|
Title: Risk Management in the IT Environment
Date: March 18, 2011
Time: 8:30am - 4:30pm
Instructor: Glen D. Chambers, CISA
Location: One Highland Center, 314 E. Highland Mall Blvd., Suite 403, Austin, TX 78752
Price: $225
Early Bird Discount: $199 if you register by February 18, 2011.
Who Should Attend: All auditors (IS and non-IS), audit supervisors and managers with the desire to gain a better understanding of the challenges facing agencies in developing and maintaining an effective risk management process within federal, state and local IT operations.
Course Description:
This course is designed to provide attendees with an introduction to a structured risk management process adopted for many organization’s information technology (IT) systems. In this digital era, as organizations use automated technology to process their information, risk management plays a critical role in protecting an organization’s information assets from IT-related risk. Risk management is the process of identifying risk, assessing risk, and taking steps to reduce risk to an acceptable level.
The training material is also designed to provide an overview of selected cost-effective security controls. These controls can be used to mitigate risk for the better protection of critical information and the IT systems that process, store, and carry this information. Our role as auditors is to evaluate the adequacy of established procedures and processes employed to address risk and to assess the effectiveness of controls that have been implemented to ensure continuity and consistency of operations for information systems that support the operations and assets of the agency.
Using pertinent information from GAO’s Federal Information System Controls Audit Manual (FISCAM) and selected National Institute of Standards and Technology (NIST) Special Publications, the training material covers various aspects of the risk management process including nine primary steps which encompass the risk assessment methodology. The topics presented are designed to give the auditor and audit management a thorough overview of the various factors that should be considered by management in establishing a viable risk assessment methodology and the key audit procedures necessary to evaluate the adequacy of management’s actions.
Upon completion of this course, you will:
Be knowledgeable of risk management, how it fits into the system development life cycle (SDLC), and the roles of individuals who support and use this process.
Be familiar with the risk assessment methodology and the nine primary steps in conducting a risk assessment of an IT system.
Know the various factors involved with the risk mitigation process.
Understand the need for an ongoing risk evaluation and assessment and the factors that will lead to a successful risk management program.
Course Topics:
Module 1 - Fundamental Planning Principles and Practices
Purpose of Risk Management
Importance of Risk Management
Integration of Risk Management into SDLC
Federal Mandates, Standards and Guidelines
Module 2 - Risk Assessment
System Characterization
Threat Identification
Vulnerability Identification
Control Analysis
Likelihood Determination
Impact Analysis
Risk Determination
Control Recommendation
Results Documentation
Module 3 - Risk Mitigation
Risk Mitigation Options
Risk Mitigation Strategy
Approach for Control Implementation
Control Categories
Cost-Benefit Analysis
Residual Risk
Module 4 - Evaluation and Assessment
Good Security Practice
Keys for Success
The timing and duration of our discussion on any of the above topics can be adjusted accordingly depending upon the experience level of the attendees. All of the material being presented is designed to look at today’s environment from the auditor’s perspective with emphasis on the steps necessary to satisfy the Government Auditing Standards.
Title: Assessing the Reliability of Computer Processed Data
Date: March 16-17, 2011
Time: 8:30am - 4:30pm
Instructor: Glen D. Chambers, CISA
Location: One Highland Center, 314 E. Highland Mall Blvd., Suite 403, Austin, TX 78752
Price: $425
Early Bird Discount: $399 if you register by February 16, 2011.
Who Should Attend:
All auditors, team leaders, audit supervisors and managers with the desire to gain a better understanding of assessing the reliability of computer processed data.
Course Description:
How comfortable are you with the data you are relying upon during the course of your audits? Do you feel confident that the data is current, accurate, and complete? With the proliferation of electronic information systems we are placing much more reliance on invisible audit trails. Recent accounting scandals that have sent shockwaves through the accounting/auditing profession certainly illustrate the fact that reliable data cannot be overemphasized. As a result, various factors must be considered by the auditor when assessing the reliability of computer-processed data.
This course focuses on data reliability requirements in conducting audits under the Government Auditing Standards. The course material presented centers around the following questions:
What are the data reliability testing and documentation requirements as defined in the GAO’s publication GAO-07-731G, “Government Auditing Standards 2007 Revision” (the Yellow Book)?
How should the auditor interpret and apply the guidance provided in GAO’s publication GAO-09-680G, “Assessing the Reliability of Computer-Processed Data”, popularly referred to as the “Gray Book”?
Upon completion of this course, you will be able to:
Provide an overview of the professional standards, policies and guidelines pertaining to auditing information systems and assessing the reliability of data being processed by electronic systems.
Define data reliability and provide a framework for assessing the reliability of computer-processed data and reporting the results.
Discuss the use of computer assisted audit techniques (CAATs) in assessing the reliability of data in the electronic environment and the challenges facing the auditor.
Instructor Bio: Glen D. Chambers, CISA
Glen D. Chambers, a career federal employee and retiree from the Defense Contract Audit Agency (DCAA), has over 20 years experience in auditing information systems at some of the largest Department of Defense (DOD) contractors in the country. During Glen’s tenure with the Federal Government, he cultivated a unique background combining the expertise and discipline of contract auditing with the technical knowledge of a specialist in the area of information systems. Glen gained extensive experience in designing and developing training programs and workshops for numerous organizational elements within DCAA, other DOD components, and various groups from the contractor community. Since leaving government service, Glen has been actively involved in providing Information Systems (IS) audit related training to various government audit organizations at the local, state and federal levels.
Glen is a faculty member of the Graduate School, Government Audit Training Institute where he is involved with course development and instruction. Glen is a Certified Information Systems Auditor and a member of the Information Systems Audit and Control Association.
CPE: 16 hours
Level: Intermediate
Type of Class: Audit
TX Board of Public Accountancy Sponsor Number: 009317
Cancellation Information: Cancellation Date: February 23, 2011
To cancel your registration from this course, please call or email the course
contact listed below. If a cancellation is received after the cancellation
date, the registrant will be charged $140 for course materials.
If you are making travel plans to come to the training, please make "refundable" air and hotel reservations or wait until 14 days before the class to actually book your reservations. Courses are occasionally canceled or rescheduled due to low enrollment. We determine whether a course has enough participants approximately 16 days prior to the course date. If we cancel or reschedule, we will email the participant no later than 14 days before the original class date. Solutions Training will not pay for cancellation/change fees associated with travel and hotel arrangement changes.
Class participants will
be billed after the class. Payment should be made to SOLUTIONS TRAINING GROUP,
Federal Tax ID: 20-2732184 and mailed to 2701 Maria Anna Rd, Austin, TX 78703.
If you have any questions, please contact Shannon Bieberdorf at (512) 914-5557
shannon@solutionstraininggroup.com. For
additional information about this class, please contact Laurie Garrant at laurie@solutionstraininggroup.com,
(512) 914-5567.
CPE: 8 hours
Level: Intermediate
Type of Class: Audit
TX Board of Public Accountancy Sponsor Number: 009317
Cancellation Information: Cancellation Date: February 25, 2011
To cancel your registration from this course, please call or email the course
contact listed below. If a cancellation is received after the cancellation
date, the registrant will be charged $75 for course materials.
If you are making travel plans to come to the training, please make "refundable" air and hotel reservations or wait until 14 days before the class to actually book your reservations. Courses are occasionally canceled or rescheduled due to low enrollment. We determine whether a course has enough participants approximately 16 days prior to the course date. If we cancel or reschedule, we will email the participant no later than 14 days before the original class date. Solutions Training will not pay for cancellation/change fees associated with travel and hotel arrangement changes.
Class participants will
be billed after the class. Payment should be made to SOLUTIONS TRAINING GROUP,
Federal Tax ID: 20-2732184 and mailed to 2701 Maria Anna Rd, Austin, TX 78703.
If you have any questions, please contact Shannon Bieberdorf at (512) 914-5557
shannon@solutionstraininggroup.com. For
additional information about this class, please contact Laurie Garrant at laurie@solutionstraininggroup.com,
(512) 914-5567.
|
