How To Audit IT General Controls Agenda
Seminar: ID# 1005029
Agenda
Data and Information Governance and Management- Effectiveness of IT Governance
Common IT Control Standards and Frameworks
IT Risk Management Using Scenario Analysis- Risk Identification
- Risk Assessment (Analysis and Evaluation)
- Risk Response
- Risk Monitoring and Reporting
Technology overview, common controls, common vulnerabilities, threats, risks, and tests
IT Service Organizations – Roles and Responsibilities (SOD)
Contract Management
Technology Insurance
IT Service Management- Asset
- Configuration & Hardening
- Change/Release
- Problem/Incident
- Knowledge
Access Logical/Physical
Environmental Controls
Hardware and Software Infrastructure
Network Perimeter Security
Patch Management
ulnerability Management (and Pen Testing)
Application Development
Business Continuity and Disaster Recovery
Incident Management
Project Management
Process Engineering
Third Parties and Cloud Providers
Assessing Information Technology- GCC Audit
- Other Regulation Variations (SOX, PCI, etc.)
- Adding GCC considerations to every audit engagement