Information System Audit Training

Information System Audit Training Information System Audit Training
By Dr. Derek J. Oliver
IT Governance & Management:

Advanced Information System Auditing

“Focus upon the globally recognised duties of an IS Auditor established by the Information Systems Audit & Control Association (ISACA)”

By Dr. Derek J. Oliver

PhD in Information Security Management • Doctorate in Business Administration • CISA • CISM • CRISC
Request for In-house TrainingRequest for In-house Training
Register for Public Training Public program not yet available
Register for Public TrainingRegister for Public Training
Email Customer Service Contact Customer Service +6 (082) 287 737
Course Title:
Advanced Information System Auditing
Training Category:
Information Technology
Target Audience:
IT Auditors and other Assurance Professionals, new and experienced; head, director, general manager and manager of Information Security, IT Audit, and IT
2 Days
Public Training Events
Dec 2015 ›
Capri by Fraser Hotel Residences, Kuala Lumpur, Malaysia
Wed 12 Dec 2015 - Thu 14 Dec 2015
8:30AM - 5:30PM

Fee Per Person:
  • Register not later than 19 Oct 2015 for only RM4,744 per person.
  • 10% discount for group registration of 3 paxs or more from the same organization.
  • Workshop Recognition: Attendance at this course entitles the delegate to claim 14.0 CPE Hours for the Institute of Internal Auditors, ISACA and other relevant professional institutions upon completing this 2 days workshop.
  • FREE 3 Months Post Workshop Consultation.
Register Now!

* Other terms & conditions apply.
For In-house Training
Request for Quotation Request for Quotation
For Other Inquiries
Contact Corporate Intelligence Advisors
Contact customer service +6 (082) 287 737
Email customer service
Delivery Methods
  • Language: English
  • PowerPoint Presentation
  • Workshop
  • Group Discussion
  • Reading Materials
  • Simulation
  • Participant Presentation
  • Role Play
  • Lecture
  • Case Studies
  • Demonstrations
  • Certificate of Participation
Ad by Google
*Terms & Conditions

Course Introduction ›

Information Technology continues to advance; organisations are increasingly dependent on the use of information systems (IS) to carry out their business operations and service delivery and to process, maintain and report essential information.

Such heavy reliance calls for experienced IS Auditors to give Executive Management the assurance they need to make good, well informed business decisions and to be satisfied that the myriad of risks associated with their use of technology are well and appropriately managed.

Because of this reliance, it is important that both internal and external auditors are aware of globally recognised best practices in their role at the more experienced, "Senior" level.

This course will establish the IT auditors' overall objective, like everyone else involved, to contribute to the success of the Organisation's Objectives. IT auditors are best qualified to do this by:

  • Planning and managing appropriate and timely audit projects based on business risk
  • Assessing the quality of IT Governance & management practices
  • Addressing their role in the development and acquisition of technology
  • Evaluating information systems operations, maintenance & support and
  • Auditing the protection of information assets

The course will focus upon the globally recognised duties of an IS Auditor after 3 to 5 years experience in the role, as established by the Information Systems Audit & Control Association (ISACA) based on a series on international questionnaires. Delegates should note that, at this more senior level, the IS Auditors "hands on" ability with technology is less important that their understanding of the audit concepts involved and how these must be considered against the actual needs of the organisation.

Course Objectives ›

Through a combination of lectures, open discussions and consideration of actual IS Audit projects, you will assist you to:

  • Enhance and confirm your knowledge and experience
  • Gain and maintain the level of knowledge required to meet the dynamic challenges of a modern enterprise
  • Increase your value to your organization
  • Achieve a competitive advantage over peers when seeking job growth
  • Achieve and maintain a high professional standard

Course Outline ›


Introduction and agenda

  • Review of agenda as well as course expectations
  • Opportunity for Delegates to raise any specific issues

The Process of Auditing IS

  • What tasks are within this area?
  • Management of the IS Audit function

IS Auditing Standards

  • What is expected of the Senior IS Auditor?
  • An overview of Risk Based Auditing
  • Types of Control

Performing an IS Audit

  • IS Audit Standards
  • Computer Assisted Audit Techniques (CAATs)
  • Considering Control Self Assessment & Continuous Auditing

The Governance & Management of IT

  • The difference between Governance & Management
  • The IT Governance structure
  • Auditing the IT Strategy
  • Policies, Standards, Procedures & Guidelines

IS Management Practices

  • Human Resource Management
  • Organisational Structures & Responsibilities
  • Auditing Outsourced services

Segregation of Duties

  • Why this is a critical business concern
  • Ensuring every aspect of business risk is addressed by IT
  • Administrative issues

Technology Acquisition, Development & Implementation

  • Benefits Realisation & the Business Case
  • Project Management Structures
  • Project Controls: the GANTT & PERT Charts
  • A review of the standard development methodology and where Auditors are involved
  • What the Auditor is expected to do and what must be avoided!

Business Process Reengineering and specific applications

  • A look a the BPR Project and where things can go wrong!
  • A brief review of some specific applications

Acquisition and how it is different from Development

  • Audit concerns and business risks
  • A look at a project that went very wrong because no IS Audito was involved!

IS Operations, Maintenance & Support

  • Management of IS Operations
  • Incident & Problem Management
  • Technical Hardware

IS Operations, Maintenance & Support continued

  • IS Technical Architecture & Software
  • Operating Systems
  • Data & Database Management
  • Utility Program Problems
  • Software Licensing

IS Network Infrastructure

  • Network design & Resilience
  • Network Media: risks and controls

Disaster Recovery & Business Continuity

  • Audit's expectations during planning
  • Will the technology recover? The RPO and RTO & the Auditor
  • Recovery strategies
  • Horror stories!

Protection of Information Assets

  • Information Security Management
  • Logical Access Controls & Audit Expectations
  • Remote Access
  • Audit issues & concerns
  • The use & abuse of Encryption

Protection of Information Assets continued

  • Network Security, Firewalls & The Internet
  • The Demilitarized Zone (DMZ)
  • Types of attack & addressing them
  • The use of Intruder Detection Systems (IDS)

Physical & Environmental Security

  • Physical access exposures & controls
  • Environmental issues & exposures
  • Fire suppressant systems: pouring water on the computer!

Auditing Information Security

  • The Information Security Policy
  • Penetration Testing
  • Getting Management Attention!

Summing up the Course

  • Introducing the Certified Information Systems Auditor designation
  • Any further questions
  • Key Issues of the course

Contact us now ›

  • Course content customization
  • In-house training request
  • Available public program
  • Consultation services
  • Other inquiries
Contact Customer ServiceCall : +6 (082) 287 737
Email Customer Service E-mail :

Related Courses ›

Published by: ,
online learning icon Request for Online Training
Contact Us
Animated Progress Icon

Contact Assistant