Training Courses

ITAM-100-CSI: IT Audit for IT Managers IT Audit Review: Critical Security Issues

CPE credits: 7

Description: This seminar will provide a unique opportunity for your organization's IT management and professional staff to become acquainted with the role and responsibilities of your organization's internal audit function and more specifically, the organization's IT audit professional.

In today's evolving virtual markets and highly complex, global corporate environments, information technology professionals, operational, financial, and IT auditors must all work together in helping to establish, implement and secure organizational infrastructure from both internal and external threats.

This seminar will provide the attendee with an insight into the most critical and sensitive areas of an organization, areas which are increasingly being examined by an organization's internal audit function. Internal controls and security are examined with an objective of gaining a better understanding of the audit concerns related to securing and controlling an organization's IT environment.

Audience: IT Managers, system administrators, managers of telecommunications, directors of security, safety and continuity planning, and IT professionals who through their involvement in managing or directing IT infrastructure will eventually be requested, by their organization's internal and/or external audit function, to participate in an examination of IT operations under their authority.

This particular seminar would also be of value to financial and operational audit professionals considering a career move into IT auditing as well as non-IT audit professionals tasked with the responsibility for assessing their organization's IT operations and infrastructure.

Prerequisites: There is no prerequisite for this seminar.

Objectives: After completing this seminar, participants will:

Recognize and identify the differences between cyber crimes and cyber terrorism
Have a working knowledge of the current risks, threats and exposures facing 21st century organizations doing business in virtual global marketplaces
Be prepared to assist their organization in securing its operations, minimize its security exposure, and avoid becoming the victim of an attack
Identify the various uses of Internet technology and that the changing roles of this technology in an e-business environment can jeopardize the reliability of information both from a management and an audit point-of-view
Pinpoint security requirements necessary for effective recovery operations
Explain the countermeasures used to protect organizations against attack
Conduct an assessment and technical review of their organization's Internet and Web-based systems
Discuss with both end users and management, how successful systems are developed and maintained
Lay the foundation for a successful assessment and examination of application development projects, which includes planning the project, estimating the work, and tracking progress

Course Outline:

Identifying potential security risks (risk analysis)
Network security issues (LANs, WANs, MANs, PANs, firewalls, routers, Intranet/Extranet security, etc.)
Application development (PDLC) risks
Data mining, business intelligence, associated risks and concerns
Data quality issues
Issues in Detecting, Controlling and Mitigating Fraud
IT Security as a part of corporate governance
Security Management Best Practices

Dr. Marcella's seminar will draw upon his 29 years of field experience in the areas of corporate, data, IT and physical security and his roll as a Board of Director member for the Saint Louis community InfraGard project, a Board of Governor member for the Saint Louis Institute of Internal Auditors and as a member of the Saint Louis Cyber-Terrorism Task Force.

Back to training courses.

IT Management Consulting, Training Services, and Audit & Security Reviews Since 1984