IT: Risks and Controls in Traditional and Emerging Environments (111126A-12)
Description
Accounting transactions and other types of processing are conducted in a
variety of IT environments. These IT environments could be traditional,
such as Local Area Networks, and/or emerging, such as cloud and mobile
computing. There are internal controls and risks that are common to all
IT environments in both large and small entities. There are also IT
internal controls and risks that are unique to less complex, more
complex, traditional, and emerging technologies. This course will cover
these topics and others including trust services associated with the
internet and cloud computing, testing procedures, management controls,
electronic evidence, COSO IT controls, and the most recently ranked top
IT technologies.
Learning Objectives
Assess the risks associated with a variety of IT environments,
including cloud and mobile computing, e-commerce, and the internet.
Implement preventive and detective controls to mitigate IT risks
Design audit tests and management control procedures
Describe different Service Organization Control (SOC) reports
including the revised auditing standard (SAS 70) Audit Considerations
Relating to an Entity Using a Service Organization impacts user auditors
and user organizations.
Identify the trust services that may be relevant to various
transaction processing and other accounting and non-accounting systems
Evaluate IT general and application control deficiencies and the
implications for both small and large entities
Major Topics
Internal Controls to mitigate risks in a variety of IT environments
and in both large and small entities
An overview of current and emerging technologies including cloud and
mobile computing.
A discussion of numerous IT audit/management control procedures
Coverage of COSO IT General and Application controls
Examples of IT controls deficiencies that may be considered
significant deficiencies or material weaknesses in internal control
