IT Audit and Assurance Practices (ITAAP)

Last Revised:
10. May 2017
1600.00 USD (VAT incl.)
Not Specified
Not Specified
Not Specified


IT Audit and Assurance Practices (ITAAP)

Building on information presented in the Fundamentals of IT Audit and Assurance, this course is a practice-based program that uses lecture, class interaction and case studies. Since it is aligned with the CISA job practice areas and ISACA’s IS Auditing Standards, Guidelines and Procedures, the course is of great value to professionals preparing for the CISA examination. Please note: This is not a CISA review course.

Learning Objectives:

  • Develop a risk assessment process and related mitigation strategies
  • Develop an audit or internal assessment plan
  • Develop effective and results-oriented assurance practices on which management can rely

Prerequisite: The Fundamentals of IT Assurance and Audit course; or understanding of IT and assurance concepts.

Target Audience:

  • Experienced IT auditors who need an in-depth understanding of assurance practices
  • Assurance professionals and financial and operational auditors who need an understanding of IT
  • IT professionals who need an understanding of self-assessment practices and processes
  • IT or assurance professionals looking for methods to identify, measure and test risk
  • Security professionals who need to understand how to test and measure security controls

Day 1:  IT Assurance and Audit Process & IT Governance and Management Issues 
Students will be able to define IT audit and assurance processes and identify IT governance and  management issues. 
• Understand techniques to manage the IT Audit Function 

• Understand the ISACA IT Auditing Framework (ITAF), Standards, Guidelines and Procedures 

• Understand external standards and frameworks 

• Assess, mitigate, and monitor risk 

• Approach an audit with six phases 

• Identify, review, and test steps for significant negative events 
Day 2:  Business Continuity Planning & Application Controls 
Students will be able to audit or review a business continuity plan and disaster recovery plan and audit  application controls. 
• Audit a business continuity plan (BCP)/disaster recovery plan(DRP)

• Understand testing techniques for application controls 

• Understand testing techniques for user procedures 

• Understand testing techniques for data integrity 
Day 3:  System Development and SW Change Control 
Students will be able to audit systems development change control. 
• Audit system development, acquisition and maintenance 

• Understand documentation requirements for an audit 

• Define SDLC phases 

• Understanding Testing techniques for Software Development (SDLC)

  • Understanding Testing techniques  for Software maintenance  
Day 4:  Infrastructure and Support Operations & Protection of Information Assets 
Students will learn techniques for effectively supporting IT service delivery, and proactive protection of  information assets. 
• Perform a hardware review 

• Review the design a hardware acquisition plan 

• Perform an operating system review 

• Perform a database review 

• Understand network implementation and operation 
• Perform a computer operations review 

• Define the security framework 

• Understand assurance steps in testing information security 

• Assess  physical and logical security 

• Define physical and environmental access exposures and controls 

• Understand mobile device security  




This is a binding contract, please read and understand the terms and conditions before signing as signed booking forms will not be cancelled 10 days after SAVANNAH TELECOM Management has received the registration form.


1.  Terms of payment:


In order to secure your registration, payment is due in full upon receipt of invoice. Early registration is vital due to limited workshop space.


2.  Right of Admission:


SAVANNAH TELECOM reserves the right to refuse admission to the conference where evidence of full payment cannot be shown.


3.  Delegate Cancellation:


Provided the total fee has been settled, substitutions will be at no extra charge up till 7 days before the workshop date. Cancellations must be received in writing (14) days before the workshop in order to obtain a full credit voucher for our future events. Any cancellations received less than 14 days before the date of the conference, the full fee will be payable and no refunds or credit voucher will be given. If a delegate does not cancel and fails to attend the conference, he/she is liable for the full payment and no refund / credit voucher will be issued


4. SAVANNAH TELECOM Substitutions:


Please note that speakers and topics were confirmed at the time of publishing, however, circumstances beyond the control of the organizers may necessitate substitutions, alterations or cancellations of the speakers and/or topics. As such SAVANNAH TELECOM reserves the right to alter /modify the advertised speakers/ topics if necessary and all delegates will be notified as soon as possible.


5.SAVANNAH TELECOM Cancellation & Postponement:


In the event that SAVANNAH TELECOM Business Consulting cancels an event, delegate payments at the date of cancellation will be credited to a future SAVANNAH TELECOM conference. This credit will be available for a year from the date of issue. If the delegate is unable to attend the rescheduled conference, the delegate will receive a credit representing payments made towards a future SAVANNAH TELECOM conference & it will be available for 1 year from the date of issue. SAVANNAH TELECOM is not responsible for any loss/damage as a result of a substitution, alteration/cancellation /postponement of a conference


Subscribe to our list!

There are no scheduled dates for this course.
If you are interested in this course, you can subscribe to our list. You will be notified as soon as the course is scheduled.

Attendee Information


* required