IT – Application Controls

Training Duration: 2 days

Training Delivery Method: On-site, instructor-led course; or online, instructor-led course


Business audit background, some IT controls background, some IT auditing background

What Problem Does This Training Help Solve?

Helps you understand, implement, and audit  IT application controls to mitigate IT risks and business risk

Who Should Attend?

Business auditors, IT control professionals, IT auditors, IT security professionals, IT application developers, IT applications project managers, IT application system designers

Course Material:

Content-rich manual/course handouts consisting of about 270 foils

Course Syllabus:

This seminar is designed to provide participants with an understanding of key risks and controls related to auditing applications including input, processing, output, security, transaction integrity, balancing and reconciliations, as well as pertinent IT general controls that support critical aspects of application processing.

Topics to be covered:

    • Applications systems and IT
    • Application systems control objectives
    • Life of an application transaction
    • System development life cycle and application controls
    • Controls: buy vs. build
    • Applications and application controls
    • Business-centric application audit planning
    • Batch Processing (BP) and online processing (OP)
    • Batch processing- transaction origination, transaction entry, computer processing, information storage, information retrieval, output processing
    • Online systems- transaction origination, transaction entry, processing controls, storage and retrieval, output processing
    • Data input controls
    • Data processing controls
    • Data output controls
    • IT general controls and their effect on business applications
    • DE and OE testing of application controls
    • End-user applications and controls
    • Art and science of sampling
    • Frauds through application systems