This course is for auditors, IT managers, project managers, consultants, infromation security staff, risk managers, procurement and purchasing professionals, and executive managers.
Delegates should have worked on at least one major IT system in either a development, operational, procurement or audit capacity.
Note: This course is available as a 2 day event focused on any one individual module listed in Specialist Subjects.
This course is available on site only. Please call for details.
The aim of this course is to enable delegates to conduct both high level and detailed audits into the non-coding activities of an IT operation including high level general practice, business continuity management, information security, software risk and software aquisition audits. It applies equally to in-house IT operations software houses, outsourcing installations etc.
By the end of the course delegates will:
- Be able to scope and tailor an IT audit to address operational issues.
- Know what complementary standards are available.
- Be able to model audits on international best practice.
- Be able to assess results based on documented evidence.
- Be able to create a remediation plan.
Creating the Audit
Benefits of an IT Audit.
Customising the questions.
High Level IT Functions including standards for COBIT 4.0 et seq,IEEE, ISO 27001, BS25999-2.
Business Continuity Management based on BS25999-1 and BS 25999-2.
Information Security based on ISO 17799 and ISO 27001.
Software Risk Management based on IEEE software engineering standard 1540-2001.
Software Acquisition audit on IEEE standard 1062-1998.
Implementing the Audit
Developing a Remediation Plan.
Implementing the Remediation Plan.
Continuous Improvement Programme.