Information Systems Auditor Practical Approach Training

The Information Systems Audit Practical Approach course from InfosecTrain is majorly focused on providing candidates with hands-on experience in Information Systems Audit.

This course is specially designed for candidates preparing for various IT audit certifications like CISA, CISM, CISSP, ISO27001, DISA, etc. It will provide you with practical exposure to the IT audit field and teach you the key skills that an auditor must possess.

The Information System Audit Practical Approach course from InfosecTrain is for security professionals who audit, monitor, and assess an organization’s information systems and business activities.

Organizations need audit specialists with the expertise to identify significant challenges and security threats. This course will provide the candidate with auditing experience, knowledge, and skills to evaluate vulnerabilities, report on compliance, and institute controls within the enterprise.

Course Curriculum:

• Understand the Context
• Discussion on Risk Assessment to understand IT strategy and governance model of the company. (Sample Risk Assessment Report will be discussed)
• Conduct planning meetings with process owners / vendors for process understanding
• Audit Scoping and Planning
• Understanding of Current State Assessment (As-Is) of controls in audit areas
• Obtain additional information on applications, systems, tools and data
• How to prepare Initial Data Requirement (IDR) for audit
• How to prepare a customized Risk Control Matrix (RCM) for Audit
• Fieldwork – Controls Design
• How to review or evaluate documents / evidences received from the company and vendors
• Perform sample-based testing of security processes
• Raising additional requirement list for effectiveness testing (if required)
• Document understanding of processes and controls
   
• Fieldwork –Testing
• Gap assessment-identify gaps against the framework
• Gain preliminary agreement on facts / findings.
• Reporting
• Preparation and distribution of the draft report
• Conduct a closing meeting to agree action plans, owners, and target dates
• Integrate feedback and finalize the audit report, which would include a remediation roadmap
• IT Audit Interview Preparation

Pre-requisites:

• The course is designed for freshers who are interested in IT Audit. Basic knowledge of MS Office (Excel, Word, PowerPoint) is required to analyse the data and prepare the draft report.