The workshop provided an overview on the IT concepts/frameworks and practical tips on areas to look out for during an IT audit
Can your IT Controls and Audit Practices Combat Today’s Technological Threats?
Information systems increasingly underpin an organisation’s day-to-day processes. Particularly in recent times where telecommuting has become the new norm and modified work processes are introduced. However, today’s threat landscape is constantly evolving, exposing businesses to risks ranging from hacking, viruses, network failures to unverified third-party applications. Keeping pace and adapting your audit priorities is more challenging than ever.
Are you able to define the scope for IT Auditing adequately?
Are you applying the latest IT Audit standards and frameworks?
Do you know how to design effective IT Controls?
Strengthen IT Controls and Adopt the Latest IT Auditing Best Practices
Join us for this 3-day comprehensive live webinar to understand how to effectively perform an IT Audit. Be equipped with basic technical knowledge to understand and apply various IT Audit frameworks such as ISO and COBIT 5. Understand how to design and evaluate IT General and Application Controls. Shed light on emerging technologies, evolving threats and how various stakeholders can be managed in today’s rapidly changing environment.
Benefits of Attending
- Understand the differences between IT and Cybersecurity and the key risks challenging them
- Be introduced to various IT Audit Frameworks including COBIT 5, NIST, ISO and COSO
- Identify key audit objectives using IT Audit standards and how best to apply them
- Examine regulatory developments and discover what your organization needs to comply with
- Learn how to define an IT Audit scope and determining an audit approach and methodology
- Discover how to apply Computer Assisted-Audit Techniques (CAATs) in your approach
- Explore the four key domains of IT general controls and effective IT general control designing
- Uncover methodologies and how control deficiencies can be identified and evaluated
- Takeaway best practices when evaluating guidelines to meet organizational objectives
- Delve into emerging technologies and understand their implications, risks and how to be ready
Live Webinar Format
|4 hours of interactive & insightful
LIVE webinar on Day 1 & 2
|1-hour intimate group consultation
with workshop leader on Day 3
| Receive full workshop materials
Jenny is currently leading a global internal audit team with a global real estate MNC. Her mandates include delivering quality audit and advocating a transformational audit practice within the group. Prior to her current role, Jenny was the former PwC Risk Assurance Partner where she was leading the IT Audit & Advisory and Business Resilience Practices. She was also PwC Singapore’s Chief Information Officer and Data Protection Officer.
Prior to PwC, Jenny had accumulated her years of experience with OCBC, AXA, Prudential and large mid-tier professional firm.
Jenny’s experience includes both professional and commercial industries where she has managed and delivered numerous projects relating to technology audit, risk management, internal audit, governance review, management reporting, process improvements, crisis management, business continuity management and many others. Her strengths in winning over numerous clients and delivering successful projects are that she is practical in her approach and recommendations, with holistic as well as operational inputs. Due to her hybrid industry background and experiences, Jenny has always been able to straddle between business and technology spaces with ease. She has always been able to apply her knowledge in all her projects adequately.
Jenny graduated with a Business Computing honours degree, a MBA, a Master in Professional Accounting and several Specialist Diplomas in Information Technology & Security. She has several professional certifications relating to IT audit, IT governance, crisis management, business continuity management and data privacy. Jenny currently sits on the board of ISACA SG Chapter and she’s a member of SATA CommHealth Digital Committee.
Past Delegate Testimonials
I benefited from Jenny’s depth of knowledge and she delivered the materials in very layman terms for easy understanding
She shared examples she encountered and how auditors or IT staff reacted in such occasions. This helps us to understand how we could apply what we have learnt
Who Should Attend
Senior level executives responsible for Internal Audit, IT, IT Infrastructure and Information Security.
Log-in Time: 8.50am*
Day 1 & 2: 9.00am – 1.00pm* (There will be short breaks allocated at appropriate intervals.)
Day 3: Intimate group consultation between 9.00am – 1.00pm*
*Time stated in local Singapore time.
Day 1 & 2
Session 1: An overview of IT and Cybersecurity Landscape
- The developments of IT
- Understanding what Cybersecurity means
- The differences between IT and Cybersecurity
- The key risks challenging IT and Cybersecurity
- Understanding the role of an IT Auditor
Session 2: Introducing the IT Audit Framework
- COBIT 5
Session 3: Understanding the applicability of IT Audit Standards and Guidelines
- Identification of audit objectives
- Identification of regulatory requirements
- Evaluating each common IT Audit standards and guidelines to meet organizational and audit objectives
Session 4: IT Audit Approach, Methodology and Nature
- Determination of audit approach and methodology
- Types of IT Audit – do you see what an IT Auditor sees?
- How to define an IT Audit scope
- Application of Computer Assisted-Audit Techniques (CAATs)
- Appreciation of IT security & forensic
Session 5: Understanding of IT General Controls
- Understanding the 4 key domains of IT general controls
- Understanding the methodology
- How to design effective IT general controls
- How to evaluate IT general controls deficiencies
Session 6: Exploring IT Application/Automated Controls
- Understanding the 5 key classification of IT application/automated controls
- How to define scope to audit IT application/automated controls
- Understanding the methodology
- How to evaluate control deficiencies
Session 7: Addressing Emerging Technology Risks and Controls
- What to look out for
- Implications to existing IT Audit approach and consideration
- What are the risks facing the profession
- Can tools alone help to mitigate such risks?
- How to be ready
Session 8: Managing Stakeholders in this Fast Pace Risk Environment
Intimate Group Consultation Session
There will be a 1-hour intimate group consultation with the workshop leader, Jenny Tan, on Day 3. This in-depth and interactive consultation session will provide delegates the opportunity to ask questions from the content covered in the preceding days or focus on specific IT Audit questions/challenges from their own organization. More details will be given nearer to the date.