Have any questions? Ask@acsmb.com (602) 263-8958

WEBINAR: PRACTICAL RISK-BASED IT AUDITING

WEBINAR: PRACTICAL RISK-BASED IT AUDITING

Learn how to conduct effective, risk-based IT audits that deliver measurable business impact.
Sep 16, 2026 to Sep 17, 2026, 06:00 AM – 09:00 AM PM (Central Daylight Time)
Training Objectives

    By the end of this course, participants should be able to:

    • Develop a comprehensive audit plan and perform risk-based scoping for an IT audit in a complex business environment, selecting and justifying focus areas using multiple input resources and established frameworks (NIST CSF, ISO 27001, PCI-DSS, COBIT, and ERM).
    • Execute effective fieldwork activities—including planning and conducting interviews, control testing, observations, and evidence collection—while efficiently using tools and templates to navigate real-world artifacts in cloud, DevOps, and mobile app environments.
    • Identify and document audit findings with clear root causes, business impacts, and actionable recommendations, addressing common blind spots in technical knowledge and tool usage.
    • Draft and refine management reports in clear, business-oriented language that drives serious responses, commitment, and value from senior stakeholders.
    • Effectively engage with management to gather input, incorporate feedback, and deliver final reports that add measurable value to the client's risk management and compliance efforts.

Time Remaining.
  • 00 Days
  • 00 Hours
  • 00 Minutes
  • 00 Seconds
Registration/Pricing Download Brochure

    The Practical Risk-Based IT Auditing Master Class is a comprehensive, 2-day live online training workshop delivered via Zoom. It is designed to equip participants with the practical knowledge and skills needed to conduct high-impact, risk-based IT audits in today’s complex regulatory landscape.

    The course is built entirely around a single, immersive Fintech case study: a mobile app serving global retail clients for instant payments, wallet services, and cross-border transfers. The company uses cloud infrastructure with a mature DevOps model, has achieved ISO 27001 certification, and is actively preparing for a PCI-DSS compliance assessment.

    This virtual master class focuses on proven techniques, methodologies, and best practices for auditing IT controls, with a strong emphasis on NIST Cybersecurity Framework (CSF) 2.0, SEC cybersecurity disclosure requirements, cloud computing risks (AWS environments and DevOps), and privacy/data protection challenges.

    Through interactive sessions, hands-on Excel tools, role-plays, and real-world audit artifacts (mobile app mock-ups, DevOps artifacts, and cloud environment screenshots), participants will master how to plan, scope, execute, and report IT audits that support business and compliance objectives.

Course Schedule
TIMINGSDay 1
05:30 to 06:00Registration & Introduction
Day 1-2
06:00 to 08:00Session One
08:00 to 08:20
08:20 to 11:00Session Two