HG62: Comprehensive IS Audit with Case Studies Seminar

(2 days, 16 CPE credits, $1200)
Please click: Here for Registration Form

For more information on seminar dates, locations, and hotels, and how to register, please click here:
Schedule/Registration/Locations/Hotels for IS Audit Training

This course makes you a better auditor. It uses case studies to stretch your problem-solving ability and to increase your technical knowledge. It will help you develop a creative, practical, and consultative approach to your audits.

If you have found that audits tend to become rote exercises following canned routines, this

seminar will show you how to enhance your current methods with systematic problem-solving techniques that you can apply to any audit. It will also show you how to conduct IS audits that provide outstanding support to the financial audits.

Because each audit is different and can't always be addressed effectively using just checklists, this course shows you how to add value by treating each audit as an interesting challenge. The outlook and approach you learn here will add to your current checklists and methodologies, while making your audits less boring.

This class provides you with technical training for many types of audit, and for many different types of computer. The extensive exercises will re-inforce the technical details you learn, as well as show you how to think through the most effective approach for any type of audit. Technical topics covered include: UNIX, Windows, mainframe computers, and networks. Types of audit include: security, performance, application controls, compliance, and business resumption, and management controls.

(Please note that not every exercise and not every technical topic will be addressed in each class session. Topics to be covered will be selected based on the individual needs of class members.)

HG62: You Will Learn How to:

  • Conduct a wide variety of IS audits, including security, performance, compliance, and efficiency
  • Link the IS audit to the financial audit
  • Conduct IS audits that add value with meaningful findings and practical recommendations
  • Conduct audits involving different types of computer, including UNIX, Windows, and mainframes
  • Audit computer networks
  • Audit in a way that is practical and problem-solving instead of rote filling out of forms and canned procedures
  • Address any audit with a fresh eye and a structured, systematic approach

The workbook is a valuable reference, and includes complete audit programs.

Who Should Attend HG62: Comprehensive IS Auditing with Studies?

Class Outline

I     Concepts and Keywords	
	A.     Introduction	
	B.     What is an IS Audit	
		Considerations When Evaluating Controls for Q1	
		Considerations When Evaluating Controls for Q2	
		How IS Audits Relate to Financial Audits
	C.     What You Need to Know About Computers	
	D.     IS Audit Process: Planning, Scoping, Work Papers	
	E.     The Data Center	
	F.     IS Audit Process: Standards and Objectives	
	G.     Distributed Data Processing	
	H.     IS Audit Process: Evidence Collection and Analysis	
	I.     Networks	
	J.     IS Audit Process: Verification and the Closing Meeting	
	K.     Summary	
	L.     Audit Rules	
	M.     How the Case Studies Work	

II.     The Scenarios	
	A.     Application Controls Review	
	B.     Data Center Audit: Physical Security	
	C.     Data Center Audit: Management Controls	
	D.     Security Audit	
	E.     Network Audit	
	F.     Business Resumption (Disaster Recovery) Plan Audit	
	G.     Chargeback System Audit	
	H.     Firewall Audit	
	I.      HIPAA Compliance Audit			
	J.     What Good Audits Have in Common
III.   Forms and Reference
	A.     Basic Security Model	
	B.     Sample Documents and Writing Tips
	C.     Examples of Various IS Audit Types
		IT Organization and Management
		IT Process	
		IT Security	
		IT Software Development, Acquisition, and Maintenance
	D)     Explanations of Various Types of Computer
		Personal Computers	
		The Internet	


Please note that these seminars are available for In-House Sessions.

You can save more money by learning about our seminar Discounts

Return to Top of Page         Return to Home Page

Stu Henderson offers MVS security audits, consulting, seminars, articles, and other information sharing related to information security and auditing. His consulting includes: security reviews, risk assessments, RACF implementation assistance, and Information Technology audit technical counseling.
His most popular seminars provide: RACF training, mainframe audit training including MVS and z/OS audit training. His RACF seminars include: "Effective RACF Administration", "Advanced RACF Administration", and "UNIX (USS) for RACF Administrators".
His audit seminars include: "How to Audit MVS, RACF, ACF2, TopSecret, CICS, DB2, and MQ Series Security" and the follow-on "How to Audit z/OS with USS, TCP/IP, FTP, and the Internet", as well as "How to Audit UNIX and Windows Security" and "How to Audit TCP/IP Security".
Information on class location and schedules, as well as articles, links and other useful information sharing may be found on his website at www.stuhenderson.com