Itgc Audit It Audit Online Training

 

Vlr Training 9059868766

 

COURSE CONTENT

 

1.     Audit:

·        What is IT Audit

·        Types of Auditors (Internal and External)

·        Different phases of IT Audit

·        Audit Opinions

·        Absolute vs Reasonable assurance

·        Types of Audits

2.     Risk

·        Risk Management

·        Stages of Risk Management

·        Risk Identification

·        Risk Assessment

·        Risk Monitoring

·        Risk Strategy

3.     Audit Phases

·        Planning

·        Fieldwork (TOD& TOE)

·        Review & Reporting

·        Follow-up

4.     Control Life Cycle

5.     Type & Nature of Internal Controls

6.     Risk & Control       

7.     Audit frameworks & Standards

8.     Walkthrough:

·        How WT Conducted

·        Test Of Design (TOD)

·        Walkthrough Questionnaire

9.     Audit Population, Audit Techniques, TOE

10.                      Sampling Methodology:

·        How many samples need to pick while doing TOE

·        Different sampling techniques

·        Automatic Tools for sampling

11.                      Identity and Access Management Business Process

·        User Access Provisioning

·        User Access De-provisioning

·        User Access Reviews (Access Re-certification)

·        Privileged User Access

·        Password Configurations/ System Authentication

·        Segregation of Duties check, SSO, MFA, Authentication & Authorization

12.                      Change Management Business Process

·        SDLC, STLC

·        Change Authorization

·        Change Approval

·        Risk Control Matrix (RCM) of Change Management

·        Critical/Emergency Changes and how to handle those?

·        SoD – Segregation of Duties

·        Version Management/Source Code Management

·        What is Production, test and development environments? What is the difference?

·        UAT/System testing/Integrated testing

·        Post Implementation Review

·        Check list auditor has to verify while conducting audit

·         Vlr Training 9059868766

13.                       Incident Management:

·        Types of Incidents

·        Incident Management process

·        Auditor Check list while doing audit

·        Problem Management

·        Incident vs Problem Management

14.                      Patch Management

15.                      Back up Management

·        What is Back-up

·        Backup Restoration periodicity

·        Different types of Backups

·        Preferable Backup method in case of cyber attack

·        Backup retention period

·        How to maintain Backup register (To track status of backup)

·        Re-run procedures

·        Audit check list while verifying backup controls

16.                      Job Scheduling and Job monitoring

17.                      Business Continuity Management System

·        BCP

·        DR

18.                      SOX Sections & Types of SOC Reports

19.                      Physical Security Controls

20.                      Endpoint Security