MindGrove Training Consultancy

HOME
Photographic image of World cities

ABOUT US

WORKING WITH APPLICATIONS

COURSE OVERVIEW

Modern audit teams agree on the need to review applications whilst they are still under development. Such audits are often seen as subjects for IT Auditors, and as they are in limited supply, a backlog of work for the IT Auditor or poor audit coverage by a non-specialist may be the end result. This course provides insight and enough key skills knowledge to enable a non-technical auditor to deal with most application-under-development reviews.

COURSE BENEFITS

Skills:

After completion of this course, you will be able to:

  • Describe the interface between applications and systems infrastructures

  • Explain how risk arises in the provision of applications to meet organisational objectives

  • Understand the types of risk that arise from high, intermediate and low level application process flows

  • Define and audit the roles of end-users in respect of applications

  • Understand a typical software development life cycle

  • Plan for reviews, throughout the software development life cycle, of significant applications being developed

  • Audit applications under development throughout the software development life cycle

  • Review, after implementation, the control effectiveness of a completed application

Support Materials:

This course is accompanied by a substantial manual that includes full briefing notes, explanations, illustrations and a work programme for reviewing applications.

WHO SHOULD ATTEND

This course is open to all. The core of the course lies in the understanding of application risks and how these can be designed out of an application during the systems development process. The course uses real-world examples and practical exercises to ensure participants spend most of their time consolidating their skills.

COURSE Programme

Information systems and application interfaces

  • Hardware and software

  • Introducing the infrastructure

  • Best practice delivery and support functions

Application risk in an enterprise setting

  • Business objectives linking to application requirements

  • Applications meeting strategic, operational, reporting, legal and regulatory requirements

Common risks and controls associated with applications

  • High-level data flow risks

  • Intermediate-level data flow risks

  • Low-level data flow risks

  • The audit review

  • Application key controls checklist

End users

  • Roles & responsibilities

  • Reviewing systems under development – the systems development life cycle

  • Development strategy (build/buy)

Initiation

  • Users and user requirements specifications (URS)

  • Feasibility and analysis

  • Impact on other systems and interfaces

Design

  • Detailed user requirements specification (detailed URS)

  • Analysis and design

  • Control framework – linkage to enterprise risk

  • Performance and capacity

Development

  • Tools and methodologies

  • Change control

  • Security of development environment

  • Documentation

Testing

  • Test plans

  • Testing functionality – acceptance testing

  • Control testing

  • Test strategies

  • Security of test environment and data

Implementation and post implementation

  • User training

  • Operational documentation

  • Data conversion and absorption of legacy data

  • Implementation strategies – parallel running / cut over

  • Backup and maintenance procedures

  • Effectiveness of systems implementation

PRESENTED BY:
This course is designed, developed and presented by MindGrove Ltd.

TRAINING

In-House Training

Public Course Schedule

Course Library

CONSULTANCY

RESOURCES

CLIENTS

CONTACT US

To discuss bringing this course in-house, please complete our on-line Enquiry Form or call us on 01925 732 757.

Copyright 2008 MindGrove Ltd.

Call us on +44 (0)1925 732 757

All rights reserved.
to discuss your requirements