Register for the Whole of the First Series
Webinar Overviews and Individual Bookings
Fundamentals of IT Auditing
- Thursday
31 August
2023
The webinar covers basic concepts of computing, primary types of computer systems, the
risks and controls and audit usage of computers. You will gain the confidence of
understanding the jargon and knowing that questions you put to auditees are addressing the
real issues. The attendee will also realize the difference between jargon answers and evasive
answers.
On using the knowledge you have gained, you will discover a greater
level of acceptance by Information Technology staff and users due to your increased
comprehension. This can be immediately translated into more effective and efficient audits
and a greater contribution to the organisation.
By the end of this
webinar the attendee will be able to:
- Understand the jargon of the computer world
- Differentiate between types of systems and their major risk elements
- Understand how computer systems are constructed and how this can
influence the eventual running in the business environment
- Utilize this knowledge to gain a greater acceptance by computer-literate
auditees
- Identify the role of the IS audit specialist
- Identify potential areas for the audit use of computerized technology
Webinar Contents
This two-hour webinar is designed to provide
the participants with an in-depth knowledge and experience of:
- Technology and audit
- Control objectives and risks
- Batch and on-line systems
- Programming computers
- Database systems
- Computer risks and exposures
- Computer security
- Application systems and their development
- Computer operations controls
Today's IT auditor is increasingly being faced with a multiplicity of database
management systems (DBMSs). Since each of these affects not only the control concerns of
the IT systems due to the concentration of risk, but also the control and audit
opportunities due to the increased control and audit tools, it has become critical that
auditors understand their role and criticality.
This two-hour webinar is designed as an intermediate course to introduce auditors to the
risks and exposures specific to a business operating in a Database Environment and
indicates the unique control opportunities as well as the wide range of audit tools
available.
By the end of this webinar the attendee will be able to:
- Identify the differing types of database structures, their principal components, and the
threats to them
- Relate DBMS components to the operating system environment in which they operate
- Identify potential control opportunities and select among control alternatives
- Recognize vulnerabilities in multiple DBMS environments and make appropriate
recommendations
- Select the appropriate audit tool and technique to meet a given audit objective
Webinar content
The webinar will cover the following areas:
- Database types
- Sequential
- Hierarchical
- Network
- Inverted File Structures
- Relational Models
- Control opportunities in a database environment
- Database tools and techniques
- Auditing IMS; IDMS; ADABAS; DB2; DATACOM;
Oracle; Access
Audit use of CAATs -
Thursday September 14 2023
In order to audit in today's complicated, computerized environment, the auditor must
frequently utilize computer technology himself. This may take the form of auditing the
computer applications themselves, utilizing computerized techniques to obtain information
about non-computerized business areas and extracting and manipulating data from
computerized systems. As such it becomes imperative that auditors be familiar with the
types of computerized audit tools and techniques available, their advantages and
disadvantages and be comfortable with their use.
This two-hour webinar is designed to give specialist IT
auditors practical experience in both the selection of an appropriate CAAT as well as
experience in running CAATs and interpreting results.
By the end of this webinar attendees will have an in-depth knowledge of:
- The nature and usage of CAATS
- Methods for determining the appropriate CAAT
- Usage of differing types of CAAT
- Interpretation of results
- Verification of CAAT results
Webinar Content
The Webinar will cover the following areas:
- System testing techniques
- Computerized application systems
- Non-computerized systems
- CAAT types
- Source code review
- Use of Test Data
- Parallel Simulation
- Integrated Test Facilities
- Snapshot Techniques
- SCARF
- Retrieval Software
- Generalized Audit Software
- Specialized Audit Software
- Utility Software
- ACL
- IDEA
Business has become increasingly dependent on computers to
survive on a day-to-day basis. If these systems become unavailable for a significant period or if the integrity of the
data they process is prejudiced, the very survival of the organizations which depend on
them may be at serious risk. No busy manager likes to spend time contemplating the worst which could befall the
company and anyway, disasters happen infrequently and always to someone else.
This two-hour webinar puts Computer Disaster Recover Planning firmly in its place as part of the
Corporate Survival Program and highlights the auditor's role in ensuring the viability of
the corporate Contingency Plan.
Webinar Objectives
The objectives of the webinar are to provide attendees with the tools and techniques
needed in their own environments to:
- Assess the corporate risks
- Identify their audit strategies
- Establish their priorities
- Develop their Audit Plan
- Evaluate and test their Corporate Disaster Recovery Plan
Webinar Content
The Webinar will cover the following areas:
- What is a Disaster?
- What is a Disaster Recovery Plan?
- Who is Accountable?
- What are the Options?
- What is the cost?
- How can a C.P. be tested?
- What is Management's Role?
- What is the User's Role?
- What is the Information Services Role?
- What is the Internal Auditor's Role?
IT
Fraud and Countermeasures - Thursday
September 28 2023
IT fraud is presently a major growth area within
our corporations. This two-hour webinar is designed to assist auditors and management in the design and
implementation of an IT architecture which minimizes the possibilities of fraud and
maximizes the probability of detecting fraud.
By the end of this webinar the attendee will be able to :
- Distinguish between the varying types of computer fraud, their nature and effect
- Identify likely fraud indicators
- Audit for computer fraud
- Establish a Corporate Risk Profile
- Structure an anti-fraud security environment
- Distinguish between fraud and forensic auditing
- Identify the requirements to ensure that audit evidence is acceptable as legal evidence
- Identify the requirement and effect of reporting sensitive issues
Webinar Content
The webinar will cover the following areas:
- The nature of computer fraud
- The Corporate risk profile
- Computer fraud techniques
- Why computer fraud and who commits it?
- Fraud auditing
- Fraud awareness
- EDI and fraud
- The expectation gap
- Forensic auditing
- Sources of evidence and audit tools
- Legal evidence
- Reporting sensitive issues
Who should attend
The series is aimed primarily at auditors, both internal and external, who are
beginning their career in Computer Auditing or who wish to understand the complexities and
vulnerabilities of computer systems. The series
builds rapidly to shorten the time period to productivity and
effectiveness.
Webinar
Leader
Richard was Chairman
of the Audit Committee of Gauteng cluster 2 (Premier's office,
Shared Services and Health) in Johannesburg and is currently the
Chairman of the Audit and Risk Committee of the Department of
Public Enterprises in South Africa.
He is also a
visiting Lecturer at the University of the Witwatersrand, author
of the book Internal Auditing - an Integrated Approach,
published by Juta Publishing and now in its 3rd
edition. This book is extensively used as a university textbook
worldwide. In addition,
he is the
author of the "Auditor's Guide to IT Auditing" published
by Wiley Publishing, now in its 2nd edition
and the book "Corporate
Fraud and Internal Control: A Framework for Prevention",
also Wiley Publishing. He is also a contributor to
all 4 editions of QFINANCE,
the UItimate Resource,
published by Bloomsbury, and the author of "Data Analytics for
Internal Auditors" published in 2017 by Auerbach. He is also the
author of "The complete Guide for CISA Examination
Preparation". |