ASINT ASG, s.r.o. v spolupráci s profesným združením ISACA Slovensko pripravuje pre záujemcov z radov odborníkov z oblasti IT auditu, dvojdňový kurz zameraný na získanie vedomostí z IT auditu. Cieľom kurzu je vysvetliť fundamentálne prístupy k IT auditu ilustrované na praktických príkladoch. Účastníci získajú aj znalosť prakticky používaných tzv. best practices používaných pri IT audite.
Intenzívny dvojdňový kurz bude prebiehať v anglickom jazyku (tréningové materiály sú v anglickom jazyku), pod vedením skúseného lektora Hendrik Ceulemans, InfoGovernance.
Termín konania: 10.-11. 3. 2009 od 8:30 – 18:00 hod.
Miesto konania: Club Penati, Agátová 33, Bratislava – Dúbravka
Program kurzu:
Corporate Governance and SOx
- COSO, COSO ERM and CobiT as control frameworks
- Corporate Governance
- Basics of risk management
- Roles and responsibilities for internal control
- IT Governance
- CobiT overview
IT Audit Overview
- Introductions on IT audit
- Audit standards, organisational relationship and independence
- Different phases of the IT audit
- Use of Risk Assessment in Audit Planning
- Types of control
General Controls
- Asset classification and ownership
- Information security policy
- Logical & Physical Security policies and standards
- Management of information security
- Logical and physical security
- Roles and responsibilities of control key players
- Change management
- Incident and problem management
- Service Level Agreements
- Controls at External Service Providers (Outsourcing)
- Business Contingency and Disaster Recovery Planning
Systems Acquisition, Development and Maintenance
- System Development Life Cycle (SDLC) methodology: Basics
- Development strategies & responsibilities
- Auditor’s involvement and independence: how to be an efficient Auditor and remain independent?
- CobiT Capability Maturity Model
Application Controls
- Transaction life cycle
- Application control trails
- Application controls in different stages
Computer Assisted Audit Techniques (CAAT’s)
Objectives for using CAAT’s
Accessing and processing application data
General control audit SW
Application control audit SW