Professional Course

Fundamentals of IT Auditing

The Institute of Internal Auditors, Inc., In Dallas (+9 locations)
2 days
Next course start
Inquire for More Information See details
2 days
Next course start
Inquire for More Information See details

Course description

IIA- Financial Auditing for Internal Auditors

Fundamentals of IT Auditing-  Develop Knowledge to Streamline Internal Audits 

This Fundamentals of IT Auditing course from The Institute of Internal Auditors (IIA), the leader and recognized authority of the internal auditing profession, emphasizes practical application of concepts through exercises and case studies to develop knowledge of basic IT audit concepts. 

This course is ideal for those looking to facilitate integrated audit efforts within their organization and provide attendees the opportunity to perform an audit of IT applications as well as assess IT risk with the evaluation of IT general controls, and perform a risk assessment and evaluation of controls over end user computer applications. 

Do you work at this company and want to update this page?

Is there out-of-date information about your company or courses published here? Fill out this form to get in touch with us.

Upcoming start dates

1 start date available

Inquire for More Information

  • On-site
  • United States of America

Who should attend?

This IIA Fundamentals of IT Auditing course has no prerequisites and requires no advance preparation. 

Training content

The outline for this course includes:

Overview of IT Auditing, Concepts and Controls: Why IT Auditing and What Is It?

  • Why IT auditing?
  • What is IT auditing?
  • What are the benefits of an IT audit?
  • What is the role of an IT auditor?
  • Growth of the IT auditor, including background
  • Common IT audit certifications
  • IIA standards related to an IT audit
  • Key components of IT
  • How COSO and GAIT relate to IT audit
  • Guide to the Assessment of IT Risk (GAIT)
  • Major U.S. laws that impact IT audit
  • IT general and application controls
  • End-user computing
  • IT governance

Case Study

General Control: Logical Security

  • General security concepts
  • Access management concepts
  • Access management principles
  • Common access management controls
  • Password configuration and authentication

General Control: Business Continuity Planning (BCP), Disaster Recovery (DR), and Backup Processing

  • Business Continuity Management (BCM)
  • Disaster Recovery (DR)
  • Backup processing
  • BCM Implementation Requirements
  • Recovery solutions

Application Controls

  • Application control concepts
  • Input controls
  • Processing controls
  • Output controls
  • Interface controls
  • Audit trails
  • Application security

General Control: Change and Patch Management

  • What is change and patch management?
  • Why do change and patch management?
  • What are the types of changes?
  • Elements of a typical change process
  • Types of risks and controls
  • Indicators and recognizable symptoms of poor change management practices
  • Change management success measures
  • Variations in change management processes

Cloud Computing and Service Organization Control (SOC) Reports

  • Cloud computing
  • SOC reports

General Control: System Development Lifecycle (SDLC)

  • Aspects of the SDLC
  • SDLC phases
  • Impacts of project failures
  • Pre and post implementation reviews

End User Computing

  • User Developed Applications (UDAs)
  • Benefits, risks, and controls of UDAs
  • Auditor’s approach to UDAs


In order to ensure that you receive pricing best suited to your situation, please refer to IIA's website as well as to find out more about IIA's on-site training opportunities. 

Certification / Credits

Certified Internal Auditors (CIAs) completing this course are eligible to receive 16 ​Continuing Professional Education (CPE) hours. 

The Institute of Internal Auditors, Inc.

The Institute of Internal Auditors- Training from the Auditing Industry's Leading Authority 

The Institute of Internal Auditors (IIA) is the global voice and leading educator for the internal auditing profession, providing innovative internal audit training as well as engaging, facilitated learning opportunities for its members and customers. IIA auditing courses help you add value...

Read more and show all training delivered by this supplier