Course Modules:

Part I: Overview of IS Security & Audit

  • IT Governance, Security Policies and Control
  • IT Organisation & Delivery Models
  • Risk Assessment, Risk based audit planning
  • Pillars of Information Security
  • Confidentiality, Integrity, Availability
  • Control & Audit Perspective on each of the above topics

Part II: Compliance & Security Framework

  • ISO 27001 Domains
  • COBIT Framework, Maturity Model(CMMI)
  • GDPR, NIST Privacy Framework
  • Personal Data Protection bill (Draft)
  • Information Technology Act, 2008
  • Control & Audit Perspective on each of the above topics

Part III: Business Continuity & Disaster Recovery

  • Business Continuity Management
  • Developing a Business Continuity Plan
  • Testing Methodology and Checklist-Data communication
  • Backups-Vital Records/ Documentation
  • Control & Audit Perspective on each of the above topics

Part IV: Cyber Security & Cyber Forensics

  • Understanding Network Communication
  • Network Component and Security
  • TCP/IP
  • Demilitarized Zones (DMZ)
  • Common Cyber Attacks
  • Vulnerability and Threat Analysis
  • Cryptography and Steganography
  • Digital Evidence
  • Ethical Hacking
  • Control & Audit Perspective on each of the above topics

Part V: Business Application-Acquisition, Development & Implementation

  • Components of Business Application
  • Hardware/ Application Acquisition
  • Business Application Development
  • Business Application Implementation/ Post-Implementation
  • Application Control – Input, Process, Output
  • Data Analytics, CAAT
  • Understanding Emerging Technologies
  • Block chain, RPA, IOT, AI
  • Control & Audit Perspective on each of the above topics

Part VI: IT Audit In Banking Sector

  • Core Banking System
  • Payment Application – SWIFT, RTGS, IMPS, NEFT, NSS
  • Debit/Credit Card
  • BankNet
  • Digital Banking Channel – Phone Banking, Mobile Banking, Net Banking, ATM, Anywhere Banking, Mobile Wallet
  • RBI regulation for system security
  • Control & Audit Perspective on each of the above topics

Part VII: IT Audit In SAP Environment

  • SAP Basics, Modules, Integration, Technology
  • Roles & Authorisation
  • SAP Change Management
  • SAP Tables
  • SAP GRC
  • Control & Audit Perspective on each of the above topics

Part VIII: Understanding Cloud Computing System

  • Characteristics of Cloud Computing
  • Types of Cloud Computing
  • Cloud Service Models
  • Benefit and Risks in Cloud Computing
  • Control & Audit Perspective on each ofthe above topics

Part IX: Adopting the Cloud

  • Key Drivers of Cloud Computing Solutions
  • Instantaneous provisioning of computing resources
  • Tapping into an infinite storage capacity
  • Cost- effective pay-as-you-use billing models
  • Evaluating barriers to Cloud Computing
  • Handling sensitive Data-Aspects of Cloud Security
  • Assessing Governance Solutions
  • Control & Audit Perspective on each of the above topics

Part X: Calculating the Financial Implications

  • Comparing in-house facilities to the Cloud
  • Estimating Economic Factors Downstream
  • Preserving Business Continuity
  • Selecting appropriate Service
  • Service Level Agreements
  • Safeguarding access to Assets in the Cloud
  • Security availability and Disaster Recovery Strategies
  • Control & Audit Perspective on each of the above topics

Part XI: Migrating to the Cloud

  • Technical Considerations
  • Re-architecting Application for the Cloud
  • Integrating the Cloud with existing Applications
  • Avoiding Vendor lock-in-Planning the migration and selecting a Vendor
  • Control & Audit Perspective on each of the above topics