Scribd
Upload
29 views16 pages

Practical Information Technology Auditing

1. The document outlines the course objectives and structure for a Practical Information Technology Audit course from Redric Consulting. 2. The course covers appreciating IT risk management, understanding the audit process and planning IT audits, auditing entity controls and data centers, and auditing networks, servers, applications, databases, and data repositories. 3. The course is split into three parts that cover auditing entity-level controls, networks, servers, and data centers in part 1; Windows and Unix/Linux servers in part 2; and web servers, databases, and big data in part 3.

Uploaded by

fpokoo_aikins
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
29 views16 pages

Practical Information Technology Auditing

1. The document outlines the course objectives and structure for a Practical Information Technology Audit course from Redric Consulting. 2. The course covers appreciating IT risk management, understanding the audit process and planning IT audits, auditing entity controls and data centers, and auditing networks, servers, applications, databases, and data repositories. 3. The course is split into three parts that cover auditing entity-level controls, networks, servers, and data centers in part 1; Windows and Unix/Linux servers in part 2; and web servers, databases, and big data in part 3.

Uploaded by

fpokoo_aikins
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 16

Practical

Information
Technology
Audit
An event from Redric
Consulting
Course Objectives

1 2 3 4 5 6 7
Appreciate the Understand Understand Audit entity Audit network Audit web Prepare IT
importance of the audit and prepare IT level controls devices, servers and Audit Reports
the IT Risk process; Audit plans; and data windows applications,
Management; centers; servers and databases, big
operating data and data
systems repositories
Practical IT Audit – Program
Structure
• Practical IT Audit – Part 1
• Practical IT Audit – Part 2
• Practical IT Audit – Part 3
Building an Effective Internal IT
Practic Audit Function

al IT The Audit Process

Audit – Auditing Entity-Level Controls

Part 1 Auditing Data Centers and


Disaster Recovery
Building • Internal Audit Department’s
Mission
an • Continuous Auditing
Effective • Relationship Building:
Partnering vs, Policing
Internal IT • Role of the IT Audit Team
Audit • Forming and Maintaining an
Effective IT Audit Team
Function • Maintaining Expertise
• The different types of internal controls
• How you should choose what to audit

The • How to conduct the basic stages of the


audit

Audit
• Planning
• Fieldwork and documentation

Process
• Issue discovery and issue validation
• Solution development
• Report drafting and issuance
• Issue tracking
• Strategic planning and technology
roadmaps

Auditing • Performance indicators and metrics


• Project approval and monitoring

Entity- processes
• Policies, standards, and procedures

Level • Employee management


• Asset and capacity management

Controls • System configuration change


management
• TEST STEPS FOR AUDITING ENTITY-LEVEL
CONTROLS
Auditing • Physical security and
Data environmental controls
• Data center operations
Centers • System and site resiliency
and • Disaster preparedness
Disaster • TEST STEPS FOR AUDITING ENTITY-
LEVEL CONTROLS
Recovery
Practical IT 01 02 03
Audit – Part Auditing
Network
Auditing
Windows
Auditing
Unix and
2 Devices Servers Linux
Operating
Systems
• Unravel the complexity of
network equipment
Auditing • Understand critical network
Network controls
• Review specific controls for
Devices network gear, including routers,
switches, firewalls, and wireless
components
• A brief history of Windows
development
• Windows essentials: learning
Auditing about the target host

Windows • How to audit Windows servers


• Tools and resources for enhancing
Servers your Windows audits
• TEST STEPS FOR AUDITING
WINDOWS
• The history of Unix and Linux
• Basic commands for getting around in the
Auditing unix environment
• How to audit Unix and Linux systems,
Unix and focusing on the following main areas:
Linux •

Account management
Permissions management
Operating •

Network security and controls
Security monitoring and other general controls
Systems • Tools and resources for enhancing your unix
audits
• TEST STEPS FOR AUDITING UNIX AND LINUX
Practic
al IT 01 02 03
Audit –
Auditing Auditing Auditing Big
Web Databases Data and
Servers and Data

Part 3 Web
Applications
Repositories
• How to audit a web server
• How to audit a web application
• TEST STEPS FOR AUDITING WEB SERVERS AND
WEB APPLICATIONS

Auditing Web Servers and


Web Applications
• Database permissions
• Operating system security
• Password strength and management features
• Activity monitoring
• Database encryption
• Database vulnerabilities, integrity, and the patching process
• TEST STEPS FOR AUDITING DATABASES

Auditing Databases
• How to audit data repositories
• Specific audit considerations for big data
environments
• TEST STEPS FOR AUDITING BIG DATA AND DATA
REPOSITORIES

Auditing Big Data and Data


Repositories

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy