Course Description


Auditors in today's complex organizations must understand information systems and be able to function within a technical environment. To that end, auditors need to bring a systematic, disciplined approach to evaluate and improve the effectiveness of IT related risk management, control, and governance processes.

Financial auditors use standards such as GAAP and IFRS to assess financial reporting processes. Unfortunately, there is no required equivalent in the IT world. What framework or standard used (if any!) by IT Management depends on what they elect to use.

To fully maximize IT Audit planning, execution and reporting, auditors should use appropriate internationally recognized IT security and control frameworks and standards.

This on-demand class will provide a review of key internationally recognized frameworks and standards and a methodology of how to select the appropriate resource to use. At the conclusion of this session, the IT Auditor will be able to determine the best fit to enhance the overall effectiveness of the audit conclusions.

This class is designed for IT Auditors, Financial and Business Auditors, Internal and External Auditors, and Audit Management.

Agenda:
  • COSO and GAO Green Book
  • IIA GTAGs
  • ISACA COBIT
  • NIST Cybersecurity Framework (CSF)
  • Center for Internet Security (CIS) Controls
  • OWASP - Open Web Application Security Project
  • ISO 27001 & ISO 27002 Security Standards
  • NIST 800-53 - FISMA
  • GAO FISCAM
  • Many Others Not Included!

Pricing Plan