Practical Guide: Cyber & IT Auditing-Audit Planning

Are you interested in kick starting a career in IT auditing? Tired of learning IT auditing through theory and books? Then this is the perfect course for you! This is a condensed course to go over the basics and advanced concepts in IT auditing. The course is one of the first of its kind to not only cover concepts but to also walk you through practical examples and know-hows to conduct a Cyber and IT audit during the planning stages. The course will also introduce technical knowledge of IT processes/IT controls and IT systems to prepare you to become a knowledgeable auditor.

Your Instructor

Your instructor is a proven and skilled individual with over 6+ years of experience in big consulting, big4 accounting and big5 banks. Chris (The Technology Accountant) has worked in in-demand fields in consulting, advisory and assurance in Cyber and IT space. He holds a CPA (Chartered Professional Accountant), CISSP (Certified Information System Security Professional) and CISA (Certified Information System Auditor) designations and has taught over 20,000 students from 155+ countries on this platform.

Benefits to you

-Gain theoretical and practical knowledge of various auditing concepts and Cyber/IT controls/risk technicals

-Gain theoretical and practical knowledge and skills in creating your own Cyber and IT audit plan through practices;

  a) 40 practice exercise questions for IT planning, processes, risk/controls

  b) 15+ downloadable course templates and detailed information for your learning/practice

  c) 1 case assignment to test and practice your overall learning with step by step answer breakdown.

  d) Scenarios videos/practice questions in course lectures

-Gain expert knowledge and material from proven Instructor

Accomplished Goals

At the end of this course, you would gain the fundamental and practical knowledge and skills in IT Audits, Risks, Controls and Cybersecurity, you will also become prepared on how to plan an Cyber and IT audit with supporting real world examples/scenarios and templates. Lastly you will also gain technical knowledge of various IT and Cyber controls and technicals within this course to not only help you audit but also effectively plan your audits as a lead or future lead in your audit engagements.

Topics covered in this course include:

1) Introduction to IT auditing (what, how and why)

2) Basic auditing concepts

               -General Auditing Concepts/Terms

               -Risk Assessment

               -Control Types and Nature (ie automated, manual, preventative, detective, corrective, recovery, physical etc)

               - Control Design vs Operating Effectiveness

               - Audit Relationships (ie Client/Auditee, Stakeholder, Auditor)

               - Ethics and independence (ie Threats to Independence)

               -Internal vs External Auditing Differences/Similarities

               - Levels of Assurance (Reasonable, Absolute, No Assurance)

               - Types of Audits

3) IT standards and frameworks (ie COBIT, NIST, COSO, SOX etc)

4) Career paths with IT audit background

5) Audit activities and Audit lifecycle (Planning, Execution and Reporting)

6) Planning activities

7) Preplanning activities (Planning activities)

8) Understanding the client (Planning activities)

9) Defining scope and objectives (Planning activities)

10) Planning documentations (Planning activities)

11) Communication (Planning activities)

12) Intro to Cybersecurity (Technicals); Confidentiality, Integrity and Availability Cyber principles etc

13) IT and Cyber Processes and Controls (Technicals); Vendor Mgmt, Change Mgmt, Security Configuration, Logging & Monitoring, Access Management, Incident Management etc)

14) IT and Cyber Risk

Note: This is Part One of the series and this lesson will cover all the topics related to planning an IT audit. Other parts of the series will cover IT audit execution/fieldwork and reporting. The objective of this course is to prepare and enable individuals for on-the job success and practical knowledge/skills. This course Is not focused on the CISA certification but CISA aspirants will still gain benefits, knowledge and skills to understand Cyber and IT audit concepts for exam preparations.