Evaluating Information Systems Controls - March 14-15, 2011
 
To register for this course, please enter the registrant's unique ID and click "Register Now". The unique ID is composed of the last name of the registrant (without any punctuation) and the last 4 digits of the registrant's social security number.
 
UniqueID:     
 

Title: Evaluating Information Systems Controls

Date: March 14-15, 2011

Time: 8:30am - 4:30pm

Instructor: Glen D. Chambers, CISA

Location: One Highland Center, 314 E. Highland Mall Blvd., Suite 403, Austin, TX 78752

Price: $425
Early Bird Discount: $399 if you register by February 14, 2011.

Who Should Attend:

All auditors (IS and non-IS), audit supervisors and managers with the desire to gain a better understanding of the challenges facing agencies in integrating and assessing computer security in federal, state and local information systems.

Course Description:

Evaluating Information Systems Controls (EISC) is a two-day training session designed to provide an in-depth review of established guidelines for evaluating the effectiveness of controls employed in federal, state and local government information systems. With all government systems having some level of sensitivity, more emphasis is now being placed on developing and implementing adequate general and business process application controls in information systems. General controls are the policies and procedures that apply to all or a large segment of an entity’s information systems and are applied at the entity-wide, system, and business process application levels. Business process application level controls are those controls over the completeness, accuracy, validity, confidentiality, and availability of transactions and data during application processing. As a result of the increased emphasis in this area, a totally different approach is necessary in evaluating the controls in these computerized information systems.

Using pertinent information from GAO’s Federal Information System Controls Audit Manual (FISCAM), selected National Institute of Standards and Technology (NIST) Special Publications and other relevant published guidance, the training material is structured using a check-list approach to address the four major course objectives outlined below. All of the topics presented are designed to give the auditor and audit management a thorough understanding of the challenges facing agencies in integrating and evaluating computer controls in federal, state and local government information systems.

Learning Objectives:

Upon completion of this course, you will be able to:

  • Define the policies, procedures, practices and controls required in managing IT organizational resources.
  • Provide a conceptual framework of internal controls in a computer environment.
  • Describe the fundamental concepts associated with control evaluations.
  • Discuss the process of evaluating controls in organizational information systems.

    Course Outline

    Module 1 - Professional Standards, Policies and Guidelines

  • GAO Standards and Policies
  • NIST Audit Guidance and Control Criteria
  • AICPA Statements on Auditing Standards
  • Other Professional Guidance

    Module 2 - Information Systems Environment

  • Data Processing Environments
  • Methods of Processing Data
  • IT Organizational Structure
  • Nature of IT Management
  • Separation of Duties
  • IT Personnel Policies and Management Practices
  • Assessing Effectiveness and Efficiency of IT Activities
  • Types of Computers and Software

    Module 3 - Information Systems Controls

  • Vulnerabilities of Information Systems
  • Nature of Information System Controls
  • General Controls
  • Application Controls

    Module 4 - Audit Implications of Electronic Document Management

  • Overview of EDM Systems
  • Audit Benefits of EDM
  • EDM Technologies
  • EDM Components
  • Pre-Implementation Considerations
  • Audit Planning Issues
  • Internal Controls

    Module 5 - Evaluating General Controls in Information Systems

  • Security Management
  • Access Controls
  • Configuration Management
  • Segregation of Duties
  • Contingency Planning

    Module 6 - Evaluating Application Controls in Information Systems

  • Application Level General Controls
  • Business Process Controls
  • Interface Controls
  • Data Management System Controls

    The timing and duration of our discussion on any of the above topics can be adjusted accordingly depending upon the experience level of the attendees. All of the material being presented is designed to look at today’s environment from the auditor’s perspective with emphasis on the steps necessary to satisfy the Government Auditing Standards.

    Instructor Bio: Glen D. Chambers, CISA

    Glen D. Chambers, a career federal employee and retiree from the Defense Contract Audit Agency (DCAA), has over 20 years experience in auditing information systems at some of the largest Department of Defense (DOD) contractors in the country. During Glen’s tenure with the Federal Government, he cultivated a unique background combining the expertise and discipline of contract auditing with the technical knowledge of a specialist in the area of information systems. Glen gained extensive experience in designing and developing training programs and workshops for numerous organizational elements within DCAA, other DOD components, and various groups from the contractor community. Since leaving government service, Glen has been actively involved in providing Information Systems (IS) audit related training to various government audit organizations at the local, state and federal levels.

    Glen is a faculty member of the Graduate School, Government Audit Training Institute where he is involved with course development and instruction. Glen is a Certified Information Systems Auditor and a member of the Information Systems Audit and Control Association.

    CPE: 16 hours

    Level: Intermediate

    Type of Class: Audit

    TX Board of Public Accountancy Sponsor Number: 009317

    Cancellation Information: Cancellation Date: February 21, 2011

    If you are making travel plans to come to the training, please make "refundable" air and hotel reservations or wait until 14 days before the class to actually book your reservations. Courses are occasionally canceled or rescheduled due to low enrollment. We determine whether a course has enough participants approximately 16 days prior to the course date. If we cancel or reschedule, we will email the participant no later than 14 days before the original class date. Solutions Training will not pay for cancellation/change fees associated with travel and hotel arrangement changes.

    To cancel your registration from this course, please call or email the course contact listed below. If a cancellation is received after the cancellation date, the registrant will be charged $140 for course materials.

    Class participants will be billed after the class. Payment should be made to SOLUTIONS TRAINING GROUP, Federal Tax ID: 20-2732184 and mailed to 2701 Maria Anna Rd, Austin, TX 78703. If you have any questions, please contact Shannon Bieberdorf at (512) 914-5557 shannon@solutionstraininggroup.com.

    For additional information about this class, please contact Laurie Garrant at laurie@solutionstraininggroup.com, (512) 914-5567.

    		•
         Your schedule, your location.

    To train your group, Solutions Training Group On-site training is the right choice.
    • We have courses to fit your training needs from business writing to technical training.

    • We offer professional trainers with real-world experience and high-energy presentation styles.

    • We can customize the classes to address your unique needs.
    100% satisfaction guarantee

    Let us help you make the training day a celebration for your office.

    Call 512-914-5557



    		    
    ©2008. Solutions Training Group. All rights reserved. Courses             Contacts