MindGrove - the Audit and Risk SpecialistsMindGrove Training page - header image of people

 Home
 About us
 Training
bullet pointIn-house training
 ... by category
 ... a to z listing
 Public courses 2012
 Download brochure
 eLearning
 Consultancy
 Resources
 Clients
 Contact us
















An IT Audit Snapshot (revised for 2012)

This intensive one-day briefing event has been developed for auditors who require a start-up in the field of information systems auditing.

 

Suitability and duration

Suitability: Beginner

Duration: 1 day

 

Who should attend

Those with limited technical know-how and limited time, who wish to include some aspects of Information Systems Auditing into their work plans. The day uses a mixture of briefings and interactive displays to maximise knowledge transfer.

 

Benefits

Skills

After completion of this course, you will be able to:

  • Describe the roles performed by an IT Auditor
  • Identify laws that may impact your organisation
  • Appreciate the importance of IT Service Delivery and Support functions
  • Comprehend the purpose of ISO: 27001/2
  • Describe and review the main elements of logical access control
  • Explain simple network terminology
  • Understand simple network defences and appreciate how to perform a simple network review

 

Support Materials

This course is accompanied by a manual containing briefing notes and a work programme to assess compliance with controls prescribed in ISO: 27002.

 

Programme

IT Audit roles

  • Hindsight reviews - development reviews, Infrastructure reviews
  • Risk based approaches

 

AIT operations and the law

  • Data Protection Act 1998
  • Copyright and Patents Act 1988
  • Computer Misuse Act 1990
  • Freedom of Information Act
  • Regulations of Investigatory Powers Act 2000
  • Electronic Communications Act 2000

 

IT service governance

  • A Tool for assessing: Service Level Management / Capacity Management / IT Service Continuity Management / Availability Management / Service/Help Desk / Incident Management / Problem Resolution / Configuration Management / Change Management / Release Management

 

Standards for information systems security

  • The nature and intentions of ISO: 27001 and ISO: 27002
  • The ten control domains and the key controls within the domains
  • Risk analysis and choice of controls

 

Logical security

  • Identification, Authentication, Authorisation and Logging
  • Systems administration and setting up users and permissions
  • A typical access control review

 

Auditing networks

  • Network terminology
  • Short and long haul networks
  • Setting up network defences – the rules
  • The simplest network audit – a five step approach

 

 

  Call us on +44 (0) 1925 730 200Site map | Contact us 
© 2012 MindGrove Ltd. All rights reserved
 Valid XHTML 1.0 TransitionalValid CSS!