Information Technology General Controls - In-Person Destination
Learn the best practices for Information Technology governance, management, security, control and auditing under COBIT and COSO 2013.
This is a eight CPE event is designed to provide an understanding of an effective program for the creation of a system of internal control within Information Technology (IT). We use the COBIT framework as our basis for the control groups and assessment is under COSO 2013. It was created to allow organizations to create effective Section 404 documentation.
Be trained on how your organization can develop and maintain an effective IT internal control framework to comply with the Sarbanes-Oxley Act (SOX) Section 404 or other similar regulations.
Our attendees learn that a top-down, risk-based approach to COBIT compliance can produce better results for their companies by streamlining their operations, providing more accurate, timely and reliable information, avoiding litigation and reducing their IT costs. Learn the "Best Practices" for COBIT, COSO 2013 and Section 404 from the methodology viewpoints provided by Control Objectives for Information and Related Technology (COBIT), IT Infrastructure Library (ITIL) and IT departments around the globe. Implement and update your IT SOX compliance and IT auditing programs.
Each attendee will receive 8 CPE Hours (YB). A certificate of completion will be provided.
Details on Event Presentation
Offered on Mondays at 8:45 a.m. to 4:45 p.m.
CPE Event Highlights
Information Technology controls are described in two categories: General Controls and Application Controls.
The seminar will cover IT General Controls over the information technology (IT) environment, computer operations, access to programs and data, program development and program changes. IT application controls will be discussed concerning transaction processing controls.
The COBIT Framework (Control Objectives for Information Technology) is the most widely-used framework being used in SOX compliance efforts. This framework will be covered in detail.
Learning Objectives
Attendees will:
-
Understand the similarities and differences between the ITIL and COBIT standards.
-
Learn the compliance requirements of the Sarbanes-Oxley Act.
-
Discuss how internal controls can manage risk and reduce fraud.
-
Identify methods for improving the effectiveness of information process to effect the profitability of businesses
-
Key Issues on the Agenda
Section 1 - Introduction and Background
-
Instructor's Perspective on IT Myths
-
What is IT Governance?
Section 2 - Internal Control Frameworks
-
What are "Internal Controls"?
-
IT Risks
-
Balancing Risks and Controls
-
Internal Control Terminology
-
IT Control "Frameworks"
Section 3 - Managing & Governing the IT Organization
-
IT Organization Risk and Control
-
IT Organization Relationships
-
CoBIT Domain: Plan & Organize
Section 4 - Managing the System Life Cycle
-
CobiT Domain: Acquire & Implement
-
Managing the Systems Life Cycle
-
System Development and Change Controls
-
Change Control Board
-
System Change and Development Controls - Risk & Control Objectives
-
System Change and Development Controls - Internal Controls
Section 5 - Securing the Physical and Logical IT Environment
-
CoBIT Domain: Deliver & Support
-
Physical Security
-
Logical Security
-
Password Security
-
Anti-Virus Configuration
-
Security - Risk & Control Objectives
-
Security - Internal Controls
Section 6 - - Managing Computer Operations
-
CoBIT Domain: Deliver & Support
-
Managing Computer Operations
-
Computer Operations - Risk & Control Objectives
-
Computer Operations - Internal Controls
Section 7 - Managing the Continuity of IT Services
-
CoBIT Domain: Deliver & Support
-
Managing the Continuity of IT Services
-
IT Disaster Recovery Plan
Section 8 - Monitoring the Effectiveness of IT
-
CoBIT Domain: Monitor and Evaluate
-
Monitoring the Effectiveness of IT
Section 9 - IT Compliance with the Sarbanes-Oxley Act
-
SOX Titles
-
Mapping to PCAOB and CoBIT
-
Systems for SOX Compliance
-
Procedures for IT SOX Compliance
-
Tests for IT SOX Compliance
Section 10 - Going Forward
-
Regulatory Environment
-
Long-Term Effects of SOX
-
Roadmap to IT Compliance
-
Dave's Lessons Learned
-
NASBA Program Disclosure
Program Level of Understanding: Basic
Prerequisites: None
Advance Preparation: None
Delivery Format: On-site Training (Group-Live); Seminar (Group-Live)NASBA Field(s) of Study: Auditing, Information Technology
CPE Credits: 8, based on 50 minutes of instruction per hour