Training Fraud Audit by IT Security

Pelatihan IT Security Audit

The IT Security Audit course is designed to provide practical view  in conducting IT audit and assurance in one organization. The course is designed to support professional staffs to expand their understanding of information technology (IT) audit.

The course presents a more in-depth view on the fundamentals of IT auditing by highlighting on topics such as: IT audit and control analysis, examination of control evidence in conducting IT audit, application control, Operating System and IT Infrastructure audit, and management of IT audit.

The course will include discussion and exercises related to general control examinations and application system auditing. The course will also focus on control research and analysis for IT-related topic areas. In addition, through discussion and exercises, participants will gain a working understanding of the process of developing audit work programs encompassing all elements of IT infrastructures. Participants will be expected to gain a working understanding of how to identify, reference and implement IT management and control policies, standards and related auditing standards. Regarding the latter, the objective is to learn how to identify and interpret the requirements of the standards and. implement the standards in auditing process.

IT Security Auditing covers the latest auditing tools alongside real-world examples, ready-to-use checklists, and valuable templates.
Each class session will include discussion on an IT audit  management, security, control or audit issues that participants should be familiar with.

Course Objectives & Benefits

At the completion of this course, the participants should be able to :

• Participants shall obtain an expanded understanding on  the role of IT auditors in evaluating IT-related operational and control risk and in assessing the appropriateness and adequacy of management control practices and IT-related controls inside participants’ organization, with the focus on IT infrastructures
• The participants shall obtain the capability on  how to analyze Windows, UNIX, and Linux systems; secure databases; examine wireless networks and devices; and audit applications. Plus, participants  get up-to-date information on legal standards and practices, privacy and ethical issues, and the CobIT standard.
• Participants shall obtain the capability in conducting IT audit and implement  techniques in performing assurance, attestation, and audit engagements
• Capability to build  and maintain an IT audit function within the organization with maximum effectiveness and value
• Participants shall obtain an expanded familiarity with the principle references in IT governance, control and security as related to IT audit
• Participants shall obtain the working ability to plan, conduct, and report on information technology audits with specific focus on infrastructure vulnarability assesment and assurance, and drill down upon application vulnarabilities
• Participants shall obtain  an understanding of the role of IT auditors regarding IT-related compliance and regulatory audits, such as evaluating control standards
• Capability to use  best prractices  and methodologies such as: COSO, CobiT, ITIL, ISO, and NSA INFOSEC

Who Should Attend

• IT Managers
• Security Managers
• Auditing Staffs
• IT Operation Staffs.

Training Material: Fraud Audit by IT Security

1. Audit Overview

This session will cover IT audit concepts and processes, including:

• A review of key IT auditing fundamentals, such as general auditing standards and risk-based auditing.
• Pre-audit objectives, determining the scope and audit objectives.
• The process of conducting an IT audit.
• Discussions on IT performance, controls, control self-assessment, risk analysis, and the objectives of the IT audit or assurance report.

2. Building an Effective Internal IT Audit Function

This session will focus on managing IT audit and assurance functions, including:

• Developing and assessing staff knowledge and skills.
• Competency measurement, staff assignment, documentation, and continuing education requirements.

3. The Audit Process

Conduct IT audits following IT audit standards, guidelines, and best practices to help organizations ensure their information technology and business systems are protected and controlled.

4. Auditing Techniques

A description of various techniques available for auditing IT infrastructure.

5. Auditing Entity-Level Controls

An explanation of entity-level controls, including:

• Operating system controls in UNIX, Linux, and Windows-based operating systems.
• Controls in network routers, switches, firewalls, WLANs, and mobile devices.
• Controls at the entity level, data centers, and disaster recovery plans.
• Controls in web servers, platforms, and applications.
• Critical controls for databases.

6. Auditing Data Centers and Disaster Recovery

A guide on conducting audits of data centers and disaster recovery sites, including all supporting infrastructures.

7. Auditing Switches, Routers, and Firewalls

A guide on auditing network infrastructure, including routers, switches, and firewalls.

8. Auditing Windows Operating Systems

Guidelines for auditing Windows operating systems using effective and thorough methodologies.

9. Auditing Unix and Linux Operating Systems

Guidelines for auditing UNIX and Linux operating systems with a focus on reliability and controls.

10. Auditing Web Servers

A guide on auditing web server infrastructure and network DMZ devices.

11. Auditing Databases

Instructions on auditing organizational databases and all supporting operational elements.

12. Auditing Applications

Guidelines for auditing enterprise applications and their supporting modules.

13. Auditing WLAN and Mobile Devices

Instructions on auditing Wide Area Network (WAN) infrastructure and compatible mobile devices.

Instruktur Training

Pelatihan ini akan dibawakan oleh trainer/ pemateri yang berpengalaman di bidangnya.

Metode Training

1. Presentation
2. Discuss
3. Case Study
4. Evaluation
5. Pre-Test & Post-Test
6. Games

Jadwal Diorama Training Tahun 2025

• Januari : 16-17 Januari 2025
• Februari : 13-14 Februari 2025
• Maret : 5-6 Maret 2025
• April : 24-25 April 2025
• Mei : 21-22 Mei 2025
• Juni : 11-12 Juni 2025
• Juli : 16-17 Juli 2025
• Agustus : 20-21 Agustus 2025
• September : 17-18 September 2025
• Oktober : 8-9 Oktober 2025
• November : 12-13 November 2025
• Desember : 17-18 Desember 2025

 

Catatan: Jadwal tersebut dapat disesuaikan dengan kebutuhan calon peserta. Peserta dapat mengajukan tanggal pelaksanaan pelatihan. Sebelum melakukan booking tiket perjalanan maupun hotel mohon untuk menghubungi marketing kami terlebih dahulu. Kesalahan pemesanan tiket terkait jadwal tanpa surat konfirmasi (Confirmation Letter) bukan merupakan tanggung jawab tim Diorama Training.

Lokasi 

REGULER TRAINING

• Yogyakarta, Hotel Fortuna Grande Malioboro (6.000.000 IDR / participant)
• Jakarta, Hotel Amaris Kemang  La Codefin (6.500.000 IDR / participant)
• Bandung, Hotel Neo Dipatiukur (6.500.000 IDR / participant)
• Bali, Hotel Ibis Kuta (7.500.000 IDR / participant)
• Lombok, Hotel Jayakarta (7.500.000 IDR / participant)
• Surabaya, Hotel Neo Gubeng (7.500.000 IDR / participant)

ONLINE TRAINING VIA ZOOM

Investasi

• Investasi pelatihan selama tiga hari tersebut menyesuaikan dengan jumlah peserta (on call). *Please feel free to contact us.

Catatan: Apabila perusahaan membutuhkan paket in house training, anggaran investasi pelatihan dapat menyesuaikan dengan anggaran perusahaan.

Benefit Apa Saja yang Didapatkan Peserta?

• FREE Airport pickup service (Gratis Antar jemput Hotel/Bandara)
• FREE Transportasi Peserta ke tempat pelatihan (By Request)
• Module / Handout
• FREE Flashdisk
• Sertifikat
• FREE Bag or backpack (Tas Training)
• Training Kit (Dokumentasi photo, Blocknote, ATK, etc)
• 2x Coffee Break & 1 Lunch, Dinner
• FREE Souvenir Exclusive

FAQ tentang Diotraining

P : Berapa minimal running pelatihan ini ?
J : Pelatihan ini akan running idealnya minimal dengan 3 peserta, tetapi bisa disesuaikan dengan kebutuhan peserta

P : Apakah bisa jika saya hanya ingin pelatihan sendiri aja / private course ?
J : Bisa, kami akan membantu menyelenggarakan pelatihan 1 hari jika ada persetujuan dari klien

P : Dimana saja pelatihan biasanya di selenggarakan?
J : Pelatihan kami selenggarakan di beberapa kota besar di Indonesia seperti Bandung, Jakarta, Yogyakarta, Surabaya, Malang, Bali, Lombok dan beberapa negara seperti Singapore dan Malaysia

P : Apakah bisa diselenggarakan selain di kota lain?
J : Penyelenggaraan pelatihan bisa diadakan di kota lain dengan minimal kuota 5 orang setiap kelas

P : Apakah bisa juga diselenggarakan secara IHT/ In House Training di Perusahaan klien ?
J : Bisa diselenggarakan secara IHT di Perusahaan klien

P : Apakah jadwal bisa disesuaikan dengan kebutuhan klien ?
J : Jadwal pelatihan dapat di sesuaikan dengan kebutuhan klien.

 

Materi, Lokasi dan Jadwal Pelatihan Bisa Berubah Sewaktu-waktu dan disesuaikan Dengan Kondisi Peserta, dimohon untuk Melakukan Konfirmasi untuk Segala Bentuk Perubahan, agar Tidak Terjadi Miskomunikasi. Segera Daftarkan Pelatihan, Dapatkan Promo Menarik Bulan Ini.

 

Beberapa Klien Kami

 

 

Silabus Training ini di edit oleh Wafa Setiawan sebagai Content Writer Spesialis. Tim Diorama Training di bidang Pelatihan Konsultasi Sumbedaya Manusia dan Sertifikasi.