This is the second of a multi-part course series following the structure of my book Auditor’s Guide to IT Auditing which follows the Information Systems Audit and Control Association (ISACA) Certified Information Systems Auditor qualification syllabus.

The whole series takes the aspiring IT auditor from the basics all the way through to advanced concepts and techniques for conducting professional IT audits.

Both the book and the courses have proven of major assistance to auditors for the Certified Information Systems Auditor (CISA) exam as well as Part 1 of the Certified Internal Auditor (CIA) examination of the Institute of Internal Auditors (IIA).

Part 2 of the series covers the risks within today’s information systems and the fundamental audit concepts together with the Standards and Guidelines for IT auditing. It also introduces auditors to Internal Control Concepts.

Course Series

This course is included in the following series:

5 CoursesAuditor's Guide to IT Auditing

  1. Auditor’s Guide to IT Auditing – Part 1: Technology Underlying Modern Computer Systems and the Role of IT Audit
  2. Auditor’s Guide to IT Auditing – Part 2: Risks Within Today's IT Systems and Fundamental Audit Concepts
  3. Auditor’s Guide to IT Auditing – Part 3: Primary Audit Controls and Roles
  4. Auditor’s Guide to IT Auditing – Part 4
  5. Auditor’s Guide to IT Auditing – Part 5
Learning Objectives
  • Identify the major risks inherent within today’s IT environment
  • Identify the essential auditing concepts within IT
  • Identify the recognized Standards and Guidelines for IT auditing
  • Identify the Internal Control concepts essential to effective use of IT

 

 

Last updated/reviewed: March 7, 2024
36 Reviews (137 ratings)

Reviews

Member's Profile
The flow of information presented in this course was not as cohesive as in part 1. I felt that the material could have been better organized to emphasize the role of management/board versus the role of internal audit. However, the content was all relevant to today's business and audit environment and the presenter was easy to undrstand (if a bit monotonous).

4
Member's Profile
A very informative course where it stated the standards and guidelines available and what to focus on those standards given. There are rooms for improvement to make the slides and course more interesting whereby instructor may include some real-life examples.

3
Anonymous Author
Alarming to see COSO referred to as COSA on slide 20 (and in the recorded presentation). Overall, a decent overview of control frameworks and professional standards. I have concerns about the "correct" answers to some of the final exam questions though.

5
Anonymous Author
The course is very informative and structured. The presenter discussed the theoretical aspects of IT audit, particularly,on how to assess the risk based audit methodologies in an Information Systems.

4
Anonymous Author
Good course with much relevant information on risks and control objectives. I found this course very useful in understanding the posture of IT in an organization.

3
Anonymous Author
The video course was informative although a bit elementary. The exam had no correlation with the video material and the "correct" answers were not correct.

5
Anonymous Author
Going through each of the governing bodies and frameworks to determine where IS requirements come from and are established was very interesting.

3
Anonymous Author
............................................................................................................................................

4
Anonymous Author
An answer for an exam question is wrong. Like with part 1 the material on slides does not completely cover the exam questions.

5
Anonymous Author
I've used Illumeo for cpes for a few years, and the classes are always fair for the amount of cpes you get in time spent.

4
Member's Profile
The course spends a lot of time on the values assigned to risk ratings. Also, one of the final exam questions is wrong.

1
Anonymous Author
this is one course that I did not enjoy. on a couple of instances, the questions barely reflected the material.

4
Anonymous Author
It's the continuation of the first part. Very concise. and provides the basic knowledge an auditor will need.

5
Member's Profile
This course was very effective at delivering the ideas needed to be a more effective leader, and professional.

4
Anonymous Author
A refresher and interesting training. Nothing surprised me. This will be beneficial to performance auditors.

5
Anonymous Author
Auditor’s Guide to IT Auditing – Part 2: Risks Within Today's IT Systems and Fundamental Audit Concepts

2
Member's Profile
Some of what was presented was wrong in my opinion. This has been the weakest class I’ve taken to date.

4
Anonymous Author
This course provides information on understanding information systems areas of risk and risk factors.

1
Anonymous Author
This course is terrible, the concepts are not aligned to reality. This course should be taken down.

5
Member's Profile
Great informative course. The content was relevant and organized, Would definitely recommend

5
Member's Profile
Good refresher course. Good information. Valuable insight. Would recommend for CIA CPE.

4
Anonymous Author
Good course, very thorough detail for risk assessment and the standards to adhere to.

3
Member's Profile
The final exam questions that were not fully or well discussed in the presentation.

3
Anonymous Author
Good refresher course on Information Technology Auditing Basic Concepts.

5
Member's Profile
This is a great course with a huge impact for a further research of internal audit.

5
Member's Profile
Test questions cover materials lightly covered or not in the materials.

4
Anonymous Author
Overall it was an Informative course.

3
Member's Profile
The full test of the presentation should be made available for review.

5
Anonymous Author
Good course with relevant information on risks and control objectives.

4
Anonymous Author
Great course of auditor's guide to IT auditing which add value to me

5
Member's Profile
Great course. Good instructor. Would definitely recommend.

4
Anonymous Author
The topics are well presented. A good refresher course.

3
Anonymous Author
Exam questions were not covered by course material

1
Member's Profile
Content not related to test!!!

5
Member's Profile
Relevant information.

5
Anonymous Author
Very concise.

Prerequisites
Course Complexity: Intermediate

No advanced preparation or prerequisites are required for this course, but completion of the other courses in this series will be helpful.

Education Provider Information
Company: Illumeo, Inc., 75 East Santa Clara St., Suite 1215, San Jose, CA 95113
Contact: For more information regarding this course, including complaint and cancellation policies, please contact our offices at (408) 400- 3993 or send an e-mail to .
Instructor for this course
Course Syllabus
INTRODUCTION and OVERVIEW
Auditor’s Guide to IT Auditing – Part 2
  IS Risk and Fundamental Auditing Concepts15:01
  Standards and Guidelines for IT Auditing7:42
  Internal Control Concepts 6:41
  IT Risk Management 10:47
CONCLUSION
  Audit Management 13:37
CONTINUOUS PLAY
  Auditor’s Guide to IT Auditing – Part 255:23
SUPPORTING MATERIALS
  Slides: Auditor’s Guide to IT Auditing – Part 2PDF
  Auditor’s Guide to IT Auditing – Part 2 Glossary/IndexPDF
REVIEW and TEST
  REVIEW QUESTIONSquiz
 FINAL EXAMexam