IT Audit Fundamentals | ITGC – Logical Security Testing

Learn the concepts of ITGCs and testing for Logical Security controls. Includes over 10 practical testing activities.

This course is for those that are interested in a career in IT Audit, Compliance, Governance, Risk and Controls (GRC), or Cybersecurity.  This course teaches the foundational principles that are needed to successfully complete Logical Security testing during IT Audits.

What you’ll learn

  • In this course, students will:.
  • Learn about IT General Controls.
  • Learn about Logical Security Controls.
  • Learn about 10 specific Logical Security controls, why they are tested and how to test them for IT Audits.
  • Learn about Physical Security Controls.

Course Content

  • Introduction and Course Overview –> 2 lectures • 3min.
  • Introduction to IT General Contols –> 1 lecture • 8min.
  • Logical Security –> 13 lectures • 1hr 14min.
  • Learning Objective Activities –> 1 lecture • 23min.
  • Bonus Lecture: Physical Security –> 1 lecture • 10min.
  • Resources and References –> 2 lectures • 1min.
  • Thank You –> 1 lecture • 1min.

IT Audit Fundamentals | ITGC - Logical Security Testing

Requirements

  • Prior knowledge of Controls and Testing (Refer to first course in the series).
  • General knowledge of IT and technology terms (e.g. user IDs, passwords, administrative accounts).

This course is for those that are interested in a career in IT Audit, Compliance, Governance, Risk and Controls (GRC), or Cybersecurity.  This course teaches the foundational principles that are needed to successfully complete Logical Security testing during IT Audits.

This course is for those that are new to IT Audit but understand the general concepts around IT controls and testing. This course is also valuable for those looking to refresh their basic knowledge about IT Audits, specifically Logical Security Testing.

This course teaches the practical aspects of conducting testing for Logical Security controls and is not focused on the CISA certification. CISA aspirants can still benefit from taking this course because they will learn and better understand basic IT Audit concepts in preparation for the exam.

The focus of the course is to teach concepts around testing Logical Security controls and does not focus on technologies or platforms. The reason is because the foundational principles are what new auditors really need. When you understand the auditing concepts, you can apply them to any technology or platform that is being audited.

Instructional Goal

Upon completion of this course, students will be able to identify several Logical Security controls and perform testing for IT audits by properly evaluating the design and operating effectiveness of each control. This course also teaches students how to identify and perform testing for Physical Security controls

Performance Objectives

During IT audit projects based on selected Logical Security controls, the IT auditor (course student) should be able to:

1. Identify Logical Security controls to test,

2. Evaluate the design and operating effectiveness of Logical Security controls by identifying and performing adequate testing procedures, and

3. Evaluate the need for compensating controls, if applicable.

Learning Objective Activities

The 10 learning objective activities covered in this course reinforce the concepts presented in the course and link them to real activities that occur when performing IT audits.

Realistic Assessments

The course quizzes and assessments are based on real-world IT Audit control testing activities.