Early Bird Fee
Register and Pay
by 30 Apr ’20
Regular Fee
Register and Pay
after 30 Apr ’20
Non Singapore-registered companies $1,695 (SGD) $1,895 (SGD)
Singapore-registered companies
(fees include 7% GST)
$1,813.65 (SGD) $2,027.65 (SGD)


Group Discount!
Enjoy 10% off when you register for 3 or more OR
For groups of 3, 4th comes for free

  1. Early Bird promotion: Discount will only be valid if payment is received by the stipulated date.
  2. Group discount only applies to registrations from the same company, attending the same event in the same country location. Delegates must register at the same time and be of the same billing source. Only a single invoice will be issued.
  3. Only corporate registrations will be accepted.
  4. Bank charges & taxes are to be borne by registrants, if applicable.
  5. Full payment is mandatory upon registration for admission to the event.
  6. Walk-in delegates will only be admitted on the basis of space availability at the event and with immediate full payment.
  7. Fee includes lunch, refreshments and event documentation.
  8. The organiser reserves the right to make any amendments that it deems to be in the interest of the event without any notice.
  9. Information provided will be used for event administration and updates on upcoming events. For more details, please visit: http://www.conferences.com.sg/personal-data-protection-statement/


A replacement is allowed if registered participants are unable to attend. For cancellations received in writing before 30 Apr 2020, a full refund will be given with a 10% administrative charge. For cancellations received in writing before 18 May 2020, a 50% refund will be given together with the event documentation. There will be no refunds for cancellations received after 18 May 2020 or “no show” participants. However participants will receive a copy of the event documentation.

In the event of a cancellation, a refund will be made via the original mode of payment and based on the original amount we received. Refund is made based on the prevailing exchange rate and Pacific Conferences shall not be responsible for any foreign exchange currency losses.

Also happening in Hong Kong: 4 – 5 June 2020

Can your IT Controls and Audit Practices Combat Today’s Technological Threats?

Information systems increasingly underpin an organisation’s day-to-day processes. However, today’s threat landscape is constantly evolving, exposing businesses to risks ranging from hacking, viruses to network failures.

Are you able to define the scope for IT Auditing adequately?
Are you applying the latest IT Audit standards and frameworks?
Do you know how to design effective IT Controls? 

Strengthen IT Controls and Adopt the Latest IT Auditing Best Practices

Join us for this 2-day comprehensive workshop to understand how to effectively perform an IT Audit. Be equipped with basic IT knowledge to understand and apply various IT Audit frameworks such as ISO and COBIT 5. Understand how to design and evaluate IT General and Application Controls. Takeaway key considerations when working on Co-Sourcing, In-sourcing or Outsourcing models. Discover important components of IT Audit reporting and performing reviews. Shed light on emerging technologies and evolving threats.

Benefits of Attending

  • Understand the differences between IT and Cybersecurity and the key risks challenging them
  • Be introduced to various IT Audit Frameworks including COBIT 5, NIST, ISO and COSO
  • Identify key audit objectives and regulatory requirements using IT Audit standards
  • Examine co-sourcing, outsourcing and in-sourcing models and understand their pros and cons
  • Learn how to define an IT Audit scope and determining an audit approach and methodology
  • Discover how to apply Computer Assisted-Audit Techniques (CAATs) in your approach
  • Explore the four key domains of IT general controls and effective IT general control designing
  • Uncover frequently neglected audit areas such as system reports and physical security
  • Takeaway key reporting skills including how to grade reports and how to present them
  • Delve into emerging technologies and understand their implications, risks and how to be ready

Workshop Leader

Jenny Tan

Former PwC Partner, Risk Assurance

Jenny is currently leading a global internal audit team with a global real estate MNC. Her mandates include delivering quality audit and advocating a transformational audit practice within the group. Prior to her current role, Jenny was the former PwC Risk Assurance Partner where she was leading the IT Audit & Advisory and Business Resilience Practices. She was also PwC Singapore’s Chief Information Officer and Data Protection Officer.


Prior to PwC, Jenny had accumulated her years of experience with OCBC, AXA, Prudential and large mid-tier professional firm.


Jenny’s experience includes both professional and commercial industries where she has managed and delivered numerous projects relating to technology audit, risk management, internal audit, governance review, management reporting, process improvements, crisis management, business continuity management and many others. Her strengths in winning over numerous clients and delivering successful projects are that she is practical in her approach and recommendations, with holistic as well as operational inputs. Due to her hybrid industry background and experiences, Jenny has always been able to straddle between business and technology spaces with ease. She has always been able to apply her knowledge in all her projects adequately.


Jenny graduated with a Business Computing honours degree, a MBA, a Master in Professional Accounting and several Specialist Diplomas in Information Technology & Security. She has several professional certifications relating to IT audit, IT governance, crisis management, business continuity management and data privacy. Jenny currently sits on the board of ISACA SG Chapter and she’s a member of SATA CommHealth Digital Committee.

Past Delegate Testimonials

The workshop provided an overview on the IT concepts/frameworks and practical tips on areas to look out for during an IT audit

I benefited from Jenny’s depth of knowledge and she delivered the materials in very layman terms for easy understanding

She shared examples she encountered and how auditors or IT staff reacted in such occasions. This helps us to understand how we could apply what we have learnt

Who Should Attend

Senior level executives responsible for Internal Audit, IT, IT Infrastructure and Information Security.



  • Registration: 8.30am • Workshop: 9.00am – 5.00pm
    Morning, afternoon refreshments & lunch will be served at appropriate intervals.

  • Session 1: An overview of IT and Cybersecurity Landscape

    • The developments of IT
    • Understanding what Cybersecurity means
    • The differences between IT and Cybersecurity
    • The key risks challenging IT and Cybersecurity
    • Understanding the role of an IT Auditor
  • Session 2: Introducing the IT Audit Framework

    • COBIT 5
    • NIST
    • ISO
    • COSO
  • Session 3: Understanding the applicability of IT Audit Standards and Guidelines

    • Identification of audit objectives
    • Identification of regulatory requirements
    • Evaluating each common IT Audit standards and guidelines to meet organizational and audit objectives
  • Session 4: Considerations for Co-Sourcing, Outsourcing and In-Sourcing

    • Understanding the pros and cons of the following models, including quality of work, existing competencies, audit responsibilities, costs, Board and Audit Committee’s expectations, etc:
      • Co-sourcing Model
      • Outsourcing Model
      • In-sourcing Model
    • Key considerations when selecting an IT Audit service provider
  • Session 5: IT Audit Approach, Methodology and Nature

    • Determination of audit approach and methodology
    • Types of IT Audit – do you see what an IT Auditor sees?
    • How to define an IT Audit scope
    • Application of Computer Assisted-Audit Techniques (CAATs)
    • Appreciation of IT security & forensic
  • Session 6: Understanding of IT General Controls

    • Understanding the 4 key domains of IT general controls
    • Understanding the methodology
    • How to design effective IT general controls
    • How to evaluate IT general controls deficiencies
  • Session 7: Exploring IT Application/Automated Controls

    • Understanding the 5 key classification of IT application/automated controls
    • How to define scope to audit IT application/automated controls
    • Understanding the methodology
    • How to evaluate control deficiencies
  • Session 8: Often neglected IT Audit areas

    • System reports
    • Physical security related
    • Ticketing system
  • Session 9: IT Audit Reporting

    • What and how to report
    • What to look out for when you perform a review
    • How to rate/grade an IT Audit report
    • How to present an IT Audit report
  • Session 10: Emerging Technology and evolving threats

    • What to look out for
    • Implications to existing IT Audit approach and consideration
    • What are the risks facing the profession
    • Can tools alone help to mitigate such risks?
    • How to be ready