Jul 10 2017
IT Security Audit

IT Security Audit

The IT Security Audit course is designed to provide practical view in conducting IT audit and assurance in one organization. The course is designed to support professional staffs to expand their understanding of information technology (IT) audit.

The course presents a more in-depth view on the fundamentals of IT auditing by highlighting on topics such as: IT audit and control analysis, examination of control evidence in conducting IT audit, application control, Operating System and IT Infrastructure audit, and management of IT audit.

The course will include discussion and exercises related to general control examinations and application system auditing. The course will also focus on control research and analysis for IT-related topic areas. In addition, through discussion and exercises, participants will gain a working understanding of the process of developing audit work programs encompassing all elements of IT infrastructures.
Participants will be expected to gain a working understanding of how to identify, reference and implement IT management and control policies, standards and related auditing standards. Regarding the latter, the objective is to learn how to identify and interpret the requirements of the standards and. implement the standards in auditing process.

IT Security Auditing covers the latest auditing tools alongside real-world examples, ready-to-use checklists, and valuable templates.
Each class session will include discussion on an IT audit management, security, control or audit issues that participants should be familiar with.

This course will delivered in Indonesian and/or English by Our Master Trainer:
DR, Ir. Fauzi Hasan, MM, MBA, PMP, CISA, CISSP, SSCP, CISM, CGEIT, CPRC, CSCP, CDCP, CITM APICS, Cert. Change Management (APMG)

Course Objectives & Benefits

At the completion of this course, the participants should be able to :

  • Participants shall obtain an expanded understanding on the role of IT auditors in evaluating IT-related operational and control risk and in assessing the appropriateness and adequacy of management control practices and IT-related controls inside participants’ organization, with the focus on IT infrastructures
  • The participants shall obtain the capability on how to analyze Windows, UNIX, and Linux systems; secure databases; examine wireless networks and devices; and audit applications. Plus, participants get up-to-date information on legal standards and practices, privacy and ethical issues, and the CobIT standard.
  • Participants shall obtain the capability in conducting IT audit and implement techniques in performing assurance, attestation, and audit engagements
  • Capability to build and maintain an IT audit function within the organization with maximum effectiveness and value
  • Participants shall obtain an expanded familiarity with the principle references in IT governance, control and security as related to IT audit
  • Participants shall obtain the working ability to plan, conduct, and report on information technology audits with specific focus on infrastructure vulnarability assesment and assurance, and drill down upon application vulnarabilities
  • Participants shall obtain an understanding of the role of IT auditors regarding IT-related compliance and regulatory audits, such as evaluating control standards
  • Capability to use best prractices and methodologies such as: COSO, CobiT, ITIL, ISO, and NSA INFOSEC

Who Should Attend

  • IT Managers
  • Security Managers
  • Auditing Staffs
  • IT Operation Staffs.

What You Will Learn

Audit Overview

  • The class session will focus on IT audit concepts and processes, which includes: review of some of the key fundamentals of IT auditing, including general auditing standards, risk-based auditing, pre-audit objectives, determining scope and audit objectives, and the process of performing an IT audit. The class session will include discussion on IT performance, controls, control self-assessment, risk analysis, and the objectives of the IT audit or assurance report.

Building an Effective Internal IT Audit Function

  • The class session will focus on management issues regarding how to manage IT audit and assurance functions. The class material will include developing and assessing staff knowledge and skills, competency measurement, assignment of staff, documentation and continuing education requirements.

The Audit Process

  • Perform IT audit in accordance with IT audit standards, guidelines and best practices to assist the organizations in ensuring that its information technology and business system are protected and controlled.

Auditing Techniques

  • Describing all techniques which are available to implemented for IT infrastructure auditing

Auditing Entity-Level Controls

  • Describing all entities control level which encompassing embedded controls in the areas such as:
  • Operating system control in UNIX-, Linux-, and Windows-based operating systems
  • Controls in network routers, switches, firewalls, WLANs, and mobile devices
  • Entity-level controls, data centers, and disaster recovery plans
  • Controls in Web servers, platforms, and applications
  • Database critical controls

Auditing Data Centers and Disaster Recovery

  • Describe how to conduct data center as disaster recovery site with all supporting infrastructures

Auditing Switches, Routers, and Firewalls

  • Describe how to perform auditing on network infrastructure and network appliances

Auditing Windows Operating Systems

  • Describe how to conduct auditing on operating system using effective and control-piercing methodology within the Windows operating system environment

Auditing Unix and Linux Operating Systems

  • Describe how to conduct auditing on operating system using reliant and control-focus methodology within the Unix operating system environment

Auditing Web Servers

  • Describe how to perform auditing on Web Servers infrastructure and net DMZ devices

Auditing Databases

  • Describe how to perform auditing on organization’s Database and all operating support elements

Auditing Applications

  • Describe how to perform auditing on organization’s Enterprise Applications and the supporting modules

Auditing WLAN and Mobile Devices

  • Describe how to perform auditing on Wide Area Network infrastructure and interface able mobile devices.

Jadwal TMI Consultant 2025

Batch 1 : 15 – 16 Januari 2025

Batch 2 : 12 – 13 Februari 2025

Batch 3 : 19 – 20 Maret 2025

Batch 4 : 16 – 17 April 2025

Batch 5 : 14 – 15 Mei 2025

Batch 6 : 11 – 12 Juni 2025

Batch 7 : 9 – 10 Juli 2025

Batch 8 : 13 – 14 Agustus 2025

Batch 9 : 17 – 18 September 2025

Batch 10 : 15 – 16 Oktober 2025

Batch 11 : 12 – 13 November 2025

Batch 12 : 10 – 11 Desember 2025

Catatan : Jadwal dapat menyesuaikan dengan kebutuhan anda.

Biaya dan Lokasi Pelatihan :

  • Jakarta: Hotel Amaris Kemang, Amaris Tendean,Trinity Hotel, Ibis Budget | Biaya Pelatihan : Rp. 7.500.000 / peserta(Minimal 2 Peserta).
  • Bandung: Hotel Santika, Hay Hotel,Ibis Style, Novotel Hotel, Golden Flower Hotel, 1O1 Hotel, Grand Tjokro Hotel, Tune Hotel, Four Point by Sheraton Hotel | Biaya Pelatihan : Rp. Rp. 7.000.000 / peserta(Minimal 2 Peserta).
  • Yogyakarta : Hotel NEO+ Awana, Cordela Hotel,Ibis Style, Boutique Hotel, Cavinton Hotel, Mutiara Hotel, Dafam Malioboro Hotel, Prima Inn Hotel | Biaya Pelatihan : Rp. 6.500.000 / peserta(Minimal 2 Peserta).
  • Surabaya: Novotel Hotel, Ibis Center Hotel, HARRIS Hotel, Favehotel, Alana Hotel | Biaya Pelatihan : Rp. 6.800.000 / peserta (Minimal 2 Peserta).
  • Malang : Amaris Hotel, The 1O1 Hotel, Ibis Style Hotel, El Hotel, Whiz Prime Hotel | Biaya Pelatihan : Rp. 6.800.000 / peserta (Minimal 2 Peserta).
  • Bali: Ibis Kuta, Fontana Hotel, HARRIS Hotel & Conventions | Biaya Pelatihan : Rp. 6.500.000 / peserta (Minimal 3 Peserta).
  • Lombok: Favehotel, Novotel Lombok, D Praya Hotel | Biaya Pelatihan : Rp. 7.000.000 / peserta (Minimal 3 Peserta).

Catatan : Biaya diatas belum termasuk akomodasi/penginapan. Apabila ada pertayaan mengenai materi, biaya, lokasi, jadwal dan penawaran lainnya, hubungi kami di nomor CS kami.

Fasilitas Pelatihan di TMI Consultant:

  1. Penjemputan dari Hotel/Bandara/Stasiun/Terminal.
  2. Training Kit (Dokumentasi photo, Blocknote, ATK, Flashdisk, dll).
  3. Transportasi Peserta ke tempat pelatihan.
  4. 2x Coffe Break & 1 Lunch (Makan Siang).
  5. Training Room Full AC and Multimedia.
  6. Free Bag or Bagpackers (Tas Training).
  7. Softfile Foto Training
  8. Sertifikat Pelatihan.
  9. Souvenir Exclusive.
Post Views: 101
tmiconsultant 0 Comments