Main Menu

Two Day Seminar: Fundamentals of IT Auditing

Course Code: IAD444 CPE Hours: 16
Course Start Date: March 26, 2019 Course End Date: March 27, 2019
Time: 9.00 AM - 5.00 PM Registration Deadline : March 19, 2019
Level of course: Level 1 Trainer: Abdul Hamid Bin Abdullah
Competency areas: Internal Audit Delivery [IAD] Course venue: M Hotel Singapore/Oasia Hotel Novena
Course fee (IIA/ ISACA member): $845.30 (Inclusive of GST) Course fee (non-member): $1070 (Inclusive of GST)
Other Memberships valid for discount: 10% off non-member rate for ISCA and ACCA member
Lunch Provided: Yes Tea Break: Yes
Course Overview:

This course will provide attendees with an introduction to IT auditing, emphasizing the concepts through exercises and case studies. Internal audit professionals will develop knowledge of basic IT audit concepts that can be used to facilitate integrated audit efforts within their organization.

The course will also provide attendees the opportunity to perform an audit of IT applications supporting key business processes, coordinate the assessment of IT risk with the evaluation of IT general controls, and perform a risk assessment and evaluation of controls over end user computer applications.

For new auditors with less than 2 years of practical experience

Course description :

• Utilising general IT control audit concepts, perform an audit of IT applications supporting key business processes
• During the performance of an audit of IT applications, which supports key business processes coordinate the assessment of IT risk with the evaluation of IT general controls
• Describe the concepts of application controls as they relate to the Software Development Life Cycle (SDLC)
• Utilising general IT control concepts, perform a risk assessment and evaluation of controls over end user computer applications.

Overview of IT Auditing, Concepts and Controls: Why IT Auditing and What Is It?
• Why IT auditing?
• What is IT auditing?
• What are the benefits of an IT audit?
• What is the role of an IT auditor?
• Growth of the IT auditor, including background
• Common IT audit certifications
• IIA standards related to an IT audit
• Key components of IT
• How COSO and GAIT relate to IT audit
• Guide to the Assessment of IT Risk (GAIT)
• Major U.S. laws that impact IT audit
• IT general and application controls
• End-user computing
• IT governance

Case Study

General Control: Logical Security
• General security concepts
• Access management concepts
• Access management principles
• Common access management controls
• Password configuration and authentication

General Control: Business Continuity Planning (BCP), Disaster Recovery (DR), and Backup Processing
• Business Continuity Management (BCM)
• Disaster Recovery (DR)
• Backup processing
• BCM Implementation Requirements
• Recovery solutions

Application Controls
• Application control concepts
• Input controls
• Processing controls
• Output controls
• Interface controls
• Audit trails
• Application security

General Control: Change and Patch Management
• What is change and patch management?
• Why do change and patch management?
• What are the types of changes?
• Elements of a typical change process
• Types of risks and controls
• Indicators and recognizable symptoms of poor change management practices
• Change management success measures
• Variations in change management processes

Cloud Computing and Service Organization Control (SOC) Reports
• Cloud computing
• SOC reports

General Control: System Development Lifecycle (SDLC)
• Aspects of the SDLC
• SDLC phases
• Impacts of project failures
• Pre and post implementation reviews

End User Computing
• User Developed Applications (UDAs)
• Benefits, risks, and controls of UDAs
• Auditor’s approach to UDAs

Mr. Abdul Hamid Bin Abdullah is a Certified Information Systems Auditor (CISA), a Charterd Accountant of Singapore (CA Singapore) and a Fellow of the Institute of Internal Auditors (FIIA) Singapore. He has recently retired from an audit director’s role with 35 years of public sector audit experience. His professional knowledge and work experiences include IT audits of public sector organisations. He is a Past President of the Information Systems Audit and Control Association (ISACA) Singapore Chapter and a Past International Vice-President, ISACA Board of Directors and the IT Governance Institute. He is an adjunct course leader for applied learning in Information Security and Assurance in the Singapore Institute of Technology, and an executive advisor (Audit, Risk Management and Regulatory Technology) in Straits Interactive Pte Ltd, a company which provides personal data protection services and GRC training and consultancy.

You can utilise the training credits which will expire on 31 May 2019 for this training/seminar,etc. Please contact to verify the availability of your training credits.

Payment by PayNow transfer

Make the payment of your registration fees via PayNow transfer by following the steps below:

1. Upon completing your registration, proceed to payment and select the “Cheque/Fund Transfer” option.
2. Login to Internet Banking or Mobile Banking.
3. Scan our corporate PayNow QR code.
4. Verify our UEN number (S76SS0058D) and release funds.
NOTE: Kindly include your name and/or membership ID under the UEN/Bill Reference Number (text limit of up to 25 characters).
5. Once payment is made, please print screen the transaction and email to for our tracking purposes.

Click here for more information on PayNow.

Group Discount
Register as a group of 4 or more participants for the same course and enjoy a 10% group discount!
Applicable for participants from the same company registered within the same day. Discount will be indicated and processed on a single invoice.

Terms and Conditions:
1. Registered participants will be liable for the full fee even in the event of non-attendance.
2. A processing fee of $100 will be imposed for any cancellation. Cancellation must be submitted in writing 7 days prior to the event date and subject to IIAS’s approval. Substitutions will be permitted and conditions will apply.
3. Full payment must be received prior to the event. Registration forms submitted without payment will not be accepted.
4. Contact Person will be notified VIA EMAIL of the result of their application for enrolment within three working days after the enrolment deadline.
5. Registration is on a first-come-first-served-basis and Complimentary Parking will be provided only on a first-come-first-served-basis.
6. IIAS reserves the right to revise the programme as necessary.
7. IIAS reserves the right to cancel or postpone the training should the minimum class size is not met.


A system generated email will be sent upon successful registration of the mentioned seminar.
Once the course is confirmed, an email confirmation will be sent to the registrants’ contact email addresses 1 week prior to the course commencement date
If you do not receive any email notification regarding your course registrations, please call IIA Academy at 6324 9030/31.

Registration Closed.