Technology is an integral part of every organization; it underpins almost every piece of data, and transactions, calculations, and processes command the attention of daily business activities. Information technology (IT) infrastructure comprises hardware, software, communications, applications, and protocols, and implementation of these components are within the organization’s physical space and structure. As such, internal audit must be prepared to assess the increased complexities of processes within business units that heavily rely on technology. Internal auditors need a basic understanding of information technology (IT) concepts and operations. Without this knowledge, internal auditors may not fully comprehend IT objectives and the associated risks and may lack the ability to assess or audit the design or effectiveness of controls related to those risks. It is imperative that internal auditors know exactly what risks business processes face due to the use of technology; and more importantly, how the technology is secured and monitored.
This course provides internal auditors an opportunity to develop new skillsets, including the ability to understand the language of IT, as well as the ability to evaluate technical controls. Further, this course guides internal auditors in building proficiencies for IT-related assurance services related to infrastructure risk and controls.