Online Course on General IT Audit

Email This Page

*Denotes are mandatory fields.

Your Name : *
Your Email : *
Friend's Email : *
Friend's Name : *
Page URL : *
Message : *
Enter Captcha : *

Try another one


Sending Mail Please Wait ...

Event Details

Online Course on General IT Audit - Oct 28, 2021


Information Technology (IT) is a critical enabler of business. Assuring an organisation’s governance, risk management, compliance and control processes requires internal auditors to understand the role of IT within their organisations and to develop adequate knowledge and skills to audit IT systems as the line separating “IT” and “non-IT” audits is beginning to disappear, except in the very technical IT areas.

As technology gets increasingly fused with business processes, business auditors need to be better prepared to provide integrated audit services that encompass process and technology audit areas. This course is specially designed to equip business auditors with skills and knowledge to assess IT risks and related controls, IT governance and management controls.

DATE & TIME :  October 28 & 29, 2021 -11.00am to 5.00pm

  •  Ability to identify and evaluate business risks in the IT environment and propose solutions to address the identified risks.

  •  Ability to identify IT-related business risks and evaluate IT general controls and IT application controls in a business context.

  •  Ability to prepare an audit programme for the audit of an IT system which addresses both IT general control and IT application control objectives

  •  Ability to participate effectively in the design, development, testing and implementation of a new IT system, providing appropriate audit advisory and consultancy services from the business context.

Day - I


Definition and scope of IT audit

The CIA Triage (Confidentiality, Integrity and Availability

IT Audit Process
  •  IT audit planning

  •  Conduct of IT audit fieldwork

  •  Reporting of IT audit observations

  o  IT Audit Risks

  o  Assessing IT Risk

  o  Designing IT Controls

  o  Business Process Controls

IT Governance, Risk Management and Compliance (GRC)
  •  Objectives and scope of GRC

  •  Business and IT Alignment

  •  Third-party risk management

  •  GRC systems – Desired Outcomes


  o  COBIT

  o  ISO/IEC 27001

  o  NIST SP-800s

  o  SANS

  o  Center for Internet Security (CIS)


  o  Sarbanes-Oxley


  o  Privacy & GDPR & CCPA

Disaster Recovery and Business Continuity 
  •  Disaster recovery planning site concepts

  •  Systems and data backup

  •  Systems and data recovery procedures

  •  BCP/DRP planning considerations

  •  Crisis management

Day – II

Database terms and internet terms

Basic IT infrastructure

Network concepts

  o  Defining types of networks

  o  OSI model

  o  TCP/IP

•  Networking Risks & Controls

  o  Remote access and authentication

  o  Common vulnerabilities

•  Threat models, e.g., social engineering, malware, Advanced Persistent Threat (APT), Denial of Service (DoS)

Network security Tools & resources

Understanding Vulnerability Assessment and Penetration Testing (VAPT)

Web application testing methodology, tools & demos of OWASP top 10

Darknet & deep web

General IT audit checklist

Understanding cyber security framework of RBI, SEBI, IRDAI



Business auditors, as well as other professionals who have an interest in general IT audit


ZOOM Meeting - 6 + 6 Hrs with Q&A (Lunch & Tea Break: 30/15mins)

Sachin Dedhia (CISA, CEH, CEI, ISO 27001 LA)

He is an independent Cyber Crime Investigator & also a Certified Ethical Hacker (EC-Council, USA). He is also a certified international trainer in the field of Cyber Security, Ethical Hacking, Cyber Crime Investigations & Digital forensics. Since many years he has been working as an Independent Cyber Crime Investigator and also as a IT security expert for various MNC’s, SME’s, Govt depts., Corporate & individuals. He has also provided training to Mumbai, various other State Police Departments. He has also been assisting various other Govt Departments of India with respect to their Cyber Crime queries. 

Since 2010, he has been successfully conducting various seminars & workshops across numerous Schools, Colleges, Universities, Chartered Accountants Chapters, Rotary clubs, Hospitals Etc. Overall, it covered all the sectors of the society. He is one of the most popular speaker in Mumbai University for the Refresher & Orientation courses In 2010, he was privileged to give seminar in the Rajbhavan i.e. in Governor's office of Mumbai. 9 years of experience in vulnerability Assessment and Penetration Testing (VAPT), ISO 27001 Network VAPT, Web Application VAPT. He has conducted numerous audits for various International as well as national clients, Corporate & Govt. depts.

He has been conducting Corporate Workshops at and is associated with various prestigious associations like Indo-American society, Princeton academy, ICAI and Bankers Training college.

He has successfully conducted over 1000+ seminars & workshops across India, & enlightened over 75,000 participants.

Webinar details will be provided to the participants, after registration.


Revati Khare ||Assistant Director - Information & Communication Technology Committee

Email :

Tel. (D) + 91 22 6120 0231; (M) + 91 9892029473

Participation Fee :   
Members  Rs. 6,000 + 18% GST  
Non-Members  Rs. 7,000 + 18% GST 

Bank Details for NEFT

Account No.




Bank Name

State Bank of India

Branch Address

Mumbai Main Branch

Cheque /Demand Draft should be drawn in favor of “BOMBAY CHAMBER OF COMMERCE AND INDUSTRY”


No Poll Created

Name : *
Email : *
Comment : *

(Max characters allowed 522.)
File Upload :

Try another one

Enter Captcha Code*