Auditors have a general requirement to provide management and business process owners with assurance and advice regarding designed and deployed controls in an entity to
- render reasonable assurance that relevant control objectives are being met
- identify where there are significant weaknesses in those controls,
- substantiate the risk that may be associated with such weaknesses; and
- proffer corrective actions for detected control weaknesses.
Various institutions enable the design and operation of clear policies and good practices to control information and related technologies. Considering the suggested information controls, firmly basing the information technology (IT) audit system on control objectives removes subjectivity from the audit conclusion, replacing it with authoritative criteria.
Generally accepted assurance standards, guidelines, and procedures permit preparing audit plans that address the entity’s control framework and control objectives. They should be used considering the control framework and objectives and developed into specific audit programs. However, commonly, they are neither exhaustive nor definitive. Thus, all generally accepted assurance standards, guidelines, and procedures may not apply and require tailoring to the specific environment.
Individual audit objectives and practices vary considerably from entity to entity. There are many practitioner types in audit-related activities, such as external auditors, internal auditors, self-assessment evaluators, quality reviewers, and security assessors. For this reason, the audit process must be adaptive in utilization and high-level in structure. <,p>
Why Should You Attend:
This seminar facilitates an understanding of IT auditing standards and guidelines associated with performing IT assurance services and accepted areas of risk for most organizations through exposure to The Davis Adaptive IT Auditing System. The Adaptive IT Audit System seminar presents guidance following the general structure of planning, studying, testing, reporting, and follow-up. This structure can be applied broadly or narrowly defined IT audits.
IT audit area mastery reflects professional experience and training. Regarding subject knowledge, this seminar contains a detailed preparation, documentation, and presentation system for IT audits, which can be translated, if practiced, into an exceptional professional experience. An adaptive IT audit system enables the auditor to examine specific IT audit areas against strategic, tactical, and operational control objectives, thus assuring management where controls are sufficient or advising management where audited areas need improvement.
Areas Covered::
- Building the IT Audit Project Plan
- Finalizing the IT Audit Project Plan
- Studying the IT Audit Area’s Controls
- Evaluating the IT Audit Area Controls
- IT Audit Test Preparation
- Evaluation of the IT Audit Tests
- Review of the IT Audit Findings
- Initializing the IT Audit Report
- Review of the IT Audit Responses
- IT Audit Follow-Up Course of Action
In-Person Seminar going Virtual with increased learner satisfaction.
Yes, attend this seminar from anywhere. We are making it real and more interactive – Here's a sneak peek:Our enhanced delivery process and technology provides you an immersive experience and will allow you to access:
- The real-time and live presentation as in in-person events
- Private chat for company-specific conversation – the same as you would get in an in-person seminar
- Opportunities to connect with your peers to share knowledge at a different time and have group discussions
- Live workshop activities
- Live Q&A during the event and offline Q&A assistance after the event
- As usual more content, activities and case studies and now adding homework for a comprehensive understanding
- Certification
Who will Benefit:
- Information Technology Auditors
- Financial Auditors
- Operational Auditors
- Control Assessors
- IT Professionals
- Information Security Professionals
- Risk Management Professionals
- Financial Officers
- Continuity Planning Professionals
- Compliance Professionals
- 8:00 – 8:14: Introduction, Meet & Greet
- 8:15 - 8:59
- IT audit objectives and ambit
- Organizational objectives
- Organizational practices
- 9:00 - 9:44
- IT audit materiality
- IT control assessment
- IT audit risk assessment
- 9:45 - 9:59: Break
- 10:00 - 10:29
- Test materiality
- Test evidence
- IT audit team selection
- 10:30 - 10:59
- IT audit Internal Control Questionnaire
- IT audit work program
- IT audit plan
- 11:00 - 11:59
- Engagement letter preparation
- IT audit opening conference
- Communication distribution
- 12:00 - 12:29: Lunch Break
- 12:30 - 12:59
- Internal control system
- General Controls
- Application Controls
- 1.00 – 1.44
- Laws & Regulations
- External control system
- Identify IT Audit Evidence
- 1.45 – 1:59: Break time
- 2.00 – 2.29
- Reassess Audit Risk
- Reassess Planned Audit Testing
- Determining control objective achievement
- 2.30 – 3.00
- Q/A session, verbal interaction
- 8:00 AM: Module 5
Implementing Supplier Controls- Receiving Inspection
- Risk-based audits
- Purchasing Data, Documentation
- Control Plans
- Quality Agreements
- Approved Supplier List (ASL)
- 9:30 AM: Break
- 10:00 AM: Module 6
Supplier Auditing- Audit teams
- Audit objectives
- Remote Audits
- 11:30 AM: Break
- 11:45 AM: Module 7
Performance Management- Supplier scorecards
- Standard metrics
- Maturity Models
- Supplier Reviews
- Supplier Corrective Action Requests (SCARs)
- Corrective and Preventive Action
- Feedback and Communication
- 1:15 PM: Break
- 1:30 PM -3:00 PM: Module 8
- Lessons Learned
- Inspection Readiness
- QSIT (Quality System Inspection Technique)
- Conclusions
Robert Elliot Davis,
Professor, Temple and West Chester University
Dr. Robert Elliot Davis, CISA, CICA, is a senior audit manager/consultant, a freelance author, and a university-level professor. His unique qualifications encompass over thirty years of internal control practice and scholarship experience. Dr. Davis has provided data security consulting and information systems auditing services to highly regarded government agencies and corporations of various employee sizes. His past teaching experience includes positions with Temple University, in the MS in IT Auditing and Cyber-Security program, and the undergraduate programs at Bryant & Stratton College and Cheyney University. He has also served as a Temple University MS in IT Auditing and Cyber-Security Advisory Councilmen and CISA in Residence. Dr. Davis obtained a BBA in Accounting and Business Law, an MBA in Management Information Systems, and a DBA in Information Systems Management from Temple, West Chester, and Walden University. Moreover, Dr. Davis acquired the ISACA CISA certificate and was conferred the CICA certificate by the Institute for Internal Controls.
Register Now
Online using Credit card
Get the Invitation
Pre-Register yourself and get the official Invite when venue and dates are announced for this seminar.
Call here to register +1-888-717-2436 or email at [email protected]
Other Registration Option
- Download the Order Form
- Fill this form with attendee details & payment details
- Fax it to +1-650-362-2367, or
- Email it to [email protected]
Payment Mode
ComplianceOnline (MetricStream, Inc),
6201 America Center Drive Suite 240
San Jose, CA 95002
USA
Register / Pay by Wire Transfer
Please contact us at +1-888-717-2436 to get details of wire transfer option.Terms & Conditions to Register for the Seminar/Conference/Event
Your registration for the seminar is subject to following terms and conditions. If you need any clarification before registering for this seminar please call us @ +1-888-717-2436 or email us @ [email protected]
Payment:
Payment is required 2 days before the date of the conference. We accept American Express, Visa and MasterCard. Make checks payable to MetricStream Inc. (our parent company).Cancellations and substitutions for In-person Seminars:
Written cancellations through fax or email (from the person who has registered for this conference) received at least 10 calendar days prior to the start date of the event will receive a refund - less a $300 administration fee. No cancellations will be accepted - nor refunds issued - within 10 calendar days before the start date of the event.On request by email or fax (before the seminar) a credit for the amount paid minus administration fees ($300) will be transferred to any future ComplianceOnline event and a credit note will be issued.
Substitutions may be made at any time. No-shows will be charged the full amount.
We discourage onsite registrations, however if you wish to register onsite, payment to happen through credit card immediately or check to be submitted onsite. Conference material will be given on the spot if it is available after distributing to other attendees. In case it is not available, we will send the material after the conference is over.
In the event ComplianceOnline cancels the seminar, ComplianceOnline is not responsible for any airfare, hotel, other costs or losses incurred by registrants. Some topics and speakers may be subject to change without notice.