Technology Systems Auditing

Technology Systems Auditing Training Course

3.80 (16 reviews)
Udemy
platform
English
language
IT Certification
category
61
students
10 hours
content
Jun 2021
last update
$19.99
regular price

What you will learn

Understand the IS audit process

Plan audit and Perform risk analysis

Put in place internal controls

Learn about different phases of IS audit

Understand the role of governance in IT/IS

Make policies, procedures and identify risks

Create information security policy document

Conduct management reviews of the policy document

Perform risk management

Create insourcing and outsourcing strategy

Perform organizational quality management

Create project management structure

Introduce application development best practices

Plan IS operations and business resiliency plans

Define RPO/RTO

Develop disaster recovery plan

Protect information assets

Identify exposures and vulnerabilities

Understand role of encryption in data protection

Learn the basics of computer forensics

Description

Information systems have become an integral part of any modern organization. Many of the business processes are now dependent on the information systems and the data contained in these systems is of critical importance to any enterprise. The need to protect and safeguard these systems is also directly proportional to the increase in their usage. With the information systems becoming so important, the attacks and threats including but not limited to ransomware, data theft, hacking, forgery and brute force are also on the rise. More and more attackers are targeting organization with less control and protection. This course prepares the candidates to put in place effective controls and policies to protect their information systems and assets from unauthorized access and leakage.

Information systems auditor course is a comprehensive course designed with the objective of preparing the candidates to be able to familiarize themselves with the IS audit process, governance, management of IT, IS operations, maintenance and support, IS operations and business resilience as well as protection of information assets.

These information systems or assets can be in the form of databases, files, images, documents and software. The course covers the protection methods and techniques regardless of the form the data is residing within the organization.

Overall, the course touches all the aspects required to become an effective information systems auditor and perform the task efficiently. This course also helps the candidates to prepare for the relevant certification

Content

The IS Audit Process

The IS Audit Process
Topic A: The Auditing Process and Auditors
Definitions
Types of Auditors
The Auditing Process (1)
The Auditing Process (2)
The Auditing Process (3)
Audit Planning Process
Topic B: Risk Analysis
Risk Analysis Defined
Assessing Countermeasures
Steps of Assessment
Motivations for Risk Analysis
Topic C: Internal Controls
Internal Controls: Objectives & Procedures
Internal Control Types
Internal Controls (Preventative)
Internal Controls (Detective)
Internal Controls (Corrective)
Goals of Internal Controls
Goals of Internal Controls
General Control Methods/Types
The IS Audit Process
Audit Classifications
Audit Classifications
Phases of the Audit Process (Page 1)
Phases of the Audit Process (Page 2)
Inherent Risks During Audits
A Risk-Based Audit Approach
Evidence
Evidence Gathering Techniques
Computer Assisted Audit
Control Self-Assessment (CSA)
Chapter 1 Review
Quiz 1

Chapter 2 - Governance and Management of IT

Chapter 2 - Governance and Management of IT
Topic A: The Role of Governance
IT Governance
IT Governance
Governance Defined
Relationship Structure
Role of Auditor
Role of Auditor
Practices & Procedures
Practices & Procedures
Information Security Governance
Information Security Governance
Information Security Governance
Information Security Governance
Results of Security Governance
Goals of Security Governance
Topic B: Policies, Procedures, and Risk
IT Governance
Policies
Policies
Information Security Policy Document
Information Security Policy Document
Management Reviews
Management Reviews
Procedures
Procedures
Risk Management - Approaches
Risk Management
IT Risk Management - Levels
Topic C: IT Governance & Personnel Management
IS Management Practices
Personnel Management
Sourcing IS Functions
Insourcing and Outsourcing Strategy
Insourcing and Outsourcing Strategy
Change Management
Change Management
Organizational Quality Management
Quality Management
Organizational Quality Management
Performance Management
Organizational Quality Management
Chapter 2 Review
Quiz 2

Chapter 3 - IS Operations, Maintenance, and Support

IS Operations, Maintenance, and Support
Topic A: Project Management
Project Management Structure
Project Management Structure
Example Organizational Chart
Practical Project Management
Practical Project Management – 5 Steps
Topic B: Software Development and Acquisition
Business Application Development
Business Application Development
Traditional SDLC Approach
Software Development Risks
Alternative Development Methods
Alternative Development Methods
Agile Development
Prototyping
Prototyping
R.A.D. – Rapid Application Deployment
R.A.D. – 4 Stages
Other Alternative Development Methods
Topic C: Infrastructure Development and Acquisition
Infrastructure Development and Acquisition
Analysis of Physical Infrastructures
4 Steps to Planning Infrastructure Implementation
Hardware / Software Acquisition
Maintaining Information Systems
Change Management Standards
Change Management Standards
Application Controls
Auditor Tasks
Input Controls
Data Validation Checks
Data Validation Checks
Output Controls
Chapter 3 Review
Quiz 3

Chapter 4 - IS Operations and Business Resilience

IS Operations and Business Resilience
Topic A: Networking Models
Networking Models
Advantages of Reference Models
The OSI Model
Reliability
Topic B: IS Network Infrastructure
Network Types
Network Topology
VPN Defined
Wireless Specifications
Topic C: Business Continuity & Disaster Recovery
BCP/DR
Definitions
BCP/DR - 7 Steps to Recovery
BCP/DR Incident Classification
Business Impact Analysis - BIA
RPO and RTO
Recovery Strategies
Topic D: Recovery
Categories of Recovery Strategies
Business Recovery
Facilities, Materials, and Supplies
Facilities, Materials, and Supplies
Data Recovery
Topic E: Disaster Recovery
Disaster Recovery Plan (DRP) Development
BCP & DR - Teams
BCP Components
R.A.I.D.
Insurance
Business Continuity Plan (BCP) Testing
Types of BCP/DR Testing Strategies
Auditing BCP/DR
Business Continuity Management (BCM) Institutes and Organizations
Business Continuity Management (BCM)
Chapter 4 Review
Quiz 4

Chapter 5 - Protection of Information Assets

Protection of Information Assets
Topic A: Protecting Data
Key Elements, Roles, and Responsibilities
Key Elements, Roles, and Responsibilities
Classifying Information Assets
System Access Permission
Topic B: Threats and Vulnerabilities
4 Categories of Attacks
Exposures and Vulnerabilities
Exposures and Vulnerabilities
Exposures and Vulnerabilities
Topic C: Access Controls
Logical Access Paths
Identification and Authentication Mechanisms
Strong Password Policy
Identification and Authentication Mechanisms
Authorization
Dealing with Data
LAN Security
Client-Server Security
Firewall
Intrusion Prevention Service (IPS)
Honeypot (HP)
Topic D: Encryption
Encryption Mechanisms
Encryption Mechanisms
Symmetric vs. Asymmetric
Topic E: Auditing Practices
Auditing IS Management Framework
Auditing Logical Access
Penetration Testing
Penetration Testing
Computer Forensics
Chapter 5 Review
Quiz 5

Screenshots

Technology Systems Auditing - Screenshot_01Technology Systems Auditing - Screenshot_02Technology Systems Auditing - Screenshot_03Technology Systems Auditing - Screenshot_04

Charts

Price

Technology Systems Auditing - Price chart

Rating

Technology Systems Auditing - Ratings chart

Enrollment distribution

Technology Systems Auditing - Distribution chart

Related Topics

4101054
udemy ID
6/4/2021
course created date
6/12/2021
course indexed date
Bot
course submited by