Webinar Overviews and Individual Bookings
Advanced IT Audit Risk Analysis for Auditors
- Thursday October 3 2023
Those planning Internal Auditing department
activities face the recurrent task of allocating expected resources to
an apparently ever-expanding universe of demands. One means to focus
limited resources in a structured way is the use of appropriate risk
analysis techniques.
This webinar provides auditors and
audit management with a structured approach to risk management and
internal risk assessment; risks in computer systems and the use of computerized
risk assessment tools are also addressed.
Webinar Contents
This two-hour webinar is designed to provide
the participants with an in-depth knowledge and experience of:
- Risk and its nature in a corporate environment
Risk analysis and Internal Auditing
- The use of Risk-based auditing as an
integrated approach
- Risks within computer systems
- Electronic trading risks
- The IT Risk-based audit approach
- Risk and materiality
- A structured approach to audit risk
evaluation
- How to sell Risk-based audits
This webinar is
designed to provide the participants with an in-depth knowledge
of the risks as well as the benefits of Internet connection.
Participants will learn of the tools and information sources
available on the internet as well as the uses to which these
might be put.
Webinar content
The webinar will cover the following areas:
-
Internet Threats
-
Protection Strategies
-
Internet security and privacy
-
Use of Digital Certificates
-
Client-side Security
-
Downloading threats
-
Firewalling and encryption
-
Formulating an Internet security plan
IT
Security Reviews -
Thursday October 19 2023
Management, ever conscious of the company's
reliance on the computer (both micro and mainframe), is increasingly
looking to the auditor to address the risks in this environment. Many
auditors are unfamiliar with the risk areas and control opportunities
available. The module concentrates on logical security, the control
mechanisms available to enforce logical security, and audit approaches,
tools and techniques to carry out such reviews.
The objectives of the module
are:
- To familiarize auditors with
computer risk areas and security mechanisms.
- To provide auditors with an
understanding of the building blocks of operational
environments and operating systems.
- To provide auditors with an
appropriate methodology for reviewing computer security.
Webinar Content
The Webinar will cover the following areas:
- Computer
risk areas
- Criteria for
effective security
- Computer
operations
- Applications
security
- Change control
- Control over
viruses
- The "ACCESS"
model
- Tailoring the
Operating System
- Auditing
operating environments
- The role of
security packages: RACF, ACF2, TOP SECRET
- The internet
and Firewalls
A major component
of all corporate budgets in the 2020s is the IT departmental
expenditure. The primary reason for this is the potential
contribution which the IT function can make to the
competitiveness and bottom-line performance of the corporation.
Auditing in this
area has traditionally been reserved for the specialist IT
auditor.
In this webinar,
participants will be introduced to the VFM techniques they
require to permit a generalist auditor to evaluate the economy,
efficiency and effectiveness of the IT function.
Webinar Objectives
The objectives of the webinar are to provide attendees with the tools and techniques
needed in their own environments to:
- Familiarize auditors with
the Key Performance Areas within IT
- Introduce them to a VFMA
methodology to determine whether the IT resources are being optimized
- Provide delegates with a
complete VFMA audit plan for the IT function
Webinar Content
The Webinar will cover the following areas:
-
Background
and objectives of VFMA
-
Operational
auditing methods and techniques
-
Major
operational areas in IT
-
Risks
and control opportunities
-
Economy
of resource utilization
-
Efficiency
determination of the key performance areas
-
The
quantification of effectiveness
-
Implementing
the VFMA audit programmer
-
Performing the audit and following-up
Managing the IT Audit Function
- Thursday November 2 2023
IT Audit has developed into a maze of
specialties with technical specialists requiring ever more
specialized training.
This webinar is designed to assist
audit management to refocus their IS audit's efforts by
identifying high-impact audit areas and sourcing the resources
required to carry out the audit plan.
By the end of this webinar the attendee will be able to :
- Distinguish between the varying types of computer fraud, their nature and effect
- Identify likely fraud indicators
- Audit for computer fraud
- Establish a Corporate Risk Profile
- Structure an anti-fraud security environment
- Distinguish between fraud and forensic auditing
- Identify the requirements to ensure that audit evidence is acceptable as legal evidence
- Identify the requirement and effect of reporting sensitive issues
Webinar Content
The webinar will cover the following areas:
- The Scope of
IT Audit
- Narrowing the
perspective
- Objective
setting
- Staffing and
recruiting
- The use of
audit automation
- Skills and
training
- Measuring
effectiveness
- The role of
the Specialist
Who should attend
The series is aimed primarily at auditors, both internal and external, who are
advancing their career in Computer Auditing or who wish to understand the complexities and
vulnerabilities of computer systems. This series
follows on from Series 1
Webinar
Leader
Richard was Chairman
of the Audit Committee of Gauteng cluster 2 (Premier's office,
Shared Services and Health) in Johannesburg and is currently the
Chairman of the Audit and Risk Committee of the Department of
Public Enterprises in South Africa.
He is also a
visiting Lecturer at the University of the Witwatersrand, author
of the book Internal Auditing - an Integrated Approach,
published by Juta Publishing and now in its 3rd
edition. This book is extensively used as a university textbook
worldwide. In addition,
he is the
author of the "Auditor's Guide to IT Auditing" published
by Wiley Publishing, now in its 2nd edition
and the book "Corporate
Fraud and Internal Control: A Framework for Prevention",
also Wiley Publishing. He is also a contributor to
all 4 editions of QFINANCE,
the UItimate Resource,
published by Bloomsbury, and the author of "Data Analytics for
Internal Auditors" published in 2017 by Auerbach. He is also the
author of "The complete Guide for CISA Examination
Preparation". |