Super Early Bird Fee
Register and Pay
by 15 Mar ’19
Early Bird Fee
Register and Pay
by 12 Apr ’19
Regular Fee
Register and Pay
after 12 Apr ’19
Singapore-registered companies $1,599.65 (SGD) $1,813.65 (SGD) $2,027.65 (SGD)
Non Singapore-registered companies $1,495 (SGD) $1,695 (SGD) $1,895 (SGD)

Group Discount!
Enjoy 10% off when you register for 3 or more OR
For groups of 3, 4th comes for free

IMPORTANT NOTES
  1. Super Early Bird and Early Bird promotion: Discount will only be valid if payment is received by the stipulated date.
  2. Group Discount only applies to registrations from the same company registering at the same time, issued in a single invoice and of the same billing source.
  3. Only corporate registrations will be accepted.
  4. Bank charges & taxes are to be borne by registrants, if applicable.
  5. Full payment is mandatory upon registration for admission to the event.
  6. Walk-in delegates will only be admitted on the basis of space availability at the event and with immediate full payment.
  7. Fee includes lunch, refreshments and event documentation.
  8. The organiser reserves the right to make any amendments that it deems to be in the interest of the event without any notice.
  9. Information provided will be used for event administration and updates on upcoming events. For more details, please visit: http://www.conferences.com.sg/personal-data-protection-statement/

CANCELLATION & REPLACEMENT

A replacement is allowed if registered participants are unable to attend. For cancellations received in writing before 12 Apr 2019, a full refund will be given with a 10% administrative charge. For cancellations received in writing before 22 Apr 2019, a 50% refund will be given together with the event documentation. There will be no refunds for cancellations received after 22 Apr 2019 or “no show” participants. However participants will receive a copy of the event documentation.

Evaluate Technology Risks, Effectiveness of IT Controls

To keep pace with emerging technologies, Internal Auditors need to broaden their skillsets to identify critical IT risks and implement appropriate controls to mitigate them.

Do you know the latest standards and frameworks in IT auditing?
Can you define the audit scope and identify IT control lapses?
Can you understand the terminology in IT audit reports?

Adopt the Latest Methods & Approaches in IT Auditing

Join this 2-day practical workshop to acquire critical skills and processes to effectively perform IT audits. Examine how to apply IT audit frameworks to different scenarios and learn how to assess IT audit standards to meet organisational objectives. Find out how to define an IT audit scope and apply Computer Assisted-Audit Techniques (CAATs). Discover how to design effective IT general and automated controls and evaluate control deficiencies. Understand how to read IT audit reports and analyse the implications of emerging technologies to existing IT audit approaches.


Programme Highlights

IT and cybersecurity landscape

Key risks challenging IT and cybersecurity

Role of an IT auditor

IT audit skillsets needed in different nature of audits

IT audit framework

COBIT 5, NIST, ISO, COSO

IT audit standards and guidelines

Audit objectives, regulatory requirements

Co-sourcing, outsourcing, in-sourcing

Key considerations, pros and cons

IT audit approach, methodology and nature

Types of IT audit – do you see what an IT auditor sees?

IT general controls

4 key domains, methodology

IT application/automated controls

5 key classification, defining scope

IT audit reporting

What to look out for when you perform a review

Benefits of Attending

  • Understand what cybersecurity means and the difference between IT and cybersecurity
  • Gain insights into an IT auditor’s job scope and challenges facing internal audit and IT audit today
  • Hear case studies of real-life applications of the IT audit framework: COBIT 5, NIST, ISO, COSO
  • Determine the applicability of IT audit standards and guidelines based on audit objectives
  • Find out the key considerations when selecting an IT audit service provider
  • Analyse the 4 key domains of IT general controls and the methodology
  • Learn how to design effective IT general controls and evaluate IT general control deficiencies
  • Discover how to define scope to audit IT application/automated controls
  • Define the 5 key classification of IT application/automated controls
  • Examine what and how to write an IT audit report, how to grade and present it
  • Assess what to look out for in emerging technologies and how to be ready for evolving threats
 

Workshop Leader

Jenny Tan

Partner, Risk Assurance,

PwC

IA21-pwc

Jenny is a Technology Risk & Audit Partner with more than 18 years of experience in providing and managing assurance and consultancy services. Her expertise includes Business Continuity Management, Internal Audit & Risk Management, IT Audit & Advisory, Outsourcing Standards and Non-profit Organisation services. Prior to joining PwC, Jenny was leading the Technology Risk Management and Corporate Risk Advisory Practice of Singapore’s largest mid-tier professional organisation.

 

Jenny, whom is currently leading the IT Audit Support Practice and Business Resilience Practice of PwC Singapore, has led and managed numerous IT audit, internal audit, crisis management and business continuity management jobs. Her portfolio included regional work in the Asia Pacific region. Through her practical experience in leading complex global engagements, she brings an appreciation of the approach and dedication required to deliver a consistent, high quality global audit. Jenny is also a regular trainer on her risk assurance subjects to internal and external professionals. She is also currently the Chief Information Officer of PwC Singapore.

 

Jenny holds a Master of Accountancy, Master of Business Administration, Bachelor of Science in Business Computing (Hons), Graduate Diploma in eCommerce and Graduate Diploma in Information Technology Security.  She has several professional certifications and she has served on the Board of ISACA since 2015 and on the Advocacy Committee of IIA since 2017.

 

Past Delegate Testimonials

Clear explanation of ITGC and control standards

It is very informative. The aspects and topics were just great. I liked the case study analyses that got everyone in the class involved to share their knowledge.

Many real life cases to illustrate the methodology and approaches.

Lots of experience sharing by the instructor

IT audit technical skills and mindset. Workshop exercises solidified the concepts and methodology.

Speaker is very knowledgeable and able to address practical questions well and provide realistic advice.

Who Should Attend

Internal Auditors, Process Auditors, Compliance Executives, Risk Managers, Process Owners, Business Executives

 

Agenda

  • Session 1: An overview of IT, cyber security and emerging technologies landscape

    • The developments of IT and emerging technologies
    • Understanding what cyber security means
    • The differences between IT and cyber security
    • The key risks challenging IT, cyber security and emerging technologies
  • Session 2: Understanding the role of an IT auditor

    • IT auditor’s job scope
    • IT audit skillsets needed in different nature of audits e.g. financial audit, operational audit, compliance audit, third party audit, etc.
    • Challenges facing internal audit and IT audit
    • Differences between IT and Information Security auditor
  • Session 3: Introducing the IT audit framework

    • COBIT 5
    • NIST
    • ISO
    • COSO
  • Session 4: Understanding the applicability of IT audit standards and guidelines

    • Identification of audit objectives
    • Identification of regulatory requirements
    • Evaluating each common IT audit standards and guidelines to meet organisational and audit objectives
  • Session 5: Considerations for co-sourcing, outsourcing and in-sourcing

    • Understanding the pros and cons of the following models, including quality of work, existing competencies, audit responsibilities, costs, Board and Audit Committee’s expectations, etc:
      • Co-sourcing model
      • Outsourcing model
      • In-sourcing model
    • Key considerations when selecting an IT audit service provider
  • Session 6: IT audit approach, methodology and nature

    • Determination of audit approach and methodology
    • Types of IT audit
    • How to define an IT audit scope
    • Application of Computer Assisted-Audit Techniques (CAATs)
    • Appreciation of IT security and forensic
  • Session 7: Perception of IT general controls

    • Understanding the 4 key domains of IT general controls
    • Understanding the methodology
    • How to design effective IT general controls
    • How to evaluate IT general controls deficiencies, with focus on access controls review
  • Session 8: Exploring IT application/automated controls

    • Understanding the 5 key classification of IT application/automated controls
    • How to define scope to audit IT application/automated controls
    • Understanding the methodology
    • How to evaluate control deficiencies
  • Session 9: IT audit reporting

    • What and how to report
    • What to look out for when you perform a review
    • How to rate/grade an IT audit report
    • How to present an IT audit report