Course description
This course discusses the process of auditing information systems covering the practice of IS auditing, methodology and procedures to provide audits and assist the organization to protect their information systems. First, develop risk based IT audit strategy in compliance with IT audits. Second, plan specific audits. Third, conduct audits on standards and objectives to stakeholders. Fourth, conduct followups and status reports to ensure appropriate actions have been taken. The goal is to provide a framework and guidelines that you can follow to implement audit plans. This course is part of a series covering the ISACA Certified Information Systems Auditor (CISA).
Each LearnNowOnline training course is made up of Modules (typically an hour in length). Within each module there are Topics (typically 15-30 minutes each) and Subtopics (typically 2-5 minutes each). There is a Post Exam for each Module that must be passed with a score of 70% or higher to successfully and fully complete the course.
Prerequisites
There are no prerequisites for this course.
Meet the expert
Kenneth Mayer
As a certified Microsoft Instructor, Ken has focused his career on various security aspects of computer and network technology since the early 1980s. He has offered a wide variety of IT training and high level consulting projects for Fortune 500 companies globally. Through the course of his extensive career, he has taught a full line of Microsoft, CompTIA, Cisco, and other high level IT Security curricula.
Video Runtime
226 Minutes
Time to complete
286 Minutes
Course Outline
Audit Standards and Guidelines
Manage Audit Function (18:32)
- Introduction (01:47)
- The IS Audit Function (03:12)
- IS Audit Resource Management (01:04)
- Audit Planning (01:08)
- Other planning Considerations (01:48)
- Information Gathering (01:32)
- Audit Planning Continued (01:07)
- Guidelines to Follow (02:01)
- Effects of Laws and Regulations (02:17)
- Effects of Laws and Regulations Continued (00:57)
- Major Areas of Concern (00:41)
- Determine Level of Compliance (00:44)
- Summary (00:08)
Audit and Assurance Standards (42:39)
- Introduction (02:03)
- Maintaining Privacy and Confidentiality (03:25)
- IT Audit and Assurance Standards and Guidelines (01:17)
- IT Audit and Assurance Standards Framework (01:19)
- Auditing Standards (02:59)
- Auditing Standards Continued (02:44)
- Reporting Standards (00:29)
- Follow-up Activities (01:58)
- IT Governance (03:27)
- Using Experts' Work (01:46)
- Guidelines (00:34)
- Audit Guidelines (01:07)
- Audit Guidelines Continued (01:38)
- Outsourcing and Audit Charter (03:07)
- Materiality Concepts (01:57)
- Due Professional Care and Audit Documentation (01:28)
- More Audit Guidelines (01:41)
- Even More Audit Guidelines (01:58)
- Yet More Audit Guidelines (01:57)
- Still More Audit Guidelines (01:31)
- Further Audit Guidelines (01:56)
- Ultimate Audit Guidelines (02:00)
- Summary (00:08)
Risks and Controls
ITAF Standards (34:36)
- Introduction (02:02)
- Tools and Techniques (02:15)
- IT Assurance Framework (02:50)
- ITAF General Standards (01:27)
- ITAF General Standards Continued (01:21)
- ITAF Performance Standards (03:02)
- ITAF Performance Standards Continued (02:02)
- Assignment Performance and Representation (01:43)
- Reporting Standards (01:12)
- Reporting Standards Continued (00:54)
- It Assurance Guidelines (01:15)
- Dealing with Management (00:51)
- IT Assurance Guidelines Continued (01:31)
- IT Management Processes (01:31)
- IT Management Process Continued (02:06)
- Common Practices (00:20)
- IT Audit and Assurance Processes (01:23)
- IT Audit and Assurance Areas Continued (02:10)
- IT Audit and Assurance Management (00:45)
- IT Audit and Assurance Management Continued (03:37)
- Summary (00:08)
Risk Analysis (21:30)
- Introduction (00:42)
- Business Environment (04:20)
- Risk IT Framework (03:05)
- Determine Associated Risks (02:33)
- Risk Analysis Continued (01:26)
- Risk Assessment Lifecycle (01:31)
- Identifying Controls to Reduce Loss (04:10)
- Risk Analysis Lifecycle (03:30)
- Summary (00:08)
Internal Controls (17:13)
- Introduction (01:32)
- Internal Controls Objectives (01:06)
- IS Control Objectives (02:34)
- Controls Classifications (01:19)
- IS Control Objectives Continued (02:06)
- COBIT (00:34)
- Linking Goals (00:49)
- General Controls (03:23)
- IS Controls (03:39)
- Summary (00:08)
Performing an Audit
Performing an Audit Part 1 (32:49)
- Introduction (02:41)
- Audit Project Management (01:08)
- Classification of Audits (02:31)
- Audit Program (01:07)
- General Audit Procedures (02:56)
- Audit Software (04:57)
- Audit Methodology (01:26)
- Fraud Detection (03:25)
- Fraud Detection Continued (02:13)
- Risk-Based Auditing (02:05)
- Risk-Based Auditing Continued (00:57)
- Risk Model Assessment (01:10)
- Audit Risk and Materiality (01:18)
- Audit Risks (01:36)
- Audit Risk and Materiality Continued (01:29)
- Assess Security Risks (00:39)
- Process of Risk Assessment (00:55)
- Summary (00:08)
Performing an Audit Part 2 (37:51)
- Introduction (02:41)
- Treating Risks (01:58)
- Selecting Controls (01:47)
- Controls and Security (00:45)
- Audit Subjects for Risk Assessment (02:04)
- Risk Assessment Approach (00:46)
- Judgemental Risk Assessment (00:18)
- Risk Assessment Techniques Continued (00:39)
- Audit Objectives (01:07)
- Translating Objectives and Compliance (01:48)
- Compliance vs. Substantive Testing (00:36)
- Compliance vs. Substantive Testing Continued (00:31)
- Evidence (02:56)
- Methods of Gaining Evidence (01:13)
- Identifying Work Functions (01:10)
- Sampling (01:21)
- Sampling Continued (02:19)
- Sampling Terms to Know (01:57)
- Using the Services of Other Auditors (02:04)
- Using the Services of Other Auditors Continued (00:30)
- Computer-Assisted Audit Techniques (01:08)
- Review Evidence and Audit Strengths and Weaknesses (02:50)
- Audit Strengths and Weaknesses Continued (00:57)
- Communicating Results (02:32)
- Follow-up (00:21)
- Audit Documentation (01:15)
- Summary (00:08)
Control Self-Assessment (09:49)
- Introduction (00:52)
- Control Self-Assessment (01:12)
- Control Self-Assessment Continued (01:38)
- Objectives of CSA (01:18)
- Benefits of CSA (00:57)
- Disadvantages of CSA (00:36)
- Auditors and CSA (01:20)
- CSA and Empowerment (01:08)
- CSA vs. Traditional Method (00:35)
- Summary (00:08)
Evolving the Audit Process (11:06)
- Introduction (00:10)
- Automated Work Papers (01:20)
- Automated Work Papers Continued (01:23)
- Integrated Auditing (01:32)
- Integrated Auditing Continued (00:37)
- Benefits of Integrated Auditing (00:24)
- Continuous Auditing (00:42)
- Continuous Auditing vs. Continuous Monitoring (01:01)
- Continuous Auditing Continued (03:46)
- Summary (00:08)