TRAINING AUDIT TEKNOLOGI INFORMASI: PRAKTEK AUDIT
PELATIHAN INFORMATION TECHNOLOGY AUDIT: IT-AUDIT PRACTICE
The IT Audit course is designed to provide practical view in conducting IT audit and assurance in one organization. The course is designed to support professional staffs to expand their understanding of information technology (IT) audit.
The course presents a more in-depth view on the fundamentals of IT auditing by highlighting on topics such as: IT audit and control analysis, examination of control evidence in conducting IT audit, application control, and management of IT audit. The course will include discussion and exercises related to general control examinations and application system auditing. The course will also focus on control research and analysis for IT-related topic areas. In addition, through discussion and exercises, students will gain a working understanding of the process of developing audit work programs.
Participants will be expected to gain a working understanding of how to identify, reference and implement IT management and control policies, standards and related auditing standards. Regarding the latter, the objective is to learn how to identify and interpret the requirements of the standards and. implement the standards in auditing process.
Each class session will include discussion on an IT audit management, security, control or audit issues that participants should be familiar with.
At the completion of this course, the participants should be able to :
• Participants shall obtain an expanded understanding the role of IT auditors in evaluating IT-related operational and control risk and in assessing the appropriateness and adequacy of management control practices and IT-related controls inside participants’ organization
• Participants shall obtain the capability in conducting IT audit and implement techniques in performing assurance, attestation, and audit engagements
• Participants shall obtain an expanded familiarity with the principle references in IT governance, control and security as related to IT audit
• Participants shall obtain the working ability to plan, conduct, and report on information technology audits
• Participants shall obtain an understanding of the role of IT auditors regarding IT-related compliance and regulatory audits, such as evaluating control standards?
(1)-Introduction to Information Technology Audit :
The class session will focus on IT audit concepts and processes, which includes: review of some of the key fundamentals of IT auditing, including general auditing standards, risk-based auditing, pre-audit objectives, determining scope and audit objectives, and the process of performing an IT audit.
The class session will include discussion on IT performance, controls, control self-assessment, risk analysis, and the objectives of the IT audit or assurance report.
(2)-Conducting Information Technology Audit
The class session shall describe on practical methodology in conducting the effective and efficient IT audit, expand upon the need for appropriate controls and assurance processes for business and IT environment. The participants will be geared toward gaining a working understanding of the content and value of the management guidelines and assurance methodology. Discussion will focus on the importance of measurement in achieving organizational and IT objectives.
The session will also focus on the business and IT environments subject to operational and control assessments (audit).
The session will provide an overview of the control model such as: internal control, control analysis methodology from the Closing the Loop Framework, identification of business processes, considerations regarding materiality, and the assessment of IT value by which all these tools will be used assessing the appropriateness of IT processes.
The class session will also expand upon the audit process by providing methodology for developing audit strategies and developing audit work programs with reference to best practices (CobiT, BS 17799,etc). In this regard, the participant will cover organizational structure, accountability, role of the IT steering committee and oversight functions, and method for ensuring that appropriate policies and procedures are in place.
The class session will expand upon the requirements for application system audits, use of audit software, and IT service delivery. From an audit perspective, the objective is to provide assurance that application systems have integrity, and that IT service management practices will ensure the delivery of the level of services required to meet the business organization’s objectives.
Topic areas will include such as: types of application systems, application control assessment, evaluating IT service agreements, problem management, help desk functions, and network standards.
(5)- Evidence Collection and Evaluation
The class session will expand the methods in conducting the evidence collection, evaluation and reporting which cover the observed processes, documentary audit and analysis of evidence using appropriate tools such as: sampling, CAAT, and etc. The participants will be driven towards having the capability in conducting effective evidence collection and evaluation which are essential
(6)- Managing the IT Audit Function
The class session will focus on management issues regarding how to manage IT audit and assurance functions. The class material will include developing and assessing staff knowledge and skills, competency measurement, assignment of staff, documentation and continuing education requirements. Discussion will be on best approaches for involvement in professional organizations, obtaining certifications, and professional development.
The class will also focus on the key issues surrounding audit and assurance engagements, such as establishing auditee/auditor protocols, oral and written communication requirements, engagement administration, and follow-up requirements.
Pelatihan ini menggunakan metode interaktif, dimana peserta dikenalkan kepada konsep, diberikan contoh aplikasinya, berlatih menggunakan konsep, mendiskusikan proses dan hasil latihan.
Dynamic and interactive training presentation.
WHO SHOULD ATTEND
IT Operation Staffs
Fauzi Hasan, DR, Ir. MM, MBA, PMP, CISA, CISSP, SSCP, CISM, CMPP, CSCP, CGeIT, APICS, ITIL, CEP-PM, APICS,
Having vast experience in the project management area with areas of exposure such as: banking IT & Telco, manufacturing, Oil and Gas industries, enhanced with application of business process improvement procedure in line with CMMI methodology; while also delivering consultancy in IT strategy and audit, and supplemented with direct involvement in the setting up of BCP and DRP complementing the establishment of DRC for local Indonesian banks and government institutions.
Business development and sales executive experienced in direct operational involvement in the information technology and telecommunication services. Major focus in satellite-VSAT/DMV/ ISBN and wireless OFDM, CDMA and embryonic form of 3G services, while having vast experiences for combined Telco solutions with diversified media and technology platforms applied in diversified Industry.
Strong exposure and with hands on knowledge of business process re-engineering and information technology implementation specializes in Enterprise Resource Planning cushioned with telecommunication network. During the exposures has presented deliverables such as:
• Project management for Bank, telecommunication industry, Oil &Gas
• CMMI application and Information system audit implementation
• Set up Telco services business for Oil and Gas
• Set up project management services and IT application services business in the Oil and Gas Industry sector
• Set up and expand the VSAT DMV services to major Oil industry
• Set up TETRA radio telecommunication business (NOKIA) in Indonesia, especially with Police dept and the TNI, and other government agencies
• Developed a strategy to implement IT application especially the ERP supporting the business processes in the area of logistics and supply chain management
• Initiated and developed a strategic alliance with a global computer company to design and market GIS system products
• Manage strategic corporate accounts at government institutions and major private organizations on hardware, software and telecommunication services
• Implement eTOM deployment in Saudi Telcom (STC), extensive exposure in process decomposition, and conducted BPAM and ITIL training to STC staffs
• Lecturer in IT governance and certified project management professional and in IT security, also supply chain management
• Develop and introduce the Integrated Logistics Services or Third Party Logistics to the Indonesian industrial community (Singapore Technology Logistics)
• Ran organization as a business within a business based on a custom driven philosophy, by introducing new concepts, programs and direction to increase productivity and efficiencies.
• Proven marketing and sales ability in closing management services different countries
• Negotiated and dealt with executives of multinational on various aspects of business ventures.
• Develop the Disaster Recovery Services business plan and execute with local and regional partners (SingTel)
• Develop and implement strategy for the implementation of SISKOMDAGRI project-telecommunication networking of the Minister of Internal Affairs
• Set up implement strategy for Telecommunication services business (Telco)
• Set up Intelligent Video Network/ IVN business with Scopus International in Indonesia
Strong strategic thinker, planner, and problem solver with leadership quality for achieving bottom-line goals, including managing multi-disciplinary, cross-cultural teams toward a common purpose.
Conceived and marketed a new trend and concept of Third Party Logistics facilitate clients with outsourcing the logistics and supply chain activities in the direction of generating efficiency and productivity as related to Oil and Gas industry. Developed and implemented programs for corporate accounts and the channels for the hardware and application systems as catalyst to the business acceleration and achievement at Hewlett-Packard.
Jadwal Pelatihan Berdiklat.com :
- 2 sd 4 Januari 2018
- 13 sd 15 Februari 2018
- 27 sd 29 Maret 2018
- 17 sd 19 April 2018
- 7 sd 9 Mei 2018
- 29 Mei sd 1 Juni 2018
- 12 sd 14 Juni 2018
- 17 sd 19 Juli 2018
- 14 sd 16 Agustus 2018
- 12 sd 14 September 2018
- 16 sd 18 Oktober 2018
- 21 sd 23 November 2018
- 4 sd 6 Desember 2018
- 26 sd 28 Desember 2018
Catatan : Jadwal tersebut dapat disesuaikan dengan kebutuhan calon peserta
Invetasi dan Lokasi Pelatihan Berdiklat.com :
- Yogyakarta, Hotel Dafam Malioboro, Hotel Cavinton (6.500.000 IDR / participant)
- Jakarta, Hotel Amaris Tendean (6.500.000 IDR / participant)
- Bandung, Hotel Golden Flower (6.500.000 IDR / participant)
- Bali, Hotel Ibis Kuta (7.500.000 IDR / participant)
- Surabaya, Hotel Amaris, Ibis Style (6.000.000 IDR / participant)
- Lombok, Hotel Jayakarta (7.500.000 IDR / participant)
Catatan : Apabila perusahaan membutuhkan paket in house training, anggaran investasi pelatihan dapat menyesuaikan dengan anggaran perusahaan.
Fasilitas Training di Berdiklat.com :
- FREE Airport pickup service (Gratis Antar jemput Hotel/Bandara/Stasiun/Terminal)
- FREE Akomodasi Peserta ke tempat pelatihan .
- Module / Handout
- FREE Flashdisk
- FREE Bag or bagpackers (Tas Training)
- Training Kit (Dokumentasi photo, Blocknote, ATK, etc)
- 2xCoffe Break & 1 Lunch, Dinner
- FREE Souvenir Exclusive
- Training room full AC and Multimedia
Ikuti Kami :