NORTH AMERICA EMEA ASIA
All programs BankAudit 2013 InfoSec World Conference & Expo 2013 SuperStrategies Conference & Expo 2013 The Conference on Big Data Security
All programs The Audit Directors & Managers Symposium The MIS Audit Leadership Institute The MIS CAE Master's Program
ABOUT MIS INTERNAL AUDIT IT AUDIT INFO SECURITY IN-HOUSE TRAINING  
 
     Conferences            >      Seminars            >      Symposia            >      Webinars      Online Self Study      Training Weeks      In-House Training      Certificate Programs>      Exhibiting Info      Ways to Save      Request Info      Event Downloads      White Papers      Call for Instructors      Contact MIS      Site Map
Internal Audit IT Audit Info Security
Internal Audit IT Audit Info Security
Auditing Outsourced Operations - OAP211 
Developing an Audit Strategy That Will Protect Your Organization's Interests
Learning Level: Intermediate
CPEs: 24 Fee: $2,050.00
Focus and Features Who Should Attend Agenda Register
Agenda

1. The Decision Making Process: To  Outsource or Not to Outsource
- business drivers and benefits of  outsourcing
- justifying the decision: assumptions and mechanics 

2. Defining Relationships and Requirements
- determining the scope and extent of the agreement
- delineating the requirements in the context of the business
- determining the capabilities required of the co/outsourcer
- evaluating the ability of the organization to properly oversee outsourced  operations

3. Risk-Intensive Outsourcing Situations
- primary business functionalities
- overseas operations
- systems development
- outsourcer sub-contracting
- SOX considerations

4. Defining the RFP
- assigning responsibility for developing the RFP
- identifying the business requirements to be included in the RFP
- auditing the primary specifications of the RFP
- evaluating selection criteria for qualified vendors
- ensuring that all aspects of the RFP are complete and functional

5. Evaluating the RFP and Selecting a Vendor
- determining if the proposal(s)  meets your requirements
- assessing potential vendor’s viability: risks to consider
- conducting vendor-site visits: critical areas to review
- providing oversight and ongoing management of the relationship
 - key considerations regarding vendor’s responses: completeness and  capabilities
- auditing the final review and selection process

6. Auditing the Legal Obligations: What to Look for in the Contract
- strategic audit initiatives for mitigating key business risks and  maximizing audit leverage prior to the signing of the final agreements
- critical legal provisions: ensuring that the organization is protected from  vendor deficiencies/defaults
-- assessing provisions for specific financial responsibilities
-- insuring the availability of necessary data
- ensuring that the necessary audit/risk assessment tools will be available as  required
- determining the extent, frequency, and source of independent oversight
- ensuring you have the right to audit with guaranteed access

7. Establishing Effective Risk Assessment Methodologies/Audit Tools and  Techniques
- defining risk profiles of the  outsourcer’s primary functionality
- establishing risk profiles and  indicators for ongoing evaluation of the relationship: provisions for continuous  risk assessment
- creating effective audit  techniques, tools and methodologies
- testing the functionality and  viability of your audit tools and capabilities

8.  Audit Tasks for  Critical Customer Service Processes
- determining the key metrics to  measure performance
- focusing audit  tasks where they can be the most effective
- measuring  risk of failure to service to customers appropriately
- creating an ongoing risk assessment  methodology using metrics to track the pulse of the process or  function
- audit tasks most appropriate to  customer service areas

9.  Audit Tasks for  Administrative Processes
- key issues in HR, benefits  administration, and invoicing
-  measuring performance of human resources and/or any administrative function
- focusing your audit  efforts for maximum outcome, minimum intervention
- measuring  risk of failure to perform critical process functionality, regulatory  requirements, or the fulfillment of performance guarantees
- determining the most appropriate  audit tasks for administrative oversight

10. Critical Operational and Data Security Areas of IS/IT
- evaluating key functionality: software, data  security and access, disaster recovery/business resumption, contractual and  service level agreement considerations, outsourcer's environment, and  confidentiality
- performing a risk assessment  relative to primary IS/IT functionality
- establishing metrics for measuring  the critical aspects of the IS/IT arrangement
- key audit tasks that need to be  performed
- effective controls that should be  in place in the critical IS/IT areas
- overseeing and evaluating the  effectiveness of the arrangement

11. Outsourcing/Co-Sourcing the IT  Audit Function
- qualities of a good co/outsourcing  partner
- exploring the options and their  viability
- determining the deliverables and  related specifics
- ensuring that the appropriate  competencies will be obtained

12. Overseeing the Ongoing  Relationship
- verifying vendors deliver on their  guaranteed provisions
- using ongoing risk assessment to  determine the need for, extent of, and timing of required audit work
- fact-based business reporting  formats that provide a sound foundation for corrective actions

 
REGISTRATION QUESTIONS?
For questions about your registration, government and team discounts, or multiple registrations, please call Linda Ronconi at (508) 879-7999, ext. 501 or e-mail mis@misti.com.

IN-HOUSE SEMINARS
This seminar is available in-house. For more information about bringing this or other MIS seminars to your organization, please call Mimi Hatch at (410) 692-2465 or e-mail mhatch@misti.com.

 


Dates/Locations
March 4 - 6, 2013
Chicago
August 5 - 7, 2013
New York