Minnesota ChapterHome|www.isaca.org |Events|Search

 

Hidden Secrets from IT Auditors

Chapter Information

Chapter Mission

President's Letter

Organizational Chart

Bylaws

Chapter History

Past Presidents

Volunteer Opportunities

Chapter Annual Reports

Chapter Leaders

Chapter Leaders Area

Events

Chapter Events

Non-Chapter Events

 

Employment

Job Postings

Job Posting Policies and Rates

 

Membership

Become an ISACA Member

Update Your Contact Information

New Members

Membership Growth

 

Certification

CISA & CISM FAQ's

CISA Exam Registration

CISM Exam Registration

CISA Review Course Registration

CISM Review Course Registration

 
Hidden Secrets from IT Auditors
Hosted by: AuditServe, Inc.
Time: Tuesday/Wednesday, February 19th-20th (8:00am-4:30pm)
Place: Radisson Hotel
2540 N. Cleveland Ave.
Roseville, MN 55113
651-636-4567
Overview: After being on the audit side for the first half of his career, the instructor has spent most of the last 12 years consulting full-time with systems development groups and data centers, uncovering many controls issues which were in many instances unknown to the most experienced auditors.  The instructor has devised unique methods for performing compliance testing which disclose major gaps in an organization’s control design.
Audience: This seminar is targeted towards mid to senior level auditors and Information Technology personnel.
Duration: 2 days (15 CPEs)
Outline:

The following topics, system practices and schemes will be discussed:

Bypassing controls over production access

  • Does anyone really know what production is?
  • Direct changes to data
  • Production fetching non-production components
  • Using controlled processes to gain access
    • Ineffective Security Design

Inadequate security designs

  • Flaws in decentralized security administration
  • Application design issues which cause database management issues
  • Is the firewall preventing unauthorized access?

Ineffective IT Budgeting & Expense Tracking

Limitation of controls within a SaaS (Software as a Service) application deployment

Reviewing the adequacy of SAS 70s

  • Understand why most SAS 70’s cannot be used to assure that adequacy of controls relied upon by your organization
  • Detailed steps on how to assess that adequacy of control objectives
  • Detailed steps on how to assess that adequacy of test procedures

Techniques used to bypass the requirements of the SDLC

Performing an implementation integrity review of software management systems

Assessing the adequacy user acceptance testing

  • Evaluating the Test Environments
  • Evaluating Test Scripts
  • Auditing Test Plans
  • Auditing Test Results

For each of the above topics, the following will be discussed where appropriate:

  • What it is and reasons for its occurrence
  • Examples of how it is set-up
  • Steps to determine whether it is used within your organization
  • Establishment of preventive controls
  • Alternative compliance test techniques

 

 

Registration Instructions
Step 1: Click Here to download the Registration Form
Step 2: Complete the Registration Form
Step 3: Mail, Email, or fax the completed form and check or purchase order to our chapter office by Friday, February 15th, 2008
  Fax Number 651-635-0307
  Email Address lkrueger@assocmgmt.org
  Postal Address MN ISACA
1711 West County road B, Suite 300N
Roseville, MN 55113
Step 4: Wait for your registration confirmation. Registration confirmations will be done by phone or by Email within 48 hours.
Registration Questions: Please contact Laurie Krueger at lkrueger@assocmgmt.org or by phone (651) 635-0306.
Cancel: http://www.mnisaca.org/cancel.htm



1711 W. Cty Road B
Suite 300 N
Roseville, MN 55113