Learn how to carry out IT Audits that are effective and add value!

August 12-13, 2024, 09:00 AM – 04:00 PM HOTEL AL BANDAR ROTANA, DUBAI, UAE

Training Objectives

  • Understand the key principles of IT governance and strategy and their integration with risk-based IT auditing.
  • Understand the fundamentals of risk-based IT auditing and its importance to enterprise risk management.
  • Develop practical skills in identifying and assessing IT risks and applying risk assessment methodologies effectively.
  • Gain insights into developing robust IT audit plans aligned with organizational goals and regulatory requirements.
  • Learn how to evaluate and audit IT general controls, application-specific controls, cybersecurity, and emerging technologies.
  • Develop proficiency in auditing third-party vendors and assessing their impact on IT security and controls.
  • Learn effective techniques for reporting and communicating audit findings in a way that adds value to the client organization.
Register Now Download Brochure

Instructor of this course

Bernard Wanyama

Founder & Managing Director of SYNTECH Associates Ltd
Instructor: Cyber Security, IT Audit, IT Risk Management
APMG Accredited Trainer for CISA & CISM Courses
Cyber Security Expert

More Detail


The practical risk-based IT auditing Master Class is a comprehensive 2-day in-person training workshop designed to equip participants with the knowledge and skills necessary to conduct effective risk-based IT audits.

This workshop focuses on practical techniques, methodologies, and best practices for auditing IT controls, with a specific emphasis on governance, emerging technologies, such as cloud computing and APIs.

Through a combination of interactive sessions, hands-on exercises, and real-world case studies, participants will gain valuable insights into the complexities of risk-based IT auditing in the enterprise environments where technology drives performance.

  • Develop knowledge of IT governance and strategy and its alignment with risk-based auditing practices.
  • Gain practical insights and techniques for conducting risk-based IT audits in enterprise environments.
  • Enhance understanding of emerging technologies and their associated risks, enabling more effective audits.
  • Acquire skills in evaluating and auditing IT general controls, application specific controls, and cloud-based systems.
  • Learn to leverage automation for IT auditing purposes, improving efficiency and accuracy.
  • Enhance abilities to assess third-party vendors and their impact on IT security and controls.
  • Obtain a comprehensive understanding of reporting audit findings and communicating recommendations effectively.

C-Level Executives
Directors, Heads, Partners, Managers, Officers & coordinators of:

  • IT Audit
  • IT Risk
  • IT Security Audit
  • Audit
  • Risk
  • Cybersecurity & Information Security.
  • Privacy
  • Practical workshop approach using a case study and IT audit tools to generate data for risk assessment and report writing.
  • Intense training by an expert who currently practices
  • Online quizzes
  • Group discussions, networking, and interaction
  • Using brainstorming techniques, images, and graphics for quality learning
  • Feedback discussion of the previous session activities
  • Course material - presentations, software toolkits and templates
  • Certificate of Achievement

Course Fee $1800/Participant

25% Early Bird Discount $1,350 till Jun 14, 2024
15% Early Bird Discount $1,530 till Jul 12, 2024

2+1 Offer  $3,600 for 3 Participants
3+2 Offer $5,400 for 5 Participants


Day 1 - Monday 12 August, 2024
Registration, Kick-off & Introduction
Session One

Enterprise IT Governance

  • Understanding IT Governance
  • How Digital Transformation is Impacting Governance
  • Understand audit’s role in supporting IT Governance
  • Develop and analyze a risk management program
  • Identify Information Security roles and responsibilities
Coffee/Tea Break and Quiz
Session Two

IT Audit

  • IT Audit Framework
  • External Standards & Frameworks
  • IT Risk Management Approach
  • Privacy & Regulatory Compliance
Lunch Break
Session Three

Technology for IT Auditors

  • Digital Business Models
  • Understand traditional and modern SDLC approaches to business application development
  • DevOps and DevSecOps
  • Continuous Development & Continuous Integration (CI/CD)
  • Understand key risks and controls relevant to application development

End of the day!

Day 2 - Tuesday 13 August, 2024
Review of previous day learning sessions and data analytics discussed
Session One

Auditing IT General Controls

  • Logical Security
  • Identity and Access Management
  • User Behavior Analytics
  • Privileged Account Management

Based on Case Study

Coffee/Tea Break and Quiz
Session Two

Practical Audit Exercise

  • Cloud Infrastructure
  • Active Directory
  • Web Application & SQL Database

Based on Case Study

Lunch Break
Session Three

Report Writing & Presentation

  • Elements of an Effective Audit Report
  • Audit Report Structure
  • Developing Effective Recommendations
  • Communicating Audit Results
  • Q & A
  • Presentation of Certificates
  • Networking
Course Program
Time Topic
Day 1
08:45 to 09:00Registration & Introduction
Day 1-2
09:00 to 11:00Session One
11:00 to 11:30Coffee/Tea Break and Quiz
11:30 to 13:00Session Two
13:00 to 14:00Lunch Break
14:00 to 16:00Session Three