MindGrove - the Audit and Risk SpecialistsMindGrove Training page - header image of people

 Home
 About us
 Training
bullet pointIn-house training
 ... by category
 ... a to z listing
 Public courses 2012
 Download brochure
 eLearning
 Consultancy
 Resources
 Clients
 Contact us
















IT Audit for Non Specialist Auditors

This intensive, short, and practical course provides a great starting point for auditors that need to include aspects of Information Systems Auditing into their work.

 

Suitability and duration

Suitability: General or non-IT specialist Auditor

Duration: 2 days

 

Who should attend

Those non-specialist auditors that need core IT Auditing knowledge to extend their existing scope. This course is suited for those from all backgrounds. Major steps of the course are accompanied by practical work, re-enforcing taught facts and helping delegates to develop skills.

 

Benefits

Skills

After completion of this course, you will be able to:

  • Explain the role of an information systems auditor
  • Perform a review of an operational application system
  • Identify risks involved in new systems
  • Comprehend ISO:27001/27002
  • Identify where security policies are required and describe acceptable use practices
  • Review physical security within the organisation
  • Review logical access control within the organisation
  • Explain core network terminology
  • Comprehend how basic network defences are structured
  • Perform a simple network review

 

Support Materials

The course is accompanied by a 100+ page manual containing detailed briefing notes and reference materials to form a powerful and practical personal resource on return to work.

 

Programme

IT/IS Auditing

  • IT Auditing roles
  • Auditing existing systems (hindsight reviews)
  • Auditing new developments (proactive reviews)
  • Auditing infrastructure (technical reviews)

 

Auditing systems

  • Locating weaknesses in existing systems – an auditor’s approach
  • Identifying risks in new systems – an auditor’s approach

 

Auditing infrastructure

  • Working to standards: The ISO 27000 series of standards
  • IT security – security and acceptable use policies
  • Physical security – IT working environments; location, structure and people control; environmental control; common threats
  • The physical review – how to perform a physical security review
  • Logical security – registration, identification, authentication 9single and multi-factor systems), authorisation and logging
  • The access control review – performing a logical security review

 

Auditing networks

  • Networks and risk – the commonest problems
  • Understanding networks and network diagrams
  • Network management, monitoring and control – an auditor’s perspective
  • Performing a basic network audit

 

 

  Call us on +44 (0) 1925 730 200Site map | Contact us 
© 2012 MindGrove Ltd. All rights reserved
 Valid XHTML 1.0 TransitionalValid CSS!