditing
- Purpose and Scope of IS Audits
- Roles of IS Auditors
- Organization of IS Audit Function
- IS Audit Phases
- IS Audit Standards
- Performing IS Audits
- Audit Planning
- Risk Analysis
- Control Objectives and Classifications
- Compliance and Substantive Testing
- Audit Evidence and Sampling
- Audit Documentation
- Concluding the Audit
2. Governance and Management of IS
- IT Governance Domains and Focus Areas
- Roles and Responsibilities in IT Governance
- IT Governance Framework
- IS Management Practices
- Strategic Planning
- Performance Measurement
- Policies and Procedures
- Personnel Management
- Sourcing Practices
- Quality Management
- Risk Management
- IS Roles and Responsibilities
- Business Resilience
- Business Continuity Management Process
- Business Impact Analysis
- Risk Assessment
- Risk Management
- Risk Monitoring
- Conducting IT Governance Audits
DAY 2
1. Systems Development and Acquisition
- Systems Development Life Cycle (SDLC) overview
- SDLC Stakeholders
- Auditors’ roles in SDLC
- Common issues and pitfalls with SDLC
- SDLC Approaches/Methodologies
- Traditional or Waterfall Approach
- Agile Development
- Auditing SDLC
- IS Service Delivery and Support
- Data Center Management
- Physical and Environmental Security
- Critical Infrastructure Maintenance and Monitoring
- Configuration Management
- IT Service Quality
- Incident Reporting and Response
- Data Center Operations
- Roles and Responsibilities
- Segregation of Duties
- Skills and Competencies
- Personnel Availability
- Change Management
- Information Security Management (ISM)
- Key elements to ISM
- Information Security Governance
- Cybercrime and Issues
- IT General and Application Controls
- Audit considerations in IT General and Application Controls
- Cloud computing Basics, Risks, and Safeguards
- Auditing Computerized Transactions
Schedule:
18 & 25 November 2023
Two (2) Saturdays
9:00 AM – 5:00 PM
Speaker:
Dickenson Y. Africa, CPA, CISA, MBA, CBCLA, CDPP
Deputy Director
Business Continuity Management Group
Risk and Compliance Office
Bangko Sentral ng Pilipinas
Training Fee per Participant:
From Member Institution – P 5,600.00
From Non-Member Institution – P 7,840.00
**VAT inclusive

