IT INTERNAL AUDITOR

(IT ASSURANCE PROGRAM)

 

  Overview

Is the enterprise IT system secure and ready when requested? Are data and information in the business easily exposed? Is the information provided by the IT system always accurate, reliable and timely? All important matters related to IT security and confidentiality will be examined and evaluated in detail by the role of the IT Internal Auditor.

IT Audit is the design evaluation and control of the efficiency of an IT system. Includes security protocols, development processes, monitoring and IT governance. The IT mission is to install IT control tools. However, that is not enough to provide adequate security. Security personnel must periodically review installed and used controls, see if they are effective, or if any security breaches occur immediately. to prevent any violation going on in the future. These requirements must be checked and reported by observers, independent and impartial. These observers are performing by an IT Internal Auditor task.

Infochief's Internal IT Audit Course is built on the enterprise information security and privacy assessment. Courses are for auditors, IT managers, project managers, consultants, information security personnel, risk managers, IT procurement specialists and executives. Requires students who have worked on at least one major IT system with experience in development, operations management, and IT procurement.

  Objectives

- Have the knowledge and standardized method of performing IT audit based on international standard knowledge.
- It is possible to organize the implementation of internal IT audit according to international best practice standards.
- Improving self-efficacy and creating added value for the organization.
- Plan and implement auditing activities within the organization.
- Determine the appropriate IT audit scope.
- Schedule management meetings to understand IT processes and policies.
- Identify serious risks to IT assets and propose corrective steps to minimize risks.
- Determine audit priorities and the time required to complete each IT audit task.
- Observe the IT audit standards established by the company's audit department.
- Ensure that previous IT audit recommendations are addressed and implemented.
- Development of well-executed IT audit reports including results and recommendations for risk management.
- Maintain clear and complete IT audit documentation.

  Participants

 i.   IT Auditor
ii.   Internal Audit Professional (Internal Audit)
iii.  IT Senior Manager
iv.  Assistant Manager / IT Manager
v.   IT Supervisor
vi.  Infrastructure Manager (IT Infrastructure)
vii. IT Team Leader

  Contents

Module 1. IT Internal Auditor Role
01. What Is IT Audit?
02. Roles And Responsibilities Of IT Auditor
03. Professional Ethics IT Auditor
04. Mindset Of Internal IT Audit
05. IT Quality Audit Standards
06. The Key To Successful IT Audits
07. Development of Audit Career

Module 2. Technology, Management & IT Governance
01. IT System Architecture
02. Auditing Process
03. IT Governance
04. System Life Cycle & IT System Development
05. IT Services, IT Operation & IT Maintenance
06. Protecting Information Assets
07. Disaster Recovery Plan & Business Continuity Plan (DRP & BCP)

Module 3. Information Security
01. IT Asset Security
02. IT Staff Security
03. Physical And Environmental Security
04. Operational Security
05. Access Security
06. Development & Software Maintenance
07. Deal With IT Incidents
08. Continuous And Preventive Activities

Module 4. IT Risk Assessment
01. What Is The Risk In The IT System?
02. What Are The Threats And Pitfalls Of IT Systems?
03. Countermeasures
04. IT Risk Management Procedures
05. List The Assets And Current Status Of IT Risks
06. Determine The Scope Of Influence Of The Property
07. Analyze The Probability Of Occurrence
08. IT Risk Levels
09. How To Deal With IT Risks
10. Assign The Responsible Person

Module 5. IT Audit
01. Development Of IT Audit Plan
02. IT Risk Assessment
03. Perform IT Audit
04. Methods Of Surveying And Evaluating IT
05. Questioning Technique In IT Audit
06. Method Of Gathering And Sampling Data
07. Technique For Evaluating Risk And Analyzing Impact
08. Evaluating The Evidence (Poor / Good / Excellent)
09. Write Audit Report And Follow Up
10. Presentation Of IT Audit Results

Module 6. IT Audit Practices
01. Auditing Computers & Peripherals
02. Server Server Audit
03. Internal And External Network Audit
04. Audit Data Storage Operations
05. Audit Software Development
06. Audit Software Support
07. Audit Database Management
08. Audit Information Security
09. Audit Change Management IT System
10. Auditing IT Project Management Activities
11. Audit IT Service Level (Sla)
12. IT Personnel Audit

Material:  The standard materials of the Infochief institute (Vietnamese language)

  Training methods

The experts will apply the following training methods to convey the contents:
   i.  Open discussion
   ii. Case study
   iii. Self-assessment
   iv. Mini-lecture

Difference of the training methods at Infochief

- Coaching based on the actual management models
- Practice training in line with the requirements of each position
- 100% is to practice the actual skills required by the daily work at the workplace
- To assure that after the training course, learners are confident at their work
- Senior staff are given priority for being introduced to our partners

Upon completion of the course : It is a must for the learners to complete a project at the end of the course, the aim is to assess the ability to apply the training contents to the actual working environment

Graduation certificate : To be granted by INFOCHIEF with national validity