IT AUDITING BASICS

The objective of this course is to provide a general overview of IT Auditing, within the context of today’s business environment that is highly dependent on IT. At the end of the course, participants are expected to understand the value of IT and IT controls in Business Operations and Strategy, and they will also understand Information Systems control and auditing frameworks.

PART 1: IT Auditing within the Broader Audit Organization  Why IT Auditing is Needed  Emerging IT Risks in the Business Landscape  Emerging IT Risks in small and medium enterprises  Organization of the IT Audit Function ¬¬ PART 2: Performing an IT Audit  Risk based IT Auditing  Performing an IT Audit  Classification of Audits  Audit Methodologies  Compliance vs Substantive Testing  Introduction to CAAT  Communicating IT Audit Results to a non-IT Audience PART 3: IT Governance and its impact to Organization IT Controls  Why IT Governance?  IT Governance Framework  IT Balanced Scorecard  How IT Strategy translates to IT Audit Strategy PART 4: Information Security Fundamentals  Importance of Information Security  Key Elements of Information Security  Inventory and Classification of Information Assets  Systems Access and Permissions  Mandatory and Discretionary Access Controls  Privacy Management  Information Security with Third Parties and Customers PART 5: Cybercrime – New Risks in today’s Business Environment  Review of the Changing Business Environment  A crash course on cybercrime – types and impact  Computer crime issues and exposure  Peer to Peer, Instant Messaging, Data Leakage and Web-Based Technologies  Security Incident Handling and Response Summary and Wrap up

Kristy Anne Abello, CISA PMP is currently a Senior Control Manager at Procter & Gamble (P&G) Global Internal Audit Department, with expertise in IT Audit and Consulting. She is also P&G’s Corporate Trainer for Effective Communications and Project Management and has taught these seminars to audit staff, managers and executives. She has also delivered various talks on communication and soft skills to several organizations.

Prior to her stint in internal auditing, she spent four years in application management and project management for Business Intelligence applications in P&G developing markets (Russia, Brazil, China, Middle East). She is also an entrepreneur and serves as the President and CEO of CDC Credit Corporation, a mid-sized microfinance corporation and is also the founder of Karpintero.com.ph, a newly launched technology start up that connects homeowners to construction service providers.