IT CONTROLS

1. IT CONTROLS INTOSAI IT AUDIT TRAINING

2. IT Controls module objectives • Identify/ document key business systems • Review computerised controls – management, operational and application controls, and test key controls • Provide client with recommendations

3. Module contents • General IT controls 2 days • Application controls 1 day • Case studies 1 day Total 4 days

4. IT controls : sessions DAY 1 • Session 1: Introduction • Session 2 : IT and the audit process • Session 3 : IT controls model • Session 4 : Planning an IT controls review • Session 5 : Documenting IT systems • Session 6 : Organisation and management controls

5. IT Controls : sessions DAY 2 • Session 7 : IT operations • Session 8 : Physical and environmental controls • Session 9 : Logical access controls • Session 10: Change management

6. IT Controls : sessions DAY 3 • Session 11: Third party service providers • Session 12: End user computing • Session 13: Intro to application controls • Session 14: Application security • Session 15: Input, process, output controls • Session 16: Masterfile/standing data controls

7. IT controls : sessions DAY 4 • Session 17: Case studies and revision • Session 18: Module review