Auditing Critical Business System Applications
- CPE Credits: 8 (may be expanded into a two-day program for 14 CPEs)
- Prerequisites: None
- Learning Level: Basic
- Instructional Method: Group/Live
- Field of Study: Information Technology – Technical
Course Revision Date: March 1, 2023
Course Description
The IT Auditor is looking for assurance that the application provides an adequate degree of control over the data being processed. The level of control expected for a particular application is dependent on the degree of risk involved in the incorrect or unauthorized processing of those data. Most generalized IT security audits and the tools used to perform these audits, focus on networks and servers. However, applications are often vulnerable to attacks that will not be detected by network and server security controls, and could compromise not only the application and its data, but the network and servers as well.
The primary focus of this course is on the process of auditing critical business applications, the associated IT infrastructure that supports these applications and the auditor’s role in assessing the internal control environment in which these applications are designed to function.
Audience
Objectives
1. Identify application controls and their benefits.
2. Recognize the critical role of internal auditors in the assessment and evaluation of application controls
3. Determine that application input data is accurate, complete, authorized, and correct
4. Evaluate whether application data are processed as intended within an acceptable time period.
5. Assess application output and stored data for accuracy and completeness.
6. Establish if a record is maintained to track data processing from input to storage to output.
7. Understand how to perform a risk assessment related to auditing applications.
8. Apply application control review scoping.
9. Determine application review approaches.
10. Specify common application controls.
11. Propose suggested tests to substantiate internal control findings within the application under review
12. Develop a sample review program.
Course Outline
Please contact Al with a request for a detailed course outline…
Need more information?
If have questions or would like more information about any of our courses please contact us using the form below. We look forward to hearing from you.
Request a Consultation Today
We provide a variety of consultation services and training options to fit the demanding and changing needs of our clients. Contact us today and we will help you determine the best way to meet your goals.
BAC is a vetted, current provider of training courses through the NICCS Education and Training Catalog. BAC’s courses are aligned to the specialty areas of the National Cybersecurity Workforce Framework.