top of page
Information Technology General Controls - In-Person Destination

Information Technology General Controls - In-Person Destination

Learn the best practices for Information Technology governance, management, security, control and auditing under COBIT and COSO 2013.


This is a eight CPE event is designed to provide an understanding of an effective program for the creation of a system of internal control within Information Technology (IT). We use the COBIT framework as our basis for the control groups and assessment is under COSO 2013. It was created to allow organizations to create effective Section 404 documentation.


Be trained on how your organization can develop and maintain an effective IT internal control framework to comply with the Sarbanes-Oxley Act (SOX) Section 404 or other similar regulations.


Our attendees learn that a top-down, risk-based approach to COBIT compliance can produce better results for their companies by streamlining their operations, providing more accurate, timely and reliable information, avoiding litigation and reducing their IT costs. Learn the "Best Practices" for COBIT, COSO 2013 and Section 404 from the methodology viewpoints provided by Control Objectives for Information and Related Technology (COBIT), IT Infrastructure Library (ITIL) and IT departments around the globe. Implement and update your IT SOX compliance and IT auditing programs.


Each attendee will receive 8 CPE Hours (YB). A certificate of completion will be provided.

  • Details on Event Presentation


    Offered on Mondays at 8:45 a.m. to 4:45 p.m. 

  • CPE Event Highlights

    Information Technology controls are described in two categories: General Controls and Application Controls.

    The seminar will cover IT General Controls over the information technology (IT) environment, computer operations, access to programs and data, program development and program changes. IT application controls will be discussed concerning transaction processing controls.

    The COBIT Framework (Control Objectives for Information Technology) is the most widely-used framework being used in SOX compliance efforts. This framework will be covered in detail.

  • Learning Objectives

    Attendees will:

    • Understand the similarities and differences between the ITIL and COBIT standards.

    • Learn the compliance requirements of the Sarbanes-Oxley Act.

    • Discuss how internal controls can manage risk and reduce fraud.

    • Identify methods for improving the effectiveness of information process to effect the profitability of businesses

  • Key Issues on the Agenda

    Section 1 - Introduction and Background

    • Instructor's Perspective on IT Myths

    • What is IT Governance?

    Section 2 - Internal Control Frameworks

    • What are "Internal Controls"?

    • IT Risks

    • Balancing Risks and Controls

    • Internal Control Terminology

    • IT Control "Frameworks"

    Section 3 - Managing & Governing the IT Organization

    • IT Organization Risk and Control

    • IT Organization Relationships

    • CoBIT Domain: Plan & Organize

    Section 4 - Managing the System Life Cycle

    • CobiT Domain: Acquire & Implement

    • Managing the Systems Life Cycle

    • System Development and Change Controls

    • Change Control Board

    • System Change and Development Controls - Risk & Control Objectives

    • System Change and Development Controls - Internal Controls

    Section 5 - Securing the Physical and Logical IT Environment

    • CoBIT Domain: Deliver & Support

    • Physical Security

    • Logical Security

    • Password Security

    • Anti-Virus Configuration

    • Security - Risk & Control Objectives

    • Security - Internal Controls

    Section 6 - - Managing Computer Operations

    • CoBIT Domain: Deliver & Support

    • Managing Computer Operations

    • Computer Operations - Risk & Control Objectives

    • Computer Operations - Internal Controls

    Section 7 - Managing the Continuity of IT Services

    • CoBIT Domain: Deliver & Support

    • Managing the Continuity of IT Services

    • IT Disaster Recovery Plan

    Section 8 - Monitoring the Effectiveness of IT

    • CoBIT Domain: Monitor and Evaluate

    • Monitoring the Effectiveness of IT

    Section 9 - IT Compliance with the Sarbanes-Oxley Act

    • SOX Titles

    • Mapping to PCAOB and CoBIT

    • Systems for SOX Compliance

    • Procedures for IT SOX Compliance

    • Tests for IT SOX Compliance

    Section 10 - Going Forward

    • Regulatory Environment

    • Long-Term Effects of SOX

    • Roadmap to IT Compliance

    • Dave's Lessons Learned

  • NASBA Program Disclosure

    Program Level of Understanding: Basic
    Prerequisites: None
    Advance Preparation: None
    Delivery Format: On-site Training (Group-Live); Seminar (Group-Live)

    NASBA Field(s) of Study: Auditing, Information Technology
    CPE Credits: 8, based on 50 minutes of instruction per hour

bottom of page