How to Perform an IT Audit

Name: How to Perform an IT Audit
Price: 39.99 USD
Rating: 4.5 (113 reviews)

What you need to know to perform IT audits

(113 ratings)

797 students

Created by Adrian Resag, QIAL, CMIIA, CIA, CRMA, CFSA, GRCP, IAAP, CIMA Adv Dip MA

Last updated 4/2025

English

English [Auto]

What you'll learn

Understand how to properly plan engagements by determining their objectives, criteria and scope.
Know how to create working papers to document an audit and learn about different ways to staff an audit.
Learn how to collect engagement information and then analyze and evaluate it. Learn how to supervise engagements.
Learn how to communicate engagement results and the process of acceptance of risks. Learn how to monitor progress on the implementation status of internal audit
Know about the management of IT and the layers model of IT management.
Be able to assess systems development methods, including the Systems Development Life Cycle (SDLC), waterfall, spiral, rapid development and agile methods.
Learn about application testing methods.
Understand and be able to assess relational databases.
Know about common application controls you should ensure are in place.
Learn about IT governance, IT frameworks and reporting structures.
Know IT infrastructure controls and how to test them.
Know how to test preparedness Business Continuity Planning and Disaster Recovery Planning (BRP/DRP).
Be able to test data backups and controls for recovery.

Requirements

No prior experience or knowledge is required.

Description

We are glad to bring you a course to learn how to perform IT audits.

This course is ideal for:

IT and information security professionals who wish to learn techniques on how to assess their IT systems and the vulnerability of their IT systems; and
Auditors or others performing assessments who wish to learn more about performing IT audits.

The course will give you the knowledge and tools necessary to perform IT audits, starting from how to plan them, how to perform and how to report on the results of the engagement. It will teach you about which threats to assess and which controls should be put in place.

It is taught by Adrian Resag, an experienced and CISA certified IT and information security auditor who has decades of experience evaluating information security, IT and ISO 27001 in many organizations.

The course covers:

Performing IT Audits

Planning Engagements

Understand how to properly plan engagements by determining their objectives, criteria and scope.
Know how to create working papers to document an audit and learn about different ways to staff an audit.

Performing Engagements

Learn how to collect engagement information and then analyze and evaluate it. Learn how to supervise engagements.

Communicating Progress and Results

Learn how to communicate engagement results and the process of acceptance of risks. Learn how to monitor progress on the implementation status of internal audit recommendations.

IT Governance, Controls and Frameworks

IT Management

Know about the management of IT and the layers model of IT management.

Systems Development

Be able to assess systems development methods, including the Systems Development Life Cycle (SDLC) model and how to audit it and the waterfall, spiral, rapid development and agile methods.
Learn about application testing methods.

Databases

Understand and be able to assess relational databases.

Software and Application controls

Know about common application controls you should ensure are in place.

IT Governance, Frameworks and Reporting

Learn about IT governance, IT frameworks and reporting structures.

IT Infrastructure

Know IT infrastructure controls and how to test them.

Business Continuity and Disaster Recovery Planning (BRP/DRP)

Know how to test preparedness Business Continuity Planning and Disaster Recovery Planning (BRP/DRP).

Data Backup and Recovery Controls

Be able to test data backups and controls for recovery.

Who this course is for:

Current or future IT and information security professionals who wish to learn techniques on how to assess the security of their information and the vulnerability of their IT systems.
Auditors or others performing assessments who wish to learn more about performing IT audits.

Adrian Resag, QIAL, CMIIA, CIA, CRMA, CFSA, GRCP, IAAP, CIMA Adv Dip MA

Founder of the Risk Governance Institute

4.5 Instructor Rating
7,988 Reviews
24,439 Students
15 Courses

I have a great passion in the areas of internal audit, governance, risk management, artificial intelligence, IT & information systems auditing, internal control and fraud prevention. I would like to share those great interests of mine with those who wish to learn.

I am currently Head of Internal Audit, Risk Management and Internal Control to a well-known luxury brand, and previously was Head of Internal Audit in a global financial services institution and Chief Internal Auditor to the European subsidiary of a major global bank. I worked as Group Internal Auditor in the energy sector and advisor in internal audit in a 'Big-4' consulting firm.

I founded the Risk Governance Institute which provides courses, training and consulting services.

I have been teaching students and professionals in university, institutions and organizations.

I am currently working on creating a certification in Audit & Assurance and another in Compliance & Ethics with a major institution.

I hold the following qualifications and certifications:

- Qualification in Internal Audit Leadership (QIAL) from the Institute of Internal Auditors (IIA);

- Chartered Internal Auditor (CMIIA) from the Chartered Institute of Internal Auditors;

- Certified Internal Auditor (CIA) from the Institute of Internal Auditors (IIA);

- Governance, Risk & Compliance Professional (GRCP) from OCEG;

- I (re-)created the certification Governance, Risk & Compliance Auditor (GRCA) for OCEG;
- I created the certification Integrated Audit & Assurance Professional (IAAP) for OCEG;
- I created the certification Integrated Risk Management Professional (IRMP) for OCEG;

- I created the certification Integrated Compliance & Ethics Professional (ICEP) for OCEG;

- I created the certification Integrated Artificial Intelligence Professional (IAIP) for OCEG;

- Certification in Risk Management Assurance (CRMA) from the Institute of Internal Auditors (IIA);

- Certified Financial Services Auditor (CFSA) from the Institute of Internal Auditors (IIA);

- Certification in Control Self-Assessment (CCSA) from the Institute of Internal Auditors (IIA);

- Technical Specialist of the Institute of Risk Management (SIRM);

- The Advanced Diploma in Management Accounting (Adv Dip MA) from the Chartered Institute of Management Accountants (CIMA);

- ISO 22301 (Business Continuity Management Systems) trained and experienced Lead Auditor; and

- ISO 27001 (Information Security Management Systems) highly experienced Lead Auditor.

- ISO 42001 (Artificial Intelligence Management Systems) Lead Implementer and Lead Auditor, certified by PECB.