" rel="stylesheet">
Skip Main Navigation
Page Content
This event has ended

IT Auditing for the Non-IT Auditor

The Institute of Internal Auditors (IIA) - Baltimore Chapter

Friday, October 21, 2011 from 8:30 AM to 5:00 PM (EDT)

IT Auditing for the Non-IT Auditor

Share IT Auditing for the Non-IT Auditor

Event Details

Course Summary:  Regardless of background, all internal auditors should have a basic knowledge of IT auditing sufficient to understand basic concepts, IT terminology, and how IT auditing is integral to general auditing.  There is no complete view of one without knowledge of the other.  This one day course will take non-IT auditors through the basics of IT auditing.  It includes the following topics: IT risk assessment, general computer controls, pre and post implementation audits, auditing application systems, auditing security, segregation of duties, and spreadsheets. 


Speaker: Danny Goldberg, CPA CIA CISA CCSA CGEIT 


Speaker Bio: Danny is a well known professional speaker who has taught across the nation at numerous IIA and ISACA sponsored events.  He is a Director at Sunera, an international corporate governance, risk management, and regulatory compliance firm.


Time: 8:30 AM – 5:00 PM (registration begins at 8:00 AM); lunch is included


CPE Credits: 8


Course Detailed Description:

Learning Level: Basic/Intermediate

Who Should Attend: Financial and operational auditors with any amount of experience that want to further understand IT Auditing.


I. Introduction and Background


2.Topics to Cover

II. IT Risk Assessment

1.What is an IT Risk Assessment?

2.Understanding the IT Environment

3.IT Risk Frameworks

4.The Audit Plan

5.Mapping the IT and Business Environment

6.Heat Maps

III. General Computer Controls 

1.Information Security

2.IS Operations

3.Application System and Maintenance

4.Database Implementation and Support

5.Network Support

6.System Software Support

IV. Pre and Post Implementation Audits

1.Key Concepts

2.Project Risk Management

3.Pre-implementation Review

4.Post-implementation Review

V. Auditing Application Systems

1.General Areas of Risk

2.Auditing Application System Approach

3.Application Configuration

4.Input Controls


6.Transaction Processing



9.Data Interfaces and Conversions


VI. Auditing Security

1.Information Security Governance

2.User Access Administration

3.Technology Based Access Security Controls

4.Secure Systems Development

5.Incident Response

6.Remote Access and Third Parties

7.User Awareness and Training

8.Physical Security

9.Legal and Regulatory Compliance

VII. Segregation of Duties

1.General Categories of Duties

2.Comprehensive Example – Purchasing

3.Segregation of Duties in IT Functions

4.SoD Design Concepts

5.Mitigating and Compensating Controls

VIII. Spreadsheets 

1.Spreadsheet Testing Guidance

2.Spreadsheet Assessment


Have questions about IT Auditing for the Non-IT Auditor? Contact The Institute of Internal Auditors (IIA) - Baltimore Chapter

When & Where

The Conference Center at the Maritime Institute
692 Maritime Boulevard
Building #3 – Bridgeroom
Linthicum Heights, MD 21090

Friday, October 21, 2011 from 8:30 AM to 5:00 PM (EDT)

  Add to my calendar
IT Auditing for the Non-IT Auditor
Linthicum Heights, MD Events Class

Please log in or sign up

In order to purchase these tickets in installments, you'll need an Eventbrite account. Log in or sign up for a free account to continue.