Subscribe for NewsLetters
Email: *
 
First Name: *
 
Last Name:
 
Organization:
 
Position:
 
Country:
Enter Captcha:*
captcha
Search_btn
Case Ware Analytics Ad   Business Case
Futr 468x60 (1)
Asv Banner
C Risk Academy Banner

AuditNet® Training::It-audit-basic-and-advanced-recorded-series

IT AUDIT TRAINING WITHOUT TRAVEL

An information technology audit, or information systems audit, is an examination of the management controls within an Information technology (IT) infrastructure. The evaluation of obtained evidence determines if the information systems are safeguarding assets, maintaining data integrity, and operating effectively to achieve the organization's goals or objectives. These reviews may be performed in conjunction with a financial statement audit, internal audit, or other form of attestation engagement.

AuditNet® has joined forces with Richard Cascarino and Associates to bring you a structured learning curriculum for IT audit. The courses are designed to build on skills developed from prior knowledge or training. Auditors can choose between the complete series or pick and choose specific course depending on both needs as well as budgetary financial constraints. AuditNet®

AuditNet® is pleased to offer the IT Audit Training on a USB Flash drive. The flash drive will include all 10 2 hour webinars and the slides. Auditors also have the option of adding a subscription to AuditNet® at a reduced fee. You must provide a correct postal address so that we can mail you the flash drive. 

IT Audit Basic and Advanced Series

The IT Auditing Series is a series of 10 2-hour recorded webinars.

The study program consists of 5 modules Basic and 5 modules Advanced spanning a broad range of topics and issues in the IT Auditing field. The emphasis in all webinars is therefore on practical aspects, of Internal Auditing.  

The course content is based upon ISACA Framework which has been accepted world-wide as the basis of skills and competencies required for all IT Auditors. 

Watch the following for an introduction to the training!

The webinars are presented by Richard E. Cascarino, MBA, CIA, CFE, CISA

CPE is not offered for viewing the recordings. If you would like to earn CPE then register and pay for the live sessions.

Who Should Watch?

The series is aimed primarily at auditors, both internal and external, who are beginning their career in Computer Auditing or who wish to understand the complexities and vulnerabilities of computer systems. The series builds rapidly to shorten the time period to productivity and effectiveness.

Webinar Leader

Richard Cascarino, CIA, CISM, CFE is a consultant and lecturer with over 28 years experience in IT Risk, Audit, Governance, Forensic, Internal and IT auditing education and author of the books Internal Auditing-an Integrated Approach and Auditor’s Guide to Information Systems Auditing and the forthcoming book Preventing Fraud – It Could Happen to You. He is also a contributing author to the Governance section of Finance: The Ultimate Resource and is a frequent speaker at IIA and ISACA courses and conferences.

He is a Past President of the IIA – South Africa and founded the African Region of the IIA Inc.


Richard is a computer and audit professional with over 35 years’ experience in designing, implementing, managing and auditing complex computer systems. In addition he has conducted extensive operational audits in a variety of business environments throughout the world. Richard is the Principal of Richard Cascarino & Associates and, in addition to being a regular speaker to National and International conferences, he has presented this series of courses throughout Africa, Europe, the Middle East and the USA. Richard is a Past President of the Institute of Internal Auditors in South Africa, was the founding Regional Director of the Southern African Region of the IIA-Inc and is a member of both the ISACA and the Association of Certified Fraud Examiners. He is also the author of Internal Auditing – an Integrated ApproachAuditor’s Guide to IT Auditing and Corporate Fraud and Internal Control.

IT Audit Training on a Flash Drive

1. Fundamentals of IT Auditing 

The webinar covers basic concepts of computing, primary types of computer systems, the risks and controls and audit usage of computers. You will gain the confidence of understanding the jargon and knowing that questions you put to clients are addressing the real issues. The attendee will also realize the difference between jargon answers and evasive answers.

On using the knowledge you have gained, you will discover a greater level of acceptance by Information Technology staff and users due to your increased comprehension. This can be immediately translated into more effective and efficient audits and a greater contribution to the organization.

By the end of this webinar the attendee will be able to:
  • Understand the jargon of the computer world 
  • Differentiate between types of systems and their major risk elements 
  • Understand how computer systems are constructed and how this can influence the eventual running in the business environment 
  • Utilize this knowledge to gain a greater acceptance by computer-literate auditees 
  • Identify the role of the IS audit specialist
  • Identify potential areas for the audit use of computerized technology
Webinar Contents

This two-hour webinar is designed to provide the participants with an in-depth knowledge and experience of:

  • Technology and audit
  • Control objectives and risks
  • Batch and on-line systems
  • Programming computers
  • Database systems
  • Computer risks and exposures
  • Computer security
  • Application systems and their development
  • Computer operations controls
  • CPE: N/A
  • Basic Delivery Method:Video Recording

2. Auditing Database Structures  

Today's IT auditor is increasingly being faced with a multiplicity of database management systems (DBMSs). Since each of these affects not only the control concerns of the IT systems due to the concentration of risk, but also the control and audit opportunities due to the increased control and audit tools, it has become critical that auditors understand their role and criticality.

This two-hour webinar is designed as an intermediate course to introduce auditors to the risks and exposures specific to a business operating in a Database Environment and indicates the unique control opportunities as well as the wide range of audit tools available.

By the end of this webinar the attendee will be able to:

  • Identify the differing types of database structures, their principal components, and the threats to them
  • Relate DBMS components to the operating system environment in which they operate
  • Identify potential control opportunities and select among control alternatives
  • Recognize vulnerabilities in multiple DBMS environments and make appropriate recommendations
  • Select the appropriate audit tool and technique to meet a given audit objective

Webinar content

The webinar will cover the following areas:

  • Database types
  • Sequential
  • Hierarchical
  • Network
  • Inverted File Structures
  • Relational Models
  • Control opportunities in a database environment
  • Database tools and techniques
  • Auditing IMS; IDMS; ADABAS; DB2; DATACOM; Oracle;Access
  • CPE: N/A
  • Basic Delivery Method:Video Recording

3. Audit use of CAATs  

In order to audit in today's complicated, computerized environment, the auditor must frequently utilize computer technology himself. This may take the form of auditing the computer applications themselves, utilizing computerized techniques to obtain information about non-computerized business areas and extracting and manipulating data from computerized systems. As such it becomes imperative that auditors be familiar with the types of computerized audit tools and techniques available, their advantages and disadvantages and be comfortable with their use.

This two-hour webinar is designed to give specialist IT auditors practical experience in both the selection of an appropriate CAAT as well as experience in running CAATs and interpreting results.By the end of this webinar attendees will have an in-depth knowledge of:
  • The nature and usage of CAATS
  • Methods for determining the appropriate CAAT
  • Usage of differing types of CAAT
  • Interpretation of results
  • Verification of CAAT results

Webinar Content

The Webinar will cover the following areas:

  • System testing techniques
  • Computerized application systems
  • Non-computerized systems
  • CAAT types
  • Source code review
  • Use of Test Data
  • Parallel Simulation
  • Integrated Test Facilities
  • Snapshot Techniques
  • SCARF
  • Retrieval Software
  • Generalized Audit Software
  • Specialized Audit Software
  • Utility Software
  • ACL
  • IDEA
  • CPE: N/A
  • Basic Delivery Method:Video Recording

4. Auditing Contingency Planning

Business has become increasingly dependent on computers to survive on a day-to-day basis. If these systems become unavailable for a significant period or if the integrity of the data they process is prejudiced, the very survival of the organizations which depend on them may be at serious risk. No busy manager likes to spend time contemplating the worst which could befall the company and anyway, disasters happen infrequently and always to someone else.

This two-hour webinar puts Computer Disaster Recover Planning firmly in its place as part of the Corporate Survival Program and highlights the auditor's role in ensuring the viability of the corporate Contingency Plan.

Webinar Objectives

The objectives of the webinar are to provide attendees with the tools and techniques needed in their own environments to:

  • Assess the corporate risks
  • Identify their audit strategies
  • Establish their priorities
  • Develop their Audit Plan
  • Evaluate and test their Corporate Disaster Recovery Plan
Webinar Content
The Webinar will cover the following areas:
  • What is a Disaster?
  • What is a Disaster Recovery Plan?
  • Who is Accountable?
  • What are the Options?
  • What is the cost?
  • How can a C.P. be tested?
  • What is Management's Role?
  • What is the User's Role?
  • What is the Information Services Role?
  • What is the Internal Auditor's Role?
  • CPE: N/A
  • Basic Delivery Method:Video Recording

5. IT Fraud and Countermeasures  

IT fraud is presently a major growth area within our corporations. This two-hour webinar is designed to assist auditors and management in the design and implementation of an IT architecture which minimizes the possibilities of fraud and maximizes the probability of detecting fraud.

By the end of this webinar the attendee will be able to :

  • Distinguish between the varying types of computer fraud, their nature and effect 
  • Identify likely fraud indicators 
  • Audit for computer fraud 
  • Establish a Corporate Risk Profile 
  • Structure an anti-fraud security environment 
  • Distinguish between fraud and forensic auditing 
  • Identify the requirements to ensure that audit evidence is acceptable as legal evidence 
  • Identify the requirement and effect of reporting sensitive issues 
Webinar Content
The webinar will cover the following areas:
  • The nature of computer fraud
  • The Corporate risk profile
  • Computer fraud techniques
  • Why computer fraud and who commits it?
  • Fraud auditing
  • Fraud awareness
  • EDI and fraud
  • The expectation gap
  • Forensic auditing
  • Sources of evidence and audit tools
  • Legal evidence
  • Reporting sensitive issues

  • CPE: N/A
  • Basic Delivery Method:Video Recording

;

II. Advanced IT Auditing Series 2 (5 webinars)

1. Risk Analysis for Auditors 

Webinar Objectives
Those planning Internal Auditing department activities face the recurrent task of allocating expected resources to an apparently ever-expanding universe of demands. One means to focus limited resources in a structured way is the use of appropriate risk analysis techniques.

This webinar provides auditors and audit management with a structured approach to risk management and internal risk assessment; risks in computerized systems and the use of computerized risk assessment tools are also addressed.

Webinar Contents

This two-hour webinar is designed to provide the participants with an in-depth knowledge and experience of:

  • Risk and its nature in a corporate environment Risk analysis and Internal Auditing
  • The use of Risk-based auditing as an integrated approach
  • Risks within computer systems
  • Electronic trading risks
  • The IT Risk-based audit approach
  • Risk and materiality
  • A structured approach to audit risk evaluation
  • How to sell Risk-based audits

  • CPE: N/A
  • Basic Delivery Method:Video Recording

2. Securing the Internet 

Webinar Objectives
This webinar is designed to provide the participants with an in-depth knowledge of the risks as well as the benefits of Internet connection.
Participants will learn of the tools and information sources available on the internet as well as the uses to which these might be put.

Webinar content

The webinar will cover the following areas:

  • Internet Threats
  • Protection Strategies
  • Internet security and privacy
  • Use of Digital Certificates
  • Client-side Security
  • Downloading threats
  • Firewalling and encryption
  • Formulating an Internet security plan
  • CPE: N/A
  • Basic Delivery Method:Video Recording

3. IT Security Reviews 

Webinar Objectives

Management, ever conscious of the company's reliance on the computer (both micro and mainframe), is increasingly looking to the auditor to address the risks in this environment. Many auditors are unfamiliar with the risk areas and control opportunities available. The module concentrates on logical security, the control mechanisms available to enforce logical security, and audit approaches, tools and techniques to carry out such reviews.

The objectives of the module are:

  •             To familiarize auditors with computer risk areas and security mechanisms.
  •             To provide auditors with an understanding of the building blocks of operational environments and operating systems.
  •             To provide auditors with an appropriate methodology for reviewing computer security.

Webinar Content

The Webinar will cover the following areas:
  • Computer risk areas
  • Criteria for effective security
  • Computer operations 
  • Applications security
  • Change control
  • Control over viruses
  • The "ACCESS" model
  • Tailoring the Operating System
  • Auditing operating environments
  • The role of security packages: RACF, ACF2, TOP SECRET
  • The internet and Firewalls

  • CPE: N/A
  • Basic Delivery Method:Video Recording

4.  Performance Auditing of the IT Function 

Webinar Objectives

A major component of all corporate budgets in the 2010s is the IT departmental expenditure. The primary reason for this is the potential contribution which the IT function can make to the competitiveness and bottom-line performance of the corporation.

Auditing in this area has traditionally been reserved for the specialist IT auditor.

In this webinar, participants will be introduced to the VFM techniques they require to permit a generalist auditor to evaluate the economy, efficiency and effectiveness of the IT function.

The objectives of the webinar are:

  •             To familiarize auditors with the Key Performance Areas within IT
  •             To introduce them to a VFMA methodology to determine whether the IT resources are being optimized
  •             To provide delegates with a complete VFMA audit plan for the IT function

Webinar Content

The Webinar will cover the following areas:

  • Background and objectives of VFMA
  • Operational auditing methods and techniques
  • Major operational areas in IT
  • Risks and control opportunities
  • Economy of resource utilization
  • Efficiency determination of the key performance areas
  • The quantification of effectiveness
  • Implementing the VFMA audit programmer
  • Performing the audit and following-up
  • CPE: N/A
  • Basic Delivery Method:Video Recording

5. Managing the IT Audit Function 

Webinar Objectives

IT Audit has developed into a maze of specialties with technical specialists requiring ever more specialized training.

This webinar is designed to assist audit management to refocus their IS audit's efforts by identifying high-impact audit areas and sourcing the resources required to carry out the audit plan.

By the end of this webinar the attendee will be able to :
  • Distinguish between the varying types of computer fraud, their nature and effect
  • Identify likely fraud indicators
  • Audit for computer fraud
  • Establish a Corporate Risk Profile
  • Structure an anti-fraud security environment
  • Distinguish between fraud and forensic auditing
  • Identify the requirements to ensure that audit evidence is acceptable as legal evidence
  • Identify the requirement and effect of reporting sensitive issues

Webinar Content

The webinar will cover the following areas:
  •             The Scope of IT Audit
  •             Narrowing the perspective
  •             Objective setting
  •             Staffing and recruiting
  •             The use of audit automation
  •             Skills and training
  •             Measuring effectiveness
  •             The role of the Specialist
  • CPE: N/A
  • Basic Delivery Method:Video Recording