the industry calendar
Course/Product Description

Auditing Business Application Systems

Format: In-Person Seminar
Find A Class Near You: View Dates And Locations For This Seminar

Auditing Business Application Systems
This three-day seminar is designed for financial, operational, and information technology auditors who need a technical and operational understanding to audit automated business applications.

By attending, you will learn how to assess key risks and controls in each stage of the application processing cycle and how to prioritize your audit approach to achieve optimal results in an effective and efficient manner.

You also will discover how to assess all aspects of a business application, including completeness and accuracy of input, processing and output, transaction authorizations, processing flow balancing and reconciliations, and controlling high-risk interfaces. You will also learn about IT general control risks and control objectives for critical aspects of the IT infrastructure.

You also gain field-tested techniques for identifying, prioritizing, recording, assessing and evaluating application controls and procedures.


1. Introduction To Business Application Systems

  • Types Of Automated Business Applications
  • Objectives Of An Application Audit
  • Types Of Applications Audits
  • System Environmental Considerations
  • Application Control Ownership
  • Integrated Auditing
  • Data Vs. Information

2. Business Application Transactions

  • What Is A Transaction?
  • Transaction-Based Application Auditing
  • Transaction Life Cycle
  • Application Risk Assessment Factors
  • Establishing Audit Priorities

3. Top-Down Risk-Based Planning

  • Planning The Application Audit
  • Top-Down, Risk-Based Planning
  • Defining The Business Environment
  • Determining The Application's Technical Environment
  • Performing A Business Information Risk Assessment
  • Identifying Key Transactions
  • Developing A Key Transaction Process Flow
  • Evaluating And Testing Application Controls

4. Data Input And Processing Models

  • Comparing Pros/Cons Of Input And Processing Models
  • Batch Input/Batch Processing
  • On-Line Input/Batch Processing
  • On-Line Input/On-Line Processing
  • Real
  • Time Input/Real-Time Processing

5. Application Controls

  • Business Applications
  • Information Objectives
  • COSO: Application Controls
  • Business Application Auditing
  • Application Transaction Life Cycle
  • Transaction Origination
  • Logical Security
  • Completeness And Accuracy Of Input
  • Completeness And Accuracy Of Processing
  • Completeness And Accuracy Of Output
  • Output Retention And Disposal
  • Data File Controls
  • User Review, Balancing, Reconciliation
  • End
  • User Documentation
  • Training
  • Segregation Of Duties
  • Business Continuity Planning
  • Sarbanes
  • Oxley Application Control Requirements

6. IT General Control Objectives And Risks

  • IT General Controls Overview
  • Relationship Between IT General Controls And Application Controls
  • COBITâ„¢ And ISO 27002
  • Physical Security
  • Environmental Exposures
  • Logical Security
  • Encryption
  • Systems Development
  • Production Change Management
  • Disaster Recovery And Business Continuity Planning
  • Sarbanes
  • Oxley IT General Control Requirements

7. Testing Application Controls

  • Testing Automated And Manual Controls
  • Testing Alternatives
  • Testing Sample Size
  • Sampling Terminology
  • Negative Assurance Testing
  • Types Of Audit Evidence
  • Functional/Substantive Testing
  • Computer Assisted Audit Techniques (Caats)
  • Data Analysis: Planning And Data Verification
  • Sarbanes
  • Oxley: Testing Requirements And Examples

8. Documenting Application Controls

  • Evaluating And Documenting Internal Controls
  • Internal Control Questionnaires
  • Narratives
  • Flowcharts / Process Flows
  • Control Matrix

9. End-User Computing

  • Growth Of End User Computing
  • End User Computing Risks
  • General IT Control Risks
  • Change Control Risks
  • Purchased Applications Risks
  • Spreadsheets: Typical Errors
  • Spreadsheet Risk Factors
  • Practical Steps For Evaluating Spreadsheet Controls

10. Auditing System Development Projects

  • Business Risks
  • Audit's Primary Goals
  • Costs To Correct Errors During System Development
  • Traditional System Development Life Cycle
  • Rapid Application Development
  • Internal Audit Involvement
  • Advantages And Challenges
  • Qualifications Of Audit Personnel
  • Requirements Of Audit Involvement
  • Internal Audit Objectives
  • Assess Project And Product Risks
  • Assess User Involvement

11. Executing Application Audits

  • Internal Audit Process
  • Objectives Of An Application Audit
  • Application Audit Planning
  • Application Risk Assessment
  • Determining The Audit Scope
  • Obtaining Planning Information
  • The Planning Memo
  • Audit Programs
  • Auditing Application Controls
  • Testing Application Controls
  • Audit Workpapers
  • Audit Report
  • Integrated Auditing
You will receive a copy of MIS' Information Technology & Audit Acronym Dictionary, defining hundreds of IT terms and acronyms, and the MIS Applications Control Handbook.

Who Should Attend?

IT, Financial, Operations and Business Applications Auditors; Audit Managers who require an understanding of application controls and audit approaches for business application systems.

Prerequisite: IT Auditing and Controls or equivalent experience

Learning Level: Basic

Dates & Times
Classes start on the date(s) posted herein, and run from 8:30am to 5pm daily, except for the last day of class, which ends at 3pm.
About The Provider: Founded in 1978, and with offices in the USA, UK, and Asia, MIS Training Institute - aka MISTI - is the international leader in audit and information security training.

Helping audit and infosecurity professionals stay at the top of their game has always been at the core of MISTI's mission. To that end, MISTI has developed and focused its seminars, conferences, and symposia on the wide-ranging needs of auditors and information security practitioners who are charged with controlling complex systems and business environments.

All MISTI training classes are led by industry experts. MISTI training classes are delivered by professionals who have been in the field and practice what they teach. Additionally, MISTI training's unparalleled course curriculum covers the most up-to-the-minute topics, provides proven audit and security practices, and delivers the information needed to be successful in today's organizations.

MIS Training Institute is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing education on the National Registry of CPE Sponsors. NASBA Sponsor Number: 103321

Cancellation/Refund Policy: MIS Training Institute

A full refund less a $100 administrative fee will be given for cancellations received 15 days or more before the event. Tuition is non-refundable for cancellations made 14 days or less before the event. You may, however, transfer your tuition to another MIS Training Institute event, less a $195 administrative fee. Transfers are valid for 12 months from the time of initial cancellation. Substitutions are welcome at any time.

Those who do not cancel before the MISTI event date and who do not attend are responsible for the full non-refundable, non-transferable tuition.
Price: $1,833.00
More Info: Contact Us For More Information
Share This: Share on Facebook

Share on Twitter

Keywords For This Course:

training for Auditing Business Application Systems

Currently Scheduled Dates For This Seminar
There currently are no scheduled dates for this seminar. Please click here to search for another course.
Webinars HR Payroll Safety Workers' Comp Bank/Mortgage CPA/Accounting In-Person Seminars HR Payroll Safety Workers' Comp Bank/Mortgage CPA/Accounting Online/Self-Study HR Payroll Safety Workers' Comp Bank/Mortgage CPA/Accounting
The Industry Calendar | 5755 North Point Parkway, Suite 228
Alpharetta, GA 30022
Copyright 2020
Web site development by OTAU