top of page
ITGC'S Audit Planning Thru Reporting - In-Person

ITGC'S Audit Planning Thru Reporting - In-Person

Are your ITGC audits really helping to reduce your cybersecurity risks?


This CPE internal auditor training event is designed for the financial auditor and IT auditor who need to improve their practical knowledge covering information technology general controls (ITGC). The attendees are walked through the concepts and frameworks that are important to the ITGC internal audit activities in order to create an added value for their organizations.


Are you ready to plan and execute audits concerning ITGCs? ITGCs are one of the weak links in most organizations internal control framework. They apply to all systems environments, components, processes, and data, and can be relevant to practically any internal audit project.


This timely, two day CPE internal auditor training event is designed for internal auditors with 2-10 years' experience who want to learn the concepts, tools, and techniques to enhance their effectiveness concerning information technology audits.

We use this delivery approach to allow for a focus on individual development and learning from our very experienced auditor educators.


Each attendee will receive 16 Auditing CPE Hours (YB). A certificate of completion will be provided.

  • Details on Event Presentation

    The sessions will be as follows:

    Thursday – 9:00 a.m. to 5:00 p.m.

    Friday - 9:00 a.m. to 4:00 p.m.

    Offered in-person in various cites each month on Thursday-Fridays in two sessions.

  • CPE Event Highlights

    We will cover in this program:

    • Review of the COBIT and NIST

    • Assess entity level ITGC using a comprehensive questionnaire

    • Creating an comprehensive information technology risk assessment

    • Testing ITGC activity level controls

    • Effective report preparation to create change

  • Learning Objectives

    By the end of the course, participants will be able to:

    • Understand the relationship between ITGCs and SOX controls

    • Understand IT General Controls as defined by COBIT

    • Understand the cybersecurity principles presented by NIST

    • Learn to plan an audit of IT Security Policy

    • Learn to plan an audit of IT Change Management

    • Learn to plan an audit of Physical Access and Environmental Controls

    • Learn to plan an audit of Logical Access

    • Learn to plan an audit of IT Operations

    • Learn to plan an audit of Business Continuity Plan and Disaster Recovery Plan

  • Key Issues on the Agenda

    Introduction Section 1 Defining IT audit universe
    Section 2 Understanding the contents of COBIT
    Section 3 Understanding NIST Cybersecurity Guidance
    Section 4 Risk Assessment for the information technology landscape
    Section 5 Assessment of Entity Level Controls
    Section 6 IT Security Policy
    Section 7 IT Change Management
    Section 8 Physical Access and Environmental Controls
    Section 9 Logical Access
    Section 10 IT Operations
    Section 11 Business Continuity Plan
    Section 11 Disaster Recovery Plan
    Section 12 Effective Report Creation
    Section 13 Summary and Wrap-Up

  • NASBA Program Disclosure

    Program Level of Understanding: Intermediate
    Prerequisites: Participants should come with a knowledge of the auditing process.
    Advance Preparation: A number of documents will be provided in advance.
    Delivery Format: On-site Training (Group-Live); Seminar (Group-Live)
    NASBA Field(s) of Study: Auditing
    CPE Credits: 16, based on 50 minutes of instruction per hour

bottom of page