IT AUDIT, ENTERPRISE IT GOVERNANCE & RISK MANAGEMENT

September 28-29, 2022, HOTEL TOWERS ROTANA DUBAI | UAE, 09:00 AM - 05:00 PM, DUBAI STANDARD TIME

Training Objectives

Learning Objectives

  • Highlight the strategic drivers for IT Governance, Audit and Risk.
  • Demonstrate the role of IT Governance, Audit & Risk in delivering value to the enterprise.
  • Highlight the impact of digital transformation initiatives on IT Governance, Audit & Risk Management functions in the enterprise.
  • Equip IT Audit and Risk Management professionals with the necessary knowledge and skills to add value to the enterprise in the face of tremendous change.
Register Now Download Brochure

Instructor of this course

Mr. Bernard Wanyama

CISA, CISM, CRISC, CGEIT
Founder & Managing Director of SYNTECH Associates Ltd
Instructor: Cyber Security, IT Audit, IT Risk Management
APMG Accredited Trainer for CISA & CISM Courses
Cyber Security Expert

More Detail

13.75 CPE Hours


Audit and risk management professionals are required to provide assurance over complex, inter-connected information systems and processes in a fluid, environment of change - be it compliance requirements, disruption or digital transformation. 

This course will provide the strategic approach and knowledge necessary for IT Audit and Risk Management Professionals to thrive and add value to their organizations as they deal with evolving risks and emerging technologies.

Participants who complete the course will get an opportunity to:

  • Frame the role of IT Governance, Audit and Risk Management in supporting enterprises and industries that are undergoing rapid change and digital transformation.
  • Understand IT audit and assurance standards, guidelines and frameworks.
  • Understand how to plan and perform a risk-based IT audit.
  • Understand IT Risk Management Principles.
  • Discuss audit and control issues in different IT architecture components such as networks, databases, web application and cloud systems.
  • Discuss audit and control issues around cyber security.
  • Discuss risk, audit and control issues around emerging technologies such as cloud computing, virtualization, robotic process automation, machine learning and artificial intelligence.
  • Understand how to cultivate an atmosphere of shared responsibility for risk management across the enterprise.
  • Review case studies of major cyber security breaches to learn lessons for audit and risk functions.
  • 13.75 CPE hours.

C-Level Executives:

  • Chief IT Auditors, Chief Risk Officers, Chief Audit Executives, etc.

Directors, Heads, Partners, Managers, Oficcers & coordinators of:

  • IT Audit
  • IT Risk
  • IT Security Audit
  • Audit
  • Risk
  • Cyber security & Information Security.
  • Privacy

 

  • Group discussions focused on real-world case studies
  • Online Quizzes
  • Individual assignments
  • Using brainstorming techniques, images, graphics and video clips for quality learning
  • Feedback discussion of the previous day activities

Course Fee $1,775/Participant

INDIVIDUAL
Book & pay on or before August 12, 2022 & get
10% early bird discount USD 1,598/participant

CORPORATE (GROUP DISCOUNT):
2+1 OFFER $3,550 for 3 participants
3+2 OFFER $5,325 for 5 participants

NOTE:

  • The conditions apply. The group has to be from same facility/organization.
  • In case of a group, each participant has to fill out the registration form separately. However, payment can be made by one person for all.

IT AUDIT, ENTERPRISE IT GOVERNANCE & RISK MANAGEMENT - Course Schedule

Day 1 - Wednesday 28 September, 2022
Opening Session (08:30 AM To 09:00 AM)

Introduction and Kick-off

Session One (09:00 AM To 11:00 AM)

IT Governance

  • Understand IT Governance
  • How Digital Transformation is Impacting Governance
  • Understand audit’s role in supporting IT Governance
  • Develop and analyze a risk management program
  • Identify Information Security roles and responsibilities
  • IT Governance Frameworks: the case of COBIT 2019
  • IT Resource Planning & Optimization
  • IT Benefits Realization
Quiz (11:00 AM – 11:10 AM)
Morning Break and Networking
Session Two (11:25 AM – 01:25 PM )

IT Audit and Assurance Standards

  • IT Audit Framework
  • External Standards & Frameworks
  • Privacy & Regulatory Compliance

IT Systems Development Life Cycle

  • Identify and determine controls around a project management plan
  • Understand traditional and modern SDLC approaches to business application development
  • DevOps and DevSecOps
  • Continuous Development & Continuous Integration (CI/CD)
  • Understand key risks and controls relevant to application development
Quiz (01:25 PM – 01:30 PM)
Lunch Break & Networking
Session Three ( 02:30 PM – 04:30 PM)

IT General Controls: Logical Security

  • Identity and Access Management
  • User Behaviour Analytics
  • Privileged Account Management
  • Multi Factor Authentication

IT General Controls: Resiliency

  • Business Continuity Planning (BCP)
  • Disaster Recovery (DR)
  • End of Day Group Interactive Discussion
  • Take Home Excercise
Quiz (04:30 PM – 04:45 PM)
CLOSING REMARK
Day 2 - Thursday 29 September, 2022
Session One (09:00 AM – 11:00 AM)

IT Risk Management

  • Overview of Enterprise Risk Management
  • Principles of IT Risk Management
  • Frameworks & Standards
  • Develop and analyze a risk management program
  • Responsibilities and Accountability for IT Risk

IT Risk Identification

  • Collect event data, monitor risk and report exposures and opportunities
  • Understand organizational risks and how to mitigate them to provide assurance

IT Risk Assessment

  • Develop a risk assessment process and related mitigation strategies
  • Develop an audit or internal assessment plan

Risk Response and Mitigation

  • Risk Response Strategies
  • A consultative approach to developing effective risk response
  • Selection of appropriate, effective controls
Quiz (11:00 AM – 11:10 AM)
Morning Break and Networking
Session Two (11:25 AM – 01:25 PM)

“Planning and Executing a Risk - based IT General Controls Review” for a typical enterprise.
The following tasks will be carried out:

  • Perform a Risk Assessment
  • Determining the Audit Scope
  • Testing IT General Controls

Cloud & Virtualized Infrastructure Walkthrough

  • Amazon: AWS
  • Google: GCP
  • Controls: Governance & IAM
  • AWS Cloud Audit Certification
Quiz (01:25 PM – 01:30 PM)
Lunch Break & Networking
Session Three (02:30 PM – 04:30 PM)

Continuation of “Planning and Executing a Risk‐based IT General Controls Review”
The following tasks will be carried out:

  • Testing cybersecurity controls on a sample web application and Active Directory using technical tools such as Nmap, Metasploit and Mimikatz
  • Documenting findings

API – Walkthrough against the OWASP API Security Top 10

Quiz (4:30 PM – 04:45 PM)
CLOSING REMARKS AND CERTIFICATE DISTRIBUTION
Course Program
Time Topic
Day 1
08:30 to 09:00Introduction and Kick-off
Day 1-2
09:00 to 11:00 Session One
11:00 to 11:10 Quiz
11:10 to 11:25 Morning Break and Networking
11:25 to 13:25 Session Two
13:25 to 13:30Quiz
13:30 to 14:30 Lunch Break & Networking
14:30 to 16:30 Session Three
16:30 to 16:45Quiz
16:45 to 17:00 CLOSING REMARKS