Course Information

This course presents the fundamental concepts and terminology associated with IT general controls, including controls provided by automated systems. With an emphasis on ways the operational audit can participate in IT-related activities within audit engagements, this course provides tips on how to apply learned concepts to the risk evaluation and the audit process.

Upon completion of this course, participants will be able to:

• Describe IT general controls.

• Apply critical thinking to general controls assessments.

• Explore the use of data analytics in assessing IT general controls.

• State the IT general control audit concepts necessary to perform an audit of IT applications supporting key processes.

• Recognize the general concepts related to assessing logical security.

• Explain the general concepts related to assessing System Development Life Cycle (SDLC).

• Describe the general concepts related to assessing change management.

• Discuss the general concepts related to auditing data backup and recovery controls.

• Recognize the general concepts related to auditing computer operations controls.

• Explain the general concepts related to auditing physical and environmental security.

No prerequisites required.

YB 4.23(k)

TAC Rule 523.142(g) requires the CPE Sponsor to monitor individual attendance and assign the correct number of CPE credits. Participants will be asked to document their time of arrival and departure in compliance with this Rule. Additionally, attendance will be monitored throughout the day and CPE certificates will reflect actual attendance of each participant.

To see answers to our Frequently Asked Questions, visit http://www.sao.texas.gov/training/faq.html.