HG62: Comprehensive IS Audit with Case Studies Seminar
- Currently available for in-house sessions
Please click: Here for Registration Form
For more information on seminar dates, locations, and hotels, and how to register, please click here:
Schedule/Registration/Locations/Hotels for IS Audit Training
This course makes you a better auditor. It uses case studies to stretch your problem-solving ability and to increase your technical knowledge. It will help you develop a creative, practical, and consultative approach to your audits.
If you have found that audits tend to become rote exercises following canned routines, this
seminar will show you how to enhance your current methods with systematic problem-solving techniques that you can apply to any audit. It will also show you how to conduct IS audits that provide outstanding support to the financial audits.Because each audit is different and can't always be addressed effectively using just checklists, this course shows you how to add value by treating each audit as an interesting challenge. The outlook and approach you learn here will add to your current checklists and methodologies, while making your audits less boring.
This class provides you with technical training for many types of audit, and for many different types of computer. The extensive exercises will re-inforce the technical details you learn, as well as show you how to think through the most effective approach for any type of audit. Technical topics covered include: UNIX, Windows, mainframe computers, and networks. Types of audit include: security, performance, application controls, compliance, and business resumption, and management controls.
(Please note that not every exercise and not every technical topic will be addressed in each class session. Topics to be covered will be selected based on the individual needs of class members.)
HG62: You Will Learn How to:
- Conduct a wide variety of IS audits, including security, performance, compliance, and efficiency
- Link the IS audit to the financial audit
- Conduct IS audits that add value with meaningful findings and practical recommendations
- Conduct audits involving different types of computer, including UNIX, Windows, and mainframes
- Audit computer networks
- Audit in a way that is practical and problem-solving instead of rote filling out of forms and canned procedures
- Address any audit with a fresh eye and a structured, systematic approach
The workbook is a valuable reference, and includes complete audit programs.
Who Should Attend HG62: Comprehensive IS Auditing with Studies?
- Experienced IS auditors who are starting to find audits boring and repetitive
- New information system auditors who want to learn a pro-active approach to auditing
- IS auditors who want to increase their support of the financial audits
- Auditors who want to broaden their technical knowledge
- Auditors who want their audits to make a difference
- Auditors who want their audits to add value
- Information system auditors who want to improve their skill
- Financial auditors who want to learn more about IS auditing
Class Outline
I Concepts and Keywords A. Introduction B. What is an IS Audit Considerations When Evaluating Controls for Q1 Considerations When Evaluating Controls for Q2 How IS Audits Relate to Financial Audits C. What You Need to Know About Computers D. IS Audit Process: Planning, Scoping, Work Papers E. The Data Center F. IS Audit Process: Standards and Objectives G. Distributed Data Processing H. IS Audit Process: Evidence Collection and Analysis I. Networks J. IS Audit Process: Verification and the Closing Meeting K. Summary L. Audit Rules M. How the Case Studies Work II. The Scenarios A. Application Controls Review B. Data Center Audit: Physical Security C. Data Center Audit: Management Controls D. Security Audit E. Network Audit F. Business Resumption (Disaster Recovery) Plan Audit G. Chargeback System Audit H. Firewall Audit I. HIPAA Compliance Audit J. What Good Audits Have in Common III. Forms and Reference A. Basic Security Model B. Sample Documents and Writing Tips C. Examples of Various IS Audit Types IT Organization and Management IT Process IT Security IT Software Development, Acquisition, and Maintenance D) Explanations of Various Types of Computer Mainframes Personal Computers UNIX The Internet AS/400 INDEX
Please note that these seminars are available for In-House Sessions.
You can save more money by learning about our seminar Discounts
Return to Top of Page Return to Home Page
Stu Henderson offers MVS security audits, consulting, seminars, articles, and other information sharing related to information security and auditing. His consulting includes: security reviews, risk assessments, RACF implementation assistance, and Information Technology audit technical counseling.
His most popular seminars provide: RACF training, mainframe audit training including MVS and z/OS audit training. His RACF seminars include: "Effective RACF Administration", "Advanced RACF Administration", and "UNIX (USS) for RACF Administrators".
His audit seminars include: "How to Audit MVS, RACF, ACF2, TopSecret, CICS, DB2, and MQ Series Security" and the follow-on "How to Audit z/OS with USS, TCP/IP, FTP, and the Internet", as well as "How to Audit UNIX and Windows Security" and "How to Audit TCP/IP Security".
Information on class location and schedules, as well as articles, links and other useful information sharing may be found on his website at www.stuhenderson.com