| Download: Flyer - Black&White (.PDF 912kb) Course Outline (.PDF 37kb) |
 |
 |
presents
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
8:30AM to 5:00PM * PENINSULA HOTEL, MAKATI CITY, PHILIPPINES * APRIL 24, 2009
Government regulations, business stakeholders, contractual obligations, and concerned executive management are all drivers for the initiation or expansion of IT audits. If not properly planned, IT audits can cost your company loss of clients, resources, downtime, delays, and added frustration. Well- planned IT audits, however, can assist your company in leveraging existing business and getting your foot in the door into new markets.
In this one-day seminar, attendees will learn the importance of IT auditing, how to prepare for an IT audit, what to expect during an audit, how to read an audit report, and how to build your own internal IT audit/monitoring program. IT audits by themselves are not business-enabling, but the results of those audits can help you gain a competitive advantage. By utilizing these best practices in IT audit and by self-auditing, your company will have that advantage. This program addresses the different types of IT audit including Sarbannes-Oxley, ISO 17799 and SAS 70.
In this one-day seminar, attendees will learn the importance of IT auditing, how to prepare for an IT audit, what to expect during an audit, how to read an audit report, and how to build your own internal IT audit/monitoring program. IT audits by themselves are not business-enabling, but the results of those audits can help you gain a competitive advantage. By utilizing these best practices in IT audit and by self-auditing, your company will have that advantage. This program addresses the different types of IT audit including Sarbannes-Oxley, ISO 17799 and SAS 70.
ONE-TIME SEMINAR
Seminar Investment is P7,800 inclusive of Meals, Resource Kit, & Certificate of Attendance
REGISTER NOW and avail of Early Bird & Group DISCOUNTS
CALL (+63 2) 842-7148 or 59
EMAIL: jessica@cgbp.org
Check: http://www.cgbp.org
REGISTER NOW and avail of Early Bird & Group DISCOUNTS
CALL (+63 2) 842-7148 or 59
EMAIL: jessica@cgbp.org
Check: http://www.cgbp.org
Lecturer:
Patrick Dailey, CFE, GCFA, CISSP, EnCE – is the founder and managing director of DigiThreat Solutions. An expert in risk analysis and risk management, he has a wide range of expertise in the field of IT and Security, with over 15 years of experience as a security consultant in the Asia-Pacific region and the Americas. He has handled numerous multi-cultural teams, trainings, programs and projects with U.S. government agencies, as well as across several industries such as telecommunications, banking, finance, and business process outsourcing (BPO). He holds several IT Security certifications and accreditations from prestigious international institutions such as being a certified fraud examiner, certified forensic analyst, certified information systems security professional, and EnCase certified examiner.
Who Should Attend:
• Decision-Makers
• CIO & CFO
• Internal Audit Directors
• IT & Internal Auditors
• IT Compliance Officers
• IT & Business Consultants
• IT Risk Management Officers
 |
 |
 |
 |
 |
BEST PRACTICES IN IT AUDIT
Leveraging an IT Audit to Grow Your Business
8:30 am to 5:00pm
Friday, April 24, 2009
Peninsula Manila, Makati City, Philippines
SEMINAR OUTLINE
I. Introduction
II. The Importance of Auditing
A. Contractual Requirements
B. Growing Your Business
C. A Risk Assessment of your IT
D. IT Audits vs. an IT Compliance Program
E. IT Audits as they relate to an Overall Audit Program for your Company
III. Audit Programs
A. Regulations
B. Laws
C. Best Practices
D. Types of Audits
IV. Preparing for an Audit
A. 20 Questions to Ask your Auditor Before the Audit
B. Technical Environment
1. Data Center
a. Routers and Switches
b. Firewalls
c. Other IT Security
d. Servers
i. *nux
ii. Windows
iii. Other Operating Systems (AS400, Novell, Banyan, etc)
e. Server Roles
i. Database
ii. Application
iii. Email
iv. Proxy
v. Other Server Roles (dependent upon company)
2. Network
a. Wiring
b. Network Transport/TCPIP
i. DNS/WINS
ii. DHCP/IP Management
iii. Public IP Space
c. Routing Protocols (RIP, etc)
d. Wireless and Mobile devices and technologies
3. Software
a. Licensing issues
b. Interoperability
4. Desktops
a. Desktop Standards
C. Your Documentation
1. Your Company’s Documented Policies
2. Your Company’s Documented Standards
3. Standards and Policies – What’s the Difference?
4. Are you Following what you are Documenting?
D. Infrastructure
1. Organizational Charts
2. Audit Controls
E. Gap Analysis
1. What if you already know you aren’t compliant?
F. Interdepartmental Coordination
1. Coordinating with HR, Operations, and other departments for an audit
2. Why are other departments needed?
V. What to Expect During an Audit
A. Sarbanes Oxley
B. ISO17799
C. SAS70
D. Other types of IT Audits
E. What kinds of questions do they ask, and why do they ask them?
F. What kind of things do they look for?
G. What is typically the process of an audit?
VI. The Audit Report
A. How to Understand an Audit Report without an MIS degree
B. Fixing Noted Gaps
C. 10 Questions to ask the Auditor when the report is delivered
VII. Continuous Auditing
A. Why is it a best practice?
B. Your Built-in IT Monitoring Program
C. Do-it-yourself Audit Techniques
D. Building an effecting internal audit team
E. Using Continuous Auditing to Reach new Markets and Gain Competitive Advantage
F. How to choose and what to look for in an external IT auditor?
VIII. Question & Answer Segment
II. The Importance of Auditing
A. Contractual Requirements
B. Growing Your Business
C. A Risk Assessment of your IT
D. IT Audits vs. an IT Compliance Program
E. IT Audits as they relate to an Overall Audit Program for your Company
III. Audit Programs
A. Regulations
B. Laws
C. Best Practices
D. Types of Audits
IV. Preparing for an Audit
A. 20 Questions to Ask your Auditor Before the Audit
B. Technical Environment
1. Data Center
a. Routers and Switches
b. Firewalls
c. Other IT Security
d. Servers
i. *nux
ii. Windows
iii. Other Operating Systems (AS400, Novell, Banyan, etc)
e. Server Roles
i. Database
ii. Application
iii. Email
iv. Proxy
v. Other Server Roles (dependent upon company)
2. Network
a. Wiring
b. Network Transport/TCPIP
i. DNS/WINS
ii. DHCP/IP Management
iii. Public IP Space
c. Routing Protocols (RIP, etc)
d. Wireless and Mobile devices and technologies
3. Software
a. Licensing issues
b. Interoperability
4. Desktops
a. Desktop Standards
C. Your Documentation
1. Your Company’s Documented Policies
2. Your Company’s Documented Standards
3. Standards and Policies – What’s the Difference?
4. Are you Following what you are Documenting?
D. Infrastructure
1. Organizational Charts
2. Audit Controls
E. Gap Analysis
1. What if you already know you aren’t compliant?
F. Interdepartmental Coordination
1. Coordinating with HR, Operations, and other departments for an audit
2. Why are other departments needed?
V. What to Expect During an Audit
A. Sarbanes Oxley
B. ISO17799
C. SAS70
D. Other types of IT Audits
E. What kinds of questions do they ask, and why do they ask them?
F. What kind of things do they look for?
G. What is typically the process of an audit?
VI. The Audit Report
A. How to Understand an Audit Report without an MIS degree
B. Fixing Noted Gaps
C. 10 Questions to ask the Auditor when the report is delivered
VII. Continuous Auditing
A. Why is it a best practice?
B. Your Built-in IT Monitoring Program
C. Do-it-yourself Audit Techniques
D. Building an effecting internal audit team
E. Using Continuous Auditing to Reach new Markets and Gain Competitive Advantage
F. How to choose and what to look for in an external IT auditor?
VIII. Question & Answer Segment
- o –
Seminar Contact Person:
Jessica P. Ogang
Program Officer
Center for Global Best Practices
905 Richville Corporate Tower
1107 Alabang Zapote Road, Madrigal Business Park
Muntinlupa City, Philippines
Telefax: (+63 2) 842-7148 or 59
Email: jessica@cgbp.org
Website: www.cgbp.org
Seminar Contact Person:
Jessica P. Ogang
Program Officer
Center for Global Best Practices
905 Richville Corporate Tower
1107 Alabang Zapote Road, Madrigal Business Park
Muntinlupa City, Philippines
Telefax: (+63 2) 842-7148 or 59
Email: jessica@cgbp.org
Website: www.cgbp.org
------------------------------------------------------------------------------------------------------------------------------------------------
SEMINAR FEE: P7,800 (Fee covers Meals, Resource Kit, Certificate of Attendance)
GET AS MUCH AS 15% DISCOUNT! AVAIL OF ANY OR ALL OF THE FOLLOWING:
• Less 5% for early registrants (on registrations made on or before March 24, 2009)
• Less 5% for early payment (if made on or before April 14, 2009)
• Less 5% for group registration (minimum of 3 participants)
REGISTER NOW to avail of Early Bird & Group DISCOUNTS
------------------------------------------------------------------------------------------------------------------------------------------------
GET AS MUCH AS 15% DISCOUNT! AVAIL OF ANY OR ALL OF THE FOLLOWING:
• Less 5% for early registrants (on registrations made on or before March 24, 2009)
• Less 5% for early payment (if made on or before April 14, 2009)
• Less 5% for group registration (minimum of 3 participants)
REGISTER NOW to avail of Early Bird & Group DISCOUNTS
------------------------------------------------------------------------------------------------------------------------------------------------