- Joint Industry leading certificate from NASSCOM and iZen
- Earn Cashback from the Government of India and exclusive offers from NASSCOM*
- Upskill and become job ready
Kickstart your career with a certificate in
Analyst: IT Governance, Risk and Compliance Auditing
- Hands-on Projects
- Learn from Richard Cascarino
- Developed by iZen from Silicon Valley, CA
- Fully online, self-paced
- Basic to Practitioner level covered
- Access for 3 months and complete in 80 hours
Certificate
Options
16,100 + GST
Introductory Offer
Benefits
- Joint Co-Branded Participation Certificate by FutureSkills Prime and iZen.
- NASSCOM Assessment certificate after clearing the mandatory NASSCOM Assessment:
- Gold Certificate if you score 70% or more
- Silver Certificate if you score 60% to 69%
- Bronze Certificate if you score 50% to 59%
- Note: Get a “Certificate of Completion” from Webster University (USA) if you score 70% or higher in iZen quizzes for an additional fee of Rs. 5,000
Land a lucrative job in IT Auditor upon completing this course.
Cybersecurity jobs are one of the few future-proof areas, with ever-increasing demand.
IT Auditing Landscape
Most stringent government regulations, tighter lending standards and demands for accountability keep IT auditors in high demand globally.
According to the Bureau of Labor Statistics, the employment rate for IT auditors is expected to grow by 15 percent over the next 10 years.
Richard Cascarino
Meet your faculty#1 Richard Cascarino
- Richard Cascarino, CIA, CISM, CFE is a consultant and lecturer with over 30 years’ experience in Risk, Audit, Governance, Forensic, Internal and IT auditing education. He is a principal of Richard Cascarino & Associates. He is a regular speaker to national and international conferences and has presented courses throughout Africa, Europe, the Middle East and the USA.
- He is the author of the books “Internal Auditing-an Integrated Approach”, “Auditor’s Guide to Information Systems Auditing”, “Corporate Fraud and Internal Control: A Framework for Prevention” published by Wiley, and the book “Data Analytics for Internal Auditors”. He is also a contributing author to the Governance section of Finance: The Ultimate Resource and is a frequent speaker at IIA, ACFE and ISACA courses and conferences.
- Richard Cascarino was the chairman of the Audit and Risk Committee of the Department of Public Enterprises in South Africa and served as chairman of the Audit Committee of Gauteng cluster 2 (Premier’s office, Shared Services and Health). He is also a visiting Lecturer at the University of the Witwatersrand.
- He is a Past President of the IIA – South Africa and founded the African Region of the IIA Inc. He is also a member of the Board of Regents for Higher Education of the Association of Certified Fraud Examiners. He is a member of the Board of Regents (Higher Education) for the ACFE.
Jim Kaplan
Meet your faculty#2 Jim Kaplan
- Jim Kaplan CIA CFE is President and Founder of AuditNet®, the global resource for auditors (now available on Apple and Android and Windows devices).
- Jim is a highly accomplished Internal auditor and audit manager with 26 years of progressive experience with solid background utilizing internal audit standards and audit procedures and techniques
- Jim Kaplan’s vision for AuditNet® is not unlike the voice Kevin Costner heard in the Field of Dreams. His company AuditNet ® is a portal providing tools, techniques, and training used by auditors on five continents, in 221 countries. He is recipient of the IIA’s 2007Bradford Cadmus Memorial Award.
- Jim Kaplan is an Author of “The Auditor’s Guide to Internet Resources” 2nd Edition Specialties: As a writer, journalist, educator, lecturer and dedicated local government auditor, Jim has promoted and encouraged the use of technology and the Internet for audit productivity.
Curriculum
Section-1: IT Audit Basics
By the end of this part of the course the attendees will be able to:
- Understand the jargon of the computer world
- Differentiate between types of systems and their major risk elements
- Understand how computer systems are constructed and how this can influence the eventual running in the business environment
- Utilize this knowledge to gain a greater acceptance by computer-literate auditees
- Identify the role of the IS audit specialist
- Identify potential areas for the audit use of computerized technology
This module is designed to provide the participants with in-depth knowledge and experience of Technology and audit, Control objectives and risks, Batch and on-line systems, Programming computers, Database systems, Computer risks and exposures, Computer security, Application systems and their development, and Computer operations controls.
By the end of this part of the course the attendees will be able to:
- Identify the different types of database structures, their principal components, and the threats to them
- Relate DBMS components to the operating system environment in which they operate
- Identify potential control opportunities and select among control alternatives
- Recognize vulnerabilities in multiple DBMS environments and make appropriate recommendations
- Select the appropriate audit tool and technique to meet a given audit objective
The module will cover Database types – Sequential, Hierarchical, Network, Inverted File Structures, Relational Models, Control opportunities in a database environment, Database tools and techniques, Auditing IMS; IDMS; ADABAS; DB2; DATACOM; Oracle; Access
By the end of this part of the Course attendees will have an in-depth knowledge of:
- The nature and usage of CAATS
- Methods for determining the appropriate CAAT
- Usage of differing types of CAAT
- Interpretation of results
- Verification of CAAT results
The module will cover the areas like System testing techniques, Computerized application systems, Non-computerized systems, CAAT types, Source code review, Use of Test Data, Parallel Simulation, Integrated Test Facilities, Snapshot Techniques, SCARF, Retrieval Software, Generalized Audit Software, Specialized Audit Software, Utility Software, ACL, and IDEA.
By the end of this module, you will have the tools and techniques needed in your own environments to:
- Assess the corporate risks
- Identify their audit strategies
- Establish their priorities
- Develop their Audit Plan
- Evaluate and test their Corporate Disaster Recovery Plan
The module will cover What is a Disaster? What is a Disaster Recovery Plan? Who is Accountable? What are the Options? What is the cost? How can a C.P. be tested? What is Management’s Role? What is the User’s Role? What is the Information Services Role? What is the Internal Auditor’s Role?
By the end of this module, you will be able to:
- Distinguish between the varying types of computer fraud, their nature and effect
- Identify likely fraud indicators
- Audit for computer fraud
- Establish a Corporate Risk Profile
- Structure an anti-fraud security environment
- Distinguish between fraud and forensic auditing
- Identify the requirements to ensure that audit evidence is acceptable as legal evidence
- Identify the requirement and effect of reporting sensitive issues
The module will cover the areas like the nature of computer fraud, the Corporate risk profile, Computer fraud techniques, why computer fraud and who commits it? Fraud auditing, Fraud awareness, EDI and fraud, the expectation gap, Forensic auditing, Sources of evidence and audit tools, Legal evidence and Reporting sensitive issues
Section-2: Advanced IT-Auditing
By the end of this module, you will get an in-depth knowledge and experience of:
- Risk and its nature in a corporate environment Risk analysis and Internal Auditing
- The use of Risk-based auditing as an integrated approach
- Risks within computer systems
- Electronic trading risks
- The IT Risk-based audit approach
- Risk and materiality
- A structured approach to audit risk evaluation
- How to sell Risk-based audits
This module is designed to provide you with an in-depth knowledge of the risks as well as the benefits of Internet connection. You will learn about the tools and information sources available on the internet as well as the uses to which these might be put. The module will cover the following areas:
- Internet Threats
- Protection Strategies
- Internet security and privacy
- Use of Digital Certificates
- Client-side Security
- Downloading threats
- Firewalling and encryption
- Formulating an Internet security plan
This module is developed to familiarize auditors with computer risk areas and security mechanisms, to provide auditors with an understanding of the building blocks of operational environments and operating systems, and to provide auditors with an appropriate methodology for reviewing computer security. The module will cover the following areas:
- Computer risk areas
- Criteria for effective security
- Computer operations
- Applications security
- Change control
- Control over viruses
- The “ACCESS” mode
- Tailoring the Operating System
- Auditing operating environments
- The role of security packages: RACF, ACF2, TOP SECRET
- The internet and Firewalls
The objectives of this module are to provide attendees with the tools and techniques needed in their own environments to familiarize auditors with the Key Performance Areas within IT, to introduce them to a VFMA methodology to determine whether the IT resources are being optimized, and to provide delegates with a complete VFMA audit plan for the IT function. The module will cover the following areas:
- Background and objectives of VFMA
- Operational auditing methods and techniques
- Major operational areas in IT
- Risks and control opportunities
- Economy of resource utilization
- Efficiency determination of the key performance areas
- The quantification of effectiveness
- Implementing the VFMA audit programmer
- Performing the audit and following-up
IT Audit has developed into a maze of specialties with technical specialists requiring ever more. By the end of this part of the Course the attendee will be able to:
- Distinguish between the varying types of computer fraud, their nature and effect
- Identify likely fraud indicators
- Audit for computer fraud
- Establish a Corporate Risk Profile
- Structure an anti-fraud security environment
- Distinguish between fraud and forensic auditing
- Identify the requirements to ensure that audit evidence is acceptable as legal evidence
- Identify the requirement and effect of reporting sensitive issues
The module will cover the areas like the Scope of IT Audit, narrowing the perspective, Objective setting, Staffing and recruiting, the use of audit automation, skills and training, measuring effectiveness and the role of the Specialist.
- Case Studies and Practical ExamplesSCORM package
- Case-studies: Sources of Cybersecurity Risks
- Practical Negotiating Skills for Auditors
Testimonials
” I am not an IT Auditor at present, but I was seeking a reputable certification program to expand my knowledge and skills in this area to increase my chances of becoming an IT Auditor. I found iZen’s course to be ideal, as it allowed me to utilize my free time effectively, with easily understandable and navigable content. I found the course beneficial as it covers a broad range of topics. Although the NASSCOM and iZen certificate wasn’t available immediately after I completed the course, the iZen support team resolved the issue quickly. I successfully passed the exam and received a bronze certification in January 2023. I also have access to the course content for 180 days for future reference.”
Business Continuity and IT DR Lead
Barclays Global Service Center Pvt Ltd, India.
Frequently Asked Questions and Answers
Who should take this course?
Anyone interested in developing IT Auditing awareness – a student seeking employment, by building a foundation in IT Auditing or an employee interested in re‐skilling or up-skilling for a career growth or a teacher interested in becoming a trainer in IT Auditing or a manager wanting to unlock new opportunities or to bring IT Auditing into their products and offerings.
Are there any prerequisites for this course?
A basic understanding of computers & IT Infrastructure in general, would be helpful.
What are the equipment and technical requirements of this program?
The participants need to have a computer with Internet access, and an internet browser to access this course. No special software is required except for a PDF viewer.
What is required to successfully complete this course?
A participant must score at least 70%, in all the quizzes. We want you to do well in the quizzes, learn and benefit from the course. Once you are enrolled, you can refer to the video on “How to take the tests and do well in them?” in the orientation module.
In case you cannot do well in a quiz on the first attempt, no worries. You can go through the required sections of the course again and retake the quiz. You will get a maximum of 3 attempts to “pass” a quiz.
What are the duration and the time commitment required for this course?
Recommended duration of the course is 6 weeks. Students are expected to dedicate 30-40 hours in total to complete the course. This is a self-directed online program and hence you are free to decide when you want to study during these 6 weeks.
Note: You will have an additional 2 weeks to review what you have learned. That means that you will have a total of 8 weeks of access to the course content.
Who will I learn from?
You will learn from Richard Cascarino who has over 30 years’ experience in Risk, Audit, Governance, Forensic, Internal and IT auditing education and Jim Kaplan who has a solid background utilizing internal audit standards and audit procedures and techniques.
Do I receive a certificate for this course?
Upon successful completion of the course and taking up the NASSCOM Assessment, you will receive a Joint Co-Branded Participation Certificate from FutureSkills Prime and iZen. After you clear the mandatory NASSCOM Assessment, you will also earn the NASSCOM Assessment certificate based upon the score you get.
When and how do I receive the certificate?
You will receive a digital certificate within two weeks after your successful completion of the course. You can share this verifiable certificate on various social media platforms (e.g. Facebook, Twitter, LinkedIn, etc.).
What are the accepted payment methods for this course?
We accept all major credit and debit cards.If you encounter any challenges please contact [email protected]
Does the program fee include taxes?
Yes, the program fee is inclusive of any taxes with the exception of GST.
What is your refund policy?
You will not be eligible for refund once you pay the fees & enroll for the course..
Do I need to buy any textbooks for this course?
Not necessary. All required resources are provided in this course and you can access them online.
Whom do I contact if I have more questions?
Please send all your queries to [email protected]