Six modules of the training course IT Audit for non-IT Auditors have been opened for learning

20.12.2023

In the frame of Research and Training Hub project, EUROSAI IT Working Group is developing a training course IT Audit for non-IT Auditors. 

The goal of the whole training course IT Audit for non-IT Auditors is to increase the quality and impact of contemporary audits that frequently include IT components. Therefore, non-IT-auditors would benefit from basic knowledge about IT auditing provided in the training course. The training course will eventually consist of 7 modules in total and next modules will be published step by step.

Currently there are six modules open for learning.

  • The first module IT Audit in a Supreme Audit Institution has five chapters, it starts with an overview of SAI audits with IT components followed by addressing IT components in SAI audits, standards and frameworks relevant to the IT audit, planning of an audit with an IT component, and IT auditing methods.
  • The second module IT Systems, Software and Data has six chapters - it gives an overview of IT infrastructure, systems, software, and services. In addition, it introduces risks related to data quality, and outlines IT standardization and auditing aspects.
  • The third module IT Governance has five chapters - it gives an overview of IT governance and related issues, including management. In addition, it covers IT governance premises and components, frameworks and standards, IT governance in the public sector, as well as auditing aspects of IT governance.
  • The fourth module Information Security, Protection of Personal Data, and Business Continuity has six chapters. This module, developed by Bundesrechnungshof, Audit Unit VII 4, has six chapters. It includes a conceptual background while is describing risks and threats from the use of IT in society and public administration and importance of SAI audits. Also, it covers governance in information security management, the concept of information security management system, methodological background of Information Security Risk Management, various aspects of Information Security Management System, data protection, business continuity management and auditing aspects of information security within the scope of the module.
  • The fifth module Procurement and Outsourcing has five chapters. It covers an overview of life cycle, processes and activities of IT procurement and outsourcing. Also, it introduces specific management and technical issues related to IT procurement and outsourcing and related legislation, standards and frameworks. Finally it can be learned about auditing aspects of IT procurement and outsourcing.
  • The sixth module IT Development has five chapters. It includes an overview of system and software development processes, life cycles and models, core processes of a representative life cycle model, standards and frameworks relevant from the IT development viewpoint and SAI audits involving components related to IT development.

The course is offered as online course in Moodle environment. There are no time limitations to taking the course - you can take it at your own pace and the course is free of charge being available for everyone. The exercises in the course material can be taken unlimited number of times.

The EUROSAI ITWG Moodle is operated by the EUROSAI ITWG Secretariat / the National Audit Office of Estonia. To take the course, please go to https://training.eurosai-it.org, create your account and start learning.

In case of any questions or comments, please feel free to contact us at [email protected].

moodulid koolitusprogramm 3