" rel="stylesheet">
Skip Main Navigation
Page Content

Looks like this event has already ended.

Check out upcoming events by this organizer, or organize your very own event.

View upcoming events Create an event

IT Auditing for the Non-IT Auditor with Raven Global Training (8 CPE)

Institute of Internal Auditors

Thursday, January 10, 2013 from 8:00 AM to 4:30 PM (EST)

Ticket Information

Ticket Type Sales End Price Fee Quantity
Member Ended $150.00 $4.74
Non-member Ended $175.00 $5.37

Who's Going

Loading your connections...

Share IT Auditing for the Non-IT Auditor with Raven Global Training (8 CPE)

Event Details

It's the course you have all been waiting for!


Course Overview:

This course covers the basics of Information Technology (IT) auditing with a focus on general and application controls testing.  It is designed for business auditors who are not IT experts who are beginning to integrate IT testing into their business audits or beginning to specialize in IT auditing.  Attendees will learn how to plan, test, and communicate the results of the audit to both IT and business owners. During this course, you will acquire baseline knowledge for IT general and application control concepts and skills and their importance and relationship in your business processes.  You will learn the fundamentals of issues concerning IT controls and the scope of IT risks that must be addressed in today’s business environment. Attendees will learn using a variety of techniques, including lectures, group discussions, and case studies.


Who should attend:

  •  Operational, financial, and compliance auditors interested in learning about the auditing of IT general and application controls.
  •  Auditors new to IT auditing
  •  Auditors practicing Integrated Auditing

 Learning Objectives:

  •  Learn about General and Application Controls
  •  Learn to identify risks and controls of IT and its impact on business processes
  •  Learn tests of IT controls that any auditor (operational, compliance, financial) can perform
  •  Learn to communicate IT components of audit results, gain agreement from IT and Business Owners, and monitor remediation efforts


Course Outline (8 CPE):

 1.      Introduction to Information Technology Auditing

  • Concepts and definitions
  • Control frameworks (COSO, COBIT, Netcentric, FISCAM, NIST Special Publication 800-series on Security Controls for Federal Information Systems, GAIT, GTAG)
  • Statements on Auditing Standards No. 109 and related IT risks and control objectives
  • Role of Internal Auditors for IT and IIA standards and practice advisories


2.      General and Application Risk Assessments [Case Study: Business & IT Risk Assessment]

  •  Understand the IT risks and continue to build on identified control frameworks
  • Explore General and Application controls and their importance in core business processes, including the initiation, authorization, processing, summarization and reporting of critical business functions and data
  • Explore the relationship between general and application controls


3.      Define General Controls and Controls Objectives

  •  Types of General Control audits (security management, change management, disaster recovery/business continuity planning, IT governance, IT infrastructure)
  • Global Technology Audit Guide (GTAG)
  •   Guide to the Assessment of IT General Controls (GAIT)


4.      Defining Application Controls and Application Control Objectives

  •   Input Controls
  •   Processing Controls
  •   Output Controls


5.      Types of Application Controls


  • Embedded and configurable controls
  • Input, processing, and output controls
  • Integrity controls
  • Preventive and detective controls
  • Balancing and file version controls
  • Application recoverability controls


6.      Planning IT General and Application Control Audits [Case Study: Identify IT Controls & Defining Tests]


7.      Communicating Audit Results to Business Process Owners and IT

  •  Selling the audit results
  •   Monitoring remediation activities


Have questions about IT Auditing for the Non-IT Auditor with Raven Global Training (8 CPE)? Contact Institute of Internal Auditors

When & Where

Lilly Corporate Center

Indianapolis, IN 46285

Thursday, January 10, 2013 from 8:00 AM to 4:30 PM (EST)

  Add to my calendar
IT Auditing for the Non-IT Auditor with Raven Global Training (8 CPE)
Indianapolis, IN Events Class

Please log in or sign up

In order to purchase these tickets in installments, you'll need an Eventbrite account. Log in or sign up for a free account to continue.