Cloud Computing Fundamentals for IT Professionals
This course defines cloud computing and the service delivery models of a cloud computing architecture, as well as the methods in which they can be deployed as public, private, hybrid and community clouds. A comprehensive review of the security and privacy issues related to cloud computing environments includes examining cloud computing models, exploring the threat model and security issues related to data and computation outsourcing, and identifying practical applications of secure cloud computing. Audit approaches and methodologies for assessing internal control exposures within cloud computing environments are also discussed.
Learning objectives:
- Discuss, with confidence, what is cloud computing, and what are key security and control considerations within cloud computing environments
- Identify various cloud services
- Assess cloud characteristics and service attributes for compliance with enterprise objectives
- Explain the 4 primary cloud category “types”
- Evaluate various cloud delivery models
- Contrast the risks and benefits of implementing cloud computing
- Specify security threat exposure within a cloud computing infrastructure
- Recognize steps and processes used to perform an audit assessment of a cloud computing environment
- Summarize specific environments that would benefit from implementing cloud computing, contrasted against those environments that might not benefit
- Weigh the impact of improperly controlled cloud computing environments on organizational sustainability
Target audience:
Duration: 2 days
CPE: up to 14
Cost: $1,150 members / $1,250 nonmembers
Date and Location: Denver, 26-27 April
Fundamentals of IT Audit and Assurance (FITAA)
The role of auditor has evolved to include a more business-focused alignment. IT audit and assurance professionals must now have more than just a basic understanding of the controls and objectives; they must also understand organizational risks and how to mitigate them to provide that assurance. This comprehensive program, aligned with the Certified Information Systems Auditor (CISA) job practice areas, discusses the necessary IT tools and techniques used to optimize service capability of IT. It also addresses the assessment and assurance processes that should be implemented. Please note: This course is not designed as a review for the CISA exam, however, it may be helpful to CISA aspirants or those preparing for the CISA exam.
Learning objectives:
- Understand the audit and assurance standards, guidelines and framework, and be able perform an Information Systems Audit
- Learn how to govern and manage Information Technology within an enterprise
- Discuss how to acquire, develop and implement Information Systems
- Describe how to run, maintain and support Information Systems
- Assess ability to protect information assets
Target audience:
- New IT auditors
- Financial and operational auditors who need to understand IT controls
- Auditors and assurance professionals who need to understand IT controls
- IT professionals
Duration: 4 days
CPE: up to 32
Cost: $2,295 members / $2,495 nonmembers
Dates and Locations:
IT Audit and Assurance Practices
Building on information presented in the Fundamentals of IT Audit and Assurance, participants learn how to develop a risk assessment process and related mitigation strategies that can help provide an audit or internal assessment plan. This comprehensive program is aligned with the CISA job practice areas and ISACA’s IS Auditing Standards, Guidelines and Procedures. Please note: This course is not designed as a review for the CISA exam. It will be helpful to those preparing for the CISA exam or for CISA aspirant.
Learning objectives:
- Define IT audit and assurance processes, and identify IT governance and management issues
- Develop a business continuity plan and disaster recovery plan, and audit application controls
- Determine how to audit systems development and implement change control
- Support IT service delivery
- Learn to proactively protect information assets
Target audience:
- Experienced IT auditors who need in-depth understanding of assurance practices
- Security professionals
- Current CISAs
- IT professionals
Duration: 4 days
CPE: up to 32
Cost: $2,295 members / $2,495 nonmembers
Dates and Locations:
Cloud Computing—Seeing through the Cloud: What the IT Auditor Needs to Know (ISACA/Deloitte)
Cloud computing has emerged as one of the most significant information technology developments over the past decade. As a new framework for the way IT solutions are designed, sourced and used for services delivery, it offers organizations new and flexible ways to manage IT costs, scale IT operations and streamline related processes. However, with new IT developments come new risks. ISACA and Deloitte & Touche LLP have joined to deliver a cloud computing course to help you understand the risk implications of moving to the cloud, as well as strategies for managing those risks.
Learning objectives:
- Understand the fundamentals and impact of Cloud Computing
- Describe the different types of Cloud Computing architectures
- Describe the different services that Cloud Computing provides
- Describe some of the challenges to adopting a cloud architecture
- Identify the top security threats to cloud computing
- Understand how the risks associated with Cloud Computing vary from the traditional application service provider model
- Develop an audit plan based on the different services of Cloud Services
- Learn to utilize the Deloitte proprietary tool, the Cloud Risk Map
Target audience: IT Audit Practitioners
Duration: 4 days
CPE: up to 32
Cost: $2,500 members / $2,700 nonmembers
Date and Location:
Network Security Auditing
Considering the proliferation of high-profile network security attacks over recent years, this course seeks to equip the IT auditor with the necessary skills to scope, plan and perform a network security assessment. Learn through a range of hands-on presentations and demonstrations to view and protect your organization's network perimeter.
Learning objectives:
- Evaluate risk from an external perspective
- Describe the purposes of a tiered network perimeter architecture
- Analyze how a hacker views a target
- Acquire baseline knowledge of the purpose and functionality of firewalls
- Explain features and functionality of the major firewall brands (Cisco, Check Point, etc.)
- Receive hands-on experience reviewing configuration files for firewall rule sets
- Prepare to evaluate digital risk and various approaches for managing vulnerabilities
Target audience:
- IT auditors and integrated auditors
- Audit managers
- IT managers responsible for information security
Duration: 4 days
Led by: Deloitte expert instructors
CPE: up to 32
Cost: $2,500 members / $2,700 nonmembers
Dates and Locations:
Taking the Next Step—Advancing Your IT Auditing Skills
IT auditors must possess a variety of skills across a broad array of technologies and platforms. This course uses practical hands-on presentations and demonstrations to enable IT auditors and security professionals to identify and analyze risks associated with a range of infrastructure platforms.
Learning objectives:
- Scope and plan IT audits in a variety of technology platforms
- Utilize advanced techniques for auditing infrastructure
- Deepen your IT audit knowledge base across a range of technologies
- Identify risks specific to a variety of infrastructure platforms
- Manage resources when structuring IT audits on a variety of platforms
Target audience:
- IT auditors and integrated auditors
- Audit managers
Duration: 4 days
Led by: Deloitte expert instructors
CPE: 32
Cost: $2,500 members / $2,700 nonmembers
Dates and Locations:
Information Security Essentials for for IT Auditors
ISACA and Deloitte & Touche LLP deliver strategies and tactics to address a range of information security issues in the workplace. Learn to identify and analyze the risk associated with security threats across network, operational and physical systems.
Learning objectives:
- Use information security frameworks, common architectures and security models
- Identify access control mechanisms to protect information through application and database security design
- Analyze network, operational and physical security practices
- Assess information security risks ranging from remote access and wireless to virtualization
- Identify, measure and mitigate information security risks relevant to today’s complex IT systems and challenges
Target audience:
- IT auditors, integrated auditors, business process auditors
- Audit managers
- IT managers responsible for information security
Duration: 4 days
Led by: Deloitte expert instructors
CPE: up to 32
Cost: $2,500 members / $2,700 nonmembers
Dates and Locations:
Healthcare Information Technology (ISACA/Deloitte)
ISACA and Deloitte & Touche LLP deliver a course that focuses on healthcare industry regulatory reform and healthcare information technology (IT). Hot topics include regulatory issues, trends and future reform, as well as how these affect the IT audit professional.
Learning objectives:
- Describe the background and trends of healthcare, and how healthcare may change in the future
- Navigate the healthcare industry in an era of reform
- Gain a deeper understanding of the IT-related hot topics in the healthcare industry
- Analyze the framework, requirements and challenges of the most pressing healthcare IT issues
Target audience:
- Information technology auditors
- Information security professionals
- Financial, business process and compliance auditors
- Chief Information Officer and other IT executives in healthcare
Duration: 4 days
Led by: Deloitte expert instructors
CPE: up to 32
Cost: $2,500 members / $2,700 nonmembers
Dates and Locations: