: IT Audit for IT Managers: Corporate Governance/ Compliance and the IT Audit Function

CPE Credits: 7

Description:

This seminar will provide a unique opportunity for your organization's IT management and professional staff to become acquainted with the role and responsibilities of your organization's internal audit function and more specifically, the organization's IT audit professional.

In today's evolving virtual markets and highly complex, global corporate environments, information technology professionals, operational, financial, and IT auditors must all work together in helping to establish, implement and secure organizational infrastructure from both internal and external threats.

This seminar will provide the attendee with an insight into the most critical and sensitive areas of an organization, areas which are increasingly being examined by an organization's internal audit function. Internal controls and security are examined with an objective of gaining a better understanding of the audit concerns related to securing and controlling an organization's IT environment.

This seminar will provide a unique opportunity for your organization's IT management and professional staff to become acquainted with the role and responsibilities of your organization's internal audit function and more specifically, the organization's IT audit professional.

In today's evolving virtual markets and highly complex, global corporate environments, information technology professionals, operational, financial, and IT auditors must all work together in helping to establish, implement and secure organizational infrastructure from both internal and external threats.

This seminar will provide the attendee with an insight into the most critical and sensitive areas of an organization, areas which are increasingly being examined by an organization's internal audit function. Internal controls and security are examined with an objective of gaining a better understanding of the audit concerns related to securing and controlling an organization's IT environment.

Audience:

IT Managers, system administrators, managers of telecommunications, directors of security, safety and continuity planning, and IT professionals who through their involvement in managing or directing IT infrastructure will eventually be requested, by their organization's internal and/or external audit function, to participate in an examination of IT operations under their authority.

This particular seminar would also be of value to financial and operational audit professionals considering a career move into IT auditing as well as non-IT audit professionals tasked with the responsibility for assessing their organization's IT operations and infrastructure.

Prerequisites: There is no prerequisite for this seminar.

Objectives:

After completing this seminar, participants will:

• Have a working knowledge of the current risks, threats and exposures facing 21st century organizations doing business in virtual global marketplaces
• Gain a better understanding of audit's mandate and reason audit needs to examine IT (systems, applications, and infrastructure)
• Examine briefly the role of an IT auditor, including a brief review of an IT auditor's skill set
• Review corporate policies which may direct audit involvement and examination of IT operations
• Discuss what IT management should do to prepare for an internal audit of IT operations
• Discuss the benefits of partnership between audit and IT management
• Review and examine the current standards which have mandated that organizations take a closer and more personal look at their IT infrastructure and operations After completing this seminar, participants will:
  • Have a working knowledge of the current risks, threats and exposures facing 21st century organizations doing business in virtual global marketplaces
  • Gain a better understanding of audit's mandate and reason audit needs to examine IT (systems, applications, and infrastructure)
  • Examine briefly the role of an IT auditor, including a brief review of an IT auditor's skill set
  • Review corporate policies which may direct audit involvement and examination of IT operations
  • Discuss what IT management should do to prepare for an internal audit of IT operations
  • Discuss the benefits of partnership between audit and IT management
  • Review and examine the current standards which have mandated that organizations take a closer and more personal look at their IT infrastructure and operations

Course Outline:

• IT Audit: A 21^st Century Perspective
• Overview of audit’s mandate and reason audit needs to examine IT (systems, applications, and infrastructure).
• Brief examination of the role of an IT auditor, including a brief review of an IT auditor’s skill set.
• A brief review of corporate policies which may direct audit involvement and examination of IT operations.
• What should IT management do to prepare for an internal audit of IT operations?
• Discussions covering the benefits of partnership between audit and IT management.
• A review and examination of the current standards which have mandated that organizations take a closer and more personal look at their IT infrastructure and operations.  This review would examine the following standards and their impact on operations:
  • Basel II
  • Sarbanes-Oxley
  • BS15000
  • BS7799
  • COBIT
  • ISO 9000
  • ISO14000
  • GLB
  • HIPAA

• This session will tie together the standards with the role responsibilities of the auditor and IT management.

Dr. Marcella's seminar will draw upon his 29 years of field experience in the areas of corporate, data, IT and physical security and his roll as a Board of Director member for the Saint Louis community InfraGard project, a Board of Governor member for the Saint Louis Institute of Internal Auditors and as a member of the Saint Louis Cyber-Terrorism Task Force.