From the European Union Data Protection Directive to Basel II and Sarbanes-Oxley, recent regulations require organisations to ensure appropriate levels of protection for their critical information assets. To be sure, the common thread through these mandates is the requirement for security and effective controls at all levels of the enterprise.
In this practical, four-day seminar you will immerse yourself in a risk-based approach to IT auditing that will ensure the confidentiality, integrity, and availability of your information assets throughout the enterprise. You will review COBIT, ISO-27002 and a number of other standards / frameworks and learn how they can be applied to your IT audits to provide an appropriate risk focus. You will concentrate on determining risk in critical areas of the IT environment, including operating systems, database management systems, networks, logical security, change management, business continuity planning and application controls. You will learn a pro-active audit approach that will provide a value-added service to your organisation. You will leave this intensive seminar with a thorough understanding of risk-based IT audit and control best practices that you can apply immediately to your next IT audit.
Prerequisites: IT Audit School or equivalent experience. To get the most out of this seminar, you should have a working knowledge of databases, operating systems, and networks |
