Home > Training and Events Calendar

Training and Events Calendar



IT General Controls Certificate Program (2.5 day)
Date(s):
27th - 29th Apr 2026
Time:
9:00AM - 5:00PM
Venue:
In-person training, venue to be confirmed

Location: Singapore
Costs:

Member (Incl. 9% GST): $2,398.00
Non-Member (Incl. 9% GST): $2,834.00
Description:

 

This Learning Certificate Programme is developed and curated by The IIA.

CPE Hours: 20

INTRODUCTION

Information technology (IT) is the lifeblood of most organisations today. Speed to market has sent organisations into a technical catapult where annually more processes become technology driven, whether that technology exists in or outside the organisations data centre. These technology-rich processes continue to transform internal audits priorities and expected core competencies. Tomorrow’s auditors and audit leaders will need to be well versed in recognising technology-related control weaknesses and have the capability of articulating such weaknesses to business and technology leaders alike.

This certificate program is designed to ensure that all internal auditors have the minimal technical competencies’ to perform basic IT-related audit activities, focusing on governance, risk, project delivery, and IT general controls.

Updated for 2025! Now features current IT guidance and an enhanced learner experience.

By the end of this program, internal auditors should be able to:

  • Recognise the importance of the governance of enterprise IT.
  • Associate project delivery with effective and efficient technology driven processes.
  • Realise the impact technology has on business processes.
  • Identify and access basic IT general controls related to:IT Change Management.
  • Business Resilience.
  • Logical Security.
  • Physical Security.
  • Environmental Controls.
  • IT Operations and Services Management.
  • System Development Life Cycle.

TARGET AUDIENCE

This certificate program is intended to assist the internal auditor in gaining a fundamental understanding of technology-related risks and controls including describing the fundamental concepts of IT audit, exploring common risks and controls related to information technology, recognising methodologies for assessing the effectiveness of information technology, and so much more! This certificate program is designed for internal auditors and consulting associates who wish to increase their knowledge of information technology auditing. Participants who successfully complete this program are eligible to plus themselves by obtaining The IIA IT General Controls Certificate- a wonderful addition to both your resume and LinkedIn profile.

CERTIFICATE OBJECTIVES

  • Describe risks and controls related to IT.
  • Recognise key infrastructure and network components.
  • Identify the relationship between organisational governance and IT governance.
  • Identify internal audit’s role in IT governance.
  • Define IT change management.
  • Describe controls necessary for effective IT operations.
  • Identify application security controls.
  • Distinguish characteristics of privileged access.
  • Explain the purpose of the system development life cycle.
  • Distinguish key business recovery concepts, including business impact analysis, business continuity, disaster recovery, and incident response.
  • Identify the general concepts related to auditing computer operations controls.
  • Identify the general concepts related to auditing physical and environmental security.
  • Review the core principles of project management.
  • Describe the basics of auditing the project management process.
  • Establish the elements of a third-party risk program.

CERTIFICATE TOPICS

IT Essentials – Introduction to IT

  • An overview of IT operations.
  • Risks and controls related to IT.
  • The purpose and applications of IT control frameworks and basic IT controls.
  • An overview of IT governance.
  • IT competencies for internal auditors.

IT Essentials – Assessing Networks and Infrastructure 

  • Key infrastructure and network components.
  • Devices in the DMZ. 
  • Competencies of internal auditors performing infrastructure and networking audits.
  • Common infrastructure and network terminology.
  • OSI model and the layers of defense in depth.

Governance of Enterprise IT

  • Importance of IT governance.
  • Components of IT governance.
  • Relationship between organisational governance and IT governance.
  • Five areas of a sample IT governance framework.
  • Desired outcomes and challenges of implementing an IT governance framework.
  • Internal audit’s role in IT governance.

Logical Security: Application, Database, and Operating System Layers 

  • Security controls that relate to an IT audit.
  • Databases and database management systems operations.
  • Database security controls.
  • Common operating system controls. 

Logical Security: The Network Layer 

  • Characteristics of privileged access.
  • Common network concepts and terminology.
  • Basic network architecture.
  • Suggested auditing techniques. 

Auditing IT Change Management

  • IT change management.
  • Types and sources of change.
  • An overview of the change management process.
  • Roles and responsibilities related to IT change management.
  • Role of patches in the IT change management process. 
  • Preventative, detective, and corrective controls necessary for effective IT change management.
  • Best practices for providing assurance over effective change management.

Understanding the System Development Life Cycle

  • Purpose of the system development life cycle (SDLC).
  • Key organisational roles in system development projects.
  • Phases within a system development life cycle.
  • Reasons why system development projects fail.
  • Reasons for successful outcomes of system development life cycle projects.
  • General concepts related to assessing a system development life cycle.
  • Auditing development project reviews.

Computer Operations

  • General concepts related to auditing computer operations controls.
  • Main components of service management.
  • Value of deploying a unified service management platform.
  • Value of asset and configuration management.
  • Relationship between service management and computer operations management in the auditing process.
  • Auditing computer operations.

Physical and Environmental Controls

  • Basics of physical security.
  • Basics of environmental security.
  • Common physical and environmental risks and controls.
  • General concepts related to auditing physical and environmental security.

Exploring Corrective Controls

  • Operational resilience and business resiliency as the primary building blocks needed to successfully recover from an event.
  • Key business recovery concepts, including business impact analysis, business continuity, disaster recovery, and incident response.
  • Phases in developing business continuity plans (BCPs), disaster recovery plans (DRPs), incident response plans (IRPs), and incident response playbooks.
  • Backup processing concepts.
  • Consulting and assessment activities as they relate to internal audit.

Auditing Project Management Practices

  • Fundamentals of portfolio, program, and project management.
  • Core principles of project management.
  • Controls and risks associated with project management.
  • Internal audit’s roles in a project.
  • Auditing the project management process.

Auditing Third Party IT Risk

  • Elements of a third-party risk program.
  • Third-party risk management process.
  • Contracting.
  • Monitoring.
  • The role of internal audit.
  • Performing the engagement.
  • Evaluating and reporting the results

CERTIFICATE EXAM

Participants who complete the course are eligible to sit for the certificate exam which is administered on The IIA’s LMS platform.

Each course segment concludes with a short multiple-choice quiz, requiring an 80% score to pass. Participants can retake these quizzes as often as needed to achieve mastery. After completing all segments, participants must pass a 40 multiple-choice certificate exam. 

  • Within 7-10 business days after the last session of the certificate program, the exam is available on the OnDemand Platform to all registered participants of the program. IIA Academy will inform participants via email once the exam is available.
  • The exam will be available for 90 days on the OnDemand Platform.
  • The exam consist of 40 multiple choice questions.
  • The exam must be taken in a single setting but is not timed.
  • All assessments and exams are open-resource.
  • You are allotted 3 chances to pass the exam. Additional attempts will be charged the US$125 retake fee.

ABOUT THE TRAINER

Yoong Ee Chuan
Certified Internal Auditor (CIA), Fellow Chartered Accountant (FCA), Singapore, Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), ISCA Financial Forensics Professional (ISCA(FFP)), Certified Fraud Examiner (CFE), ASEAN CPA

Driving fraud risk management and awareness, internal audit and IT audit & security, governance and cybersecurity with deep exposure to non-profit board roles spanning Audit Committee Chairman, Treasurer and Board Member.

Former Head of Internal Audit in a public sector agency driving internal audits covering operational, compliance and IT domains. Leading data analytics and forensic investigations whilst supporting CET training in procurement audits, fraud risk management and internal controls.

Ee Chuan is a seasoned practitioner in internal audit and fraud detection. He successfully detected and flagged a high-profile bid-rigging case involving a public sector agency that led to the prosecution of the perpetrators by the Competition and Consumer Commission of Singapore (CCCS) in 2024. 

REGISTRATION

Please email the completed registration details as per the excel form to IIA Academy at iia-academy@iia.org.sg. We will notify you once your registration for the training has been successfully processed.

Unlock 10% Savings with Group Registration!
 
Register as a group of four or more participants for the same course and enjoy a 10% group discount!
This offer applies to registrations from the same company submitted on the same day. The discount is applicable in one single invoice.
PAYMENT
For more information on payment modes, please click HERE.

IMPORTANT NOTE

  • Please email the completed registration details as per the excel form to IIA Academy at iia-academy@iia.org.sg. We will update you upon successful registration of the mentioned training.
  • Once the course is confirmed, an email confirmation will be sent to the registrants’ contact email addresses 1 week prior to the course commencement date.
  • If you do not receive any email notification regarding your course registrations, please call IIA Academy at 6324 9029 ext 2004 or 2005.

TERMS AND CONDITIONS

  • Registration is on a first-come, first-served basis.
  • Contact person will be notified via email upon successful registration of the participants. The training details would be sent to the registered participants one week prior to the training.
  • Registration fee must be received prior to the date of the training.
  • Registered participants will be liable for the full registration fee in the event of non-attendance on the date of the training.
  • Cancellation must be submitted in writing to the Academy team at iia-academy@iia.org.sg at least 7 working days prior to the training and subject to IIA Singapore's approval. A processing fee of $100 per participant will be imposed for any cancellation received less than 7 working days. Substitutions will be permitted, and conditions will apply. You may substitute a “like” person to attend the training in your place – for example, if you are an IIA Singapore member, you may substitute with another IIA Singapore member.
  • IIA Singapore reserves the right to cancel or postpone the training if the minimum class size is not met. In such cases, all paid registration fees will be refunded in full.
  • IIA Singapore reserves the right to revise the training programme as necessary.
  • IIA Singapore reserves the right in our absolute discretion and without further liability to cancel any training, in which case any fees paid by you will be refunded. However, in such circumstances IIA Singapore cannot be held responsible for hotel or travel expenses which you are unable to recoup as a result of a training being cancelled.
  • IIA Singapore reserves the right to take videos and photographs during the training for use in IIA Singapore’s marketing collaterals and other publicity purposes.
  • Complimentary parking, if available, will be provided on a first-come-first-served basis.
Ref: TRAIN-P0000001-700