NORTH AMERICA EMEA ASIA
All programs BankAudit 2013 InfoSec World Conference & Expo 2013 SuperStrategies Conference & Expo 2013 The Conference on Big Data Security
All programs The Audit Directors & Managers Symposium The MIS Audit Leadership Institute The MIS CAE Master's Program
ABOUT MIS INTERNAL AUDIT IT AUDIT INFO SECURITY IN-HOUSE TRAINING  
 
     Conferences            >      Seminars            >      Symposia            >      Webinars      Online Self Study      Training Weeks      In-House Training      Certificate Programs>      Exhibiting Info      Ways to Save      Request Info      Event Downloads      White Papers      Call for Instructors      Contact MIS      Site Map
Internal Audit IT Audit Info Security
Internal Audit IT Audit Info Security
Audit Manager's Guide to IT Risks - OAM302 
Understanding Today's Technologies and How They Impact the Organization
Learning Level: Intermediate
CPEs: 16 Fee: $1,695.00
Focus and Features Who Should Attend Agenda Register
Agenda

What You Will Learn

1. Understanding IT Risks
- current examples of how IT risks have negatively impacted organizations
- incorporating IT risks with enterprise risks
- classifying information asset risks: confidentiality, integrity and availability
- common IT vulnerabilities and associated risks
- addressing IT-related fraud
- leveraging COSO, COBIT, and other international frameworks to address IT risks

2. Taking the Mystery Out of Information Technology: Battling the Buzzwords
- sorting out the software: operating systems, system software, virtualization
- database management systems
- computing models: centralized, decentralized, distributed, client/server
- network infrastructure control points and safeguards
- portable computing and remote access
- cloud computing and other outsourcing risks

3. Key IT Infrastructure Risks and Controls
- relationship between IT infrastructure controls and application controls
- organizational roles and responsibilities
- separation of duties and “least privilege”
- identity and access control management
- log management and incident response
- data leakage protection
- change control
- system software key risks and controls
- controlling privileged access
- disaster recovery and business continuity planning
- physical security and environmental risks and controls
- encryption and public key infrastructure (PKI)

4. Business Application System Risks and Controls
- business application system risks
- objectives of business application audits
- control ownership
- defining application transactions
- top-down risk based application audit planning
- application controls
-- completeness and accuracy of input
-- completeness and accuracy of processing
-- output controls
- data warehouse application risks and controls
- end user computing risks and controls
- Web-enabled application risks

5. Assessing IT Governance
- understanding IT governance and its relation to enterprise governance
- determining IT governance risks
- reviewing the role of the board of directors
- establishing a pro-active IT governance audit strategy
- using COSO and COBIT to assess IT governance
- IT Governance audit resources

6. Developing the IT Audit Plan
- performing IT risk analysis
- developing the IT audit universe
- staying aware of IT activities / risks
- establishing IT risk criteria
- integrated auditing
- IT audit planning resources
- what’s on the minds of IT Audit Managers

 
REGISTRATION QUESTIONS?
For questions about your registration, government and team discounts, or multiple registrations, please call Linda Ronconi at (508) 879-7999, ext. 501 or e-mail mis@misti.com.

IN-HOUSE SEMINARS
This seminar is available in-house. For more information about bringing this or other MIS seminars to your organization, please call Mimi Hatch at (410) 692-2465 or e-mail mhatch@misti.com.

 


Dates/Locations
June 13 - 14, 2013
New York
October 3 - 4, 2013
Las Vegas