Information Systems Auditing
Objective: Focus to help students obtain knowledge or skills to maintain or enhance their competencies in Information Systems Audit & Control as dictated by Industry best practices.
Understanding IT Security and Controls concept/requirements


  1. Key elements in a successful Information Technology Audit.
  2. Improved understanding and knowledge in Information
  3. Technology key controls.
  4. Access control and the core elements in Logical Access control (Identification, Authorization and Authentication), Password Parameters etc.
  5. Auditing - Understanding and improving your knowledge of audit login events, importance of logging reviews and protection.
  6. Segregation of duties - Improving your knowledge by introducing industry best practices and key issues impacting the implementation of this control.
  7. Data integrity - Improving and understanding data integrity control elements such as field validation, error prompt, data transmission, range analysis, hash totals, sequencing etc.
  8. Change/Problem Management - Improving and understanding the process of tracking incidents/problem tickets to resolution. Service Level Agreement (SLA) and Change Management - severity level definition, root cause analysis, trend analysis etc.
  9. Remote Access: Improving your understanding and knowledge of key controls in remote access connectivity - RAS, VPN, Modem, Port protection etc.
  10. Project management - Improved understanding of the role of an IT Auditor in a Project Management engagement - as dictated by the COBIT (Control Objective for Information Technology) standard.
  11. Application and system enabled services vulnerabilities: FTP, FINGER, UDP, and TELNET etc.
  12. ETC
  13. Continuity of Business - Understanding and improving skills in COB review - COB Plan update, COB sites, Crisis Management Plan review etc.

Advance Practical Hands-on in Information Systems Audit Practice
(Every Student in this Class will develop a project for all the understated phases).


  1. Conduct a risk analysis to develop audit universe and audit program
  2. Ensure detail understanding of audit methodology
  3. Conduct an audit of OS (UNIX/Windows), Database, ERP application, IT Infrastructure, IT Security etc
  4. Data gathering for Audit Scoping
  5. Understand and practicalize the techniques of testing/observation/review and audit evidence validation
  6. Skills for writing an effective summary of findings report
  7. Develop skills for writing final audit report
  8. Exit Conference and the Final Audit report
  9. Understanding and improving your know of SOX 404
  10. Testing SOX 404 key controls
  11. Etc.


Software Testing


  • Software Testing Skills
    • Static Testing (Reviews, Walkthroughs and Inspections).
    • Effective and efficient Dynamic Testing.
    • Software Development Life Cycle.
    • Improving your skills in Test Management.
    • Developing an effective Test Plan and Test Cases.
    • Improving relationship with impacted area of testing.
  • Advance Practical Hands-on in Testing Tools
  • Test Management Process
       Planning Tests
       Creating New Test Folder
       Creating New Tests
       Add Test Design Steps
       Manual Test Scripts
       Requirements Coverage /Traceability Matrix
       Running Tests
       Creating New Test Sets
       Schedule Test Runs
       Run the Tests
       Update the Tests
       Analyzing/Tracking Test Results
       Tracking Defects
       Add Defects
       Add Version
       Add Reason
       Review Defects
       Repair Open Defects
       Analyze Defect Data
       Similar Defects

       Hands on SQL for functional Testers (SQL Advance).
       - SQL Order By
       - SQL AND & OR
       - SQL In
       - SQL Between
       - SQL Aliases
       - SQL Join
       - SQL Union
       - SQL Create
       - SQL Drop
       - SQL Alter
       - SQL Functions