What are IT General Controls & how to perform ITGC Audit? session 1
Вставка
- Опубліковано 28 лис 2022
- What are IT General Controls & how to perform ITGC Audit? session 1
Link to join Telegram group - t.me/+8lcSF0urtEJlOWI1
First Video link - • Everything You Need to... #CyberSecurity - Розваги
You are Awesome 😍 What a person... You conveyed it very beautifully in the stipulated time
thanks, please keep watching and share if you like this video :)
thankyou very much for sharing the valueble information Bro
thanks brother
Very good session
Appreciate your knowledge and efoorts
thanks, please keep watching and share if you like this video :)
Thanks for sharing video
thanks for watching!
Nice sir..love to
watch ur sessions
Thanks 🤗 please share these videos and help me grow this channel
@@LearnITSecuritywithLuvJohar sure sir, could u please provide telegram link sir.
Thanks for you
thanks, please keep watching and share if you like this video :)
Thank you so much
thanks, please keep watching and share if you like this video :)
Thanks for sharing, I like your videos. I would ask adding some agenda at the beginning of the video so we have some understanding about areas you are going to cover on the video. I hope it won't take much effort. All the best.
sure, thanks for the suggestion
Can u plz make a video on how to understand the IT environment with practical examples of industries? Also, could you explain what is ITGC flows & risks?
Understanding IT Environments:
Network Infrastructure:
In an IT enviro
Hello Sir. Thank you for all this useful informations. Do we have a recommended sampling plan (AQL for instance) for this type of Audit? How many users do we have to test for proper access provisioning for instance. Thanks 🙏
The recommended sampling plan and AQL (Acceptable Quality Limit) for an access provisioning audit will depend on various factors such as the size and complexity of the organization, the risk associated with incorrect provisioning, and the desired level of confidence and precision in the results. Generally, statistical methods such as statistical sampling and hypothesis testing can be used to determine an appropriate sample size.
It's recommended to consult with experts in auditing, quality control, or statistical analysis to help develop a sampling plan that is appropriate for your specific organization and audit objectives.
There is system gap where we can’t get the user access modification date. It is being replaced by last modified date. We are struggling to get the list of users whose access has been modified during period. We requested for user access logs to get the understanding of any user access modification during the year. Logs were provided for last 3 months. How can we ensure the completeness of the user access modification list?
ChatGPT
If you're unable to directly obtain the user access modification date and have to rely on last modified date, there are a few strategies you can employ to ensure the completeness of the user access modification list:
Request Historical Data: First, request historical user access logs covering a longer period, ideally for the entire year if possible. Explain the necessity of having a comprehensive understanding of user access modifications for your analysis.
Cross-Reference with Other Sources: Check if there are any other systems or sources within your organization that might have records or logs of user access modifications. Sometimes, access changes might be logged in multiple places for auditing or security purposes.
Compare with User Activity: While last modified date might not directly indicate access modification, it could still correlate with user activity. Cross-reference the last modified dates with any other user activity logs or systems to identify potential instances where access modifications might have occurred.
Interview Key Personnel: Reach out to relevant personnel within your organization who might have knowledge or insights into user access modifications. This could include system administrators, IT support staff, or department heads who oversee access permissions.
Analyze Patterns and Anomalies: Even with limited data, you can analyze patterns and anomalies in the provided logs to identify potential instances of user access modifications. Look for unusual spikes or patterns in access changes that might indicate modification activities.
Implement Ongoing Monitoring: Going forward, implement a system or process for ongoing monitoring of user access modifications. This could involve setting up alerts for access changes or regularly reviewing access logs to ensure that no modifications are missed in the future.
Basically this is the Process flow diagram when conducting an ITGC in any given organization. Right? Are there stake holders meeting in between sessions? Thank you for sharing more light on ITGC. A newbie here.........
t.me/+8lcSF0urtEJlOWI1 please join my telegram group in case you have more questions
Very good session
Appreciate your knowledge and efforts
Are you provide ITGC training if yes please provide contact no / communication how we can join in the sessions..
thanks, please keep watching and share if you like this video :)
Hi luv really a fantastic session. Do you have interview question for itgc audits.
Here are some potential interview questions related to ITGC audits:
What are the key components of an IT General Controls (ITGC) audit?
What is your experience with ITGC audits? Can you provide an example of a successful ITGC audit that you have conducted?
What is the purpose of a ITGC audit? How can it benefit an organization?
What is your approach to identifying key risks and controls in an ITGC audit?
How do you ensure that the audit is aligned with relevant frameworks and standards (e.g., COBIT, COSO, ISO 27001)?
What are the common ITGC audit findings? How do you ensure that identified issues are appropriately addressed by the organization?
What is your experience in conducting walkthroughs and testing of ITGCs?
Can you provide an example of how you have helped an organization improve its ITGCs?
How do you ensure that the ITGC audit report is clear and understandable to management and other stakeholders?
What skills and qualifications do you possess that make you well-suited for conducting ITGC audits?
Sir will you cover each control testing more elaborately?
sure why not
Please share telegram link ?
When is part 2 coming out?
thanks, please keep watching and share if you like this video :)
2nd session video link pls
thanks, please keep watching and share if you like this video :)
Sir telegram link is not working can you please tell me the group name for itgc
t.me/+8lcSF0urtEJlOWI1
any practical vedio
thanks, please keep watching and share if you like this video :)
Can you share a link of the first video on ITGC
ua-cam.com/video/o8O9dicxEPk/v-deo.html
Salam Sir!
I am CA final Student.Can I make my career as IT Auditor?
Does my CA Certificate help me doing So?
Does any other bachelor Degree Needed?
Absolutely, you can certainly make a career as an IT Auditor with a CA (Chartered Accountant) qualification. In fact, your CA certificate can be a valuable asset in the field of IT auditing. IT Auditors play a crucial role in evaluating and ensuring the effectiveness of an organization's information systems, controls, and processes.
Your CA qualification provides you with a strong foundation in accounting, finance, and business, which are essential skills in the field of IT auditing. Many organizations appreciate the combination of financial and IT expertise that a CA brings to the table.
However, to enhance your skills and increase your marketability, you may consider gaining additional qualifications or certifications related to IT audit and information systems. There are several certifications that are highly regarded in the field of IT auditing, such as:
CISA (Certified Information Systems Auditor): Offered by ISACA, the CISA certification is widely recognized and demonstrates proficiency in information systems audit and control.
CISSP (Certified Information Systems Security Professional): While not specific to auditing, the CISSP certification, offered by (ISC)², covers various aspects of information security, which is closely related to IT auditing.
CISM (Certified Information Security Manager): Also offered by ISACA, the CISM certification is designed for information security management professionals, including those involved in auditing.
While these certifications are not mandatory, they can significantly enhance your credibility and marketability in the field of IT auditing. Additionally, gaining practical experience through internships or entry-level positions in IT auditing will further strengthen your profile.
In summary, your CA certificate is a valuable asset for a career in IT auditing, and additional certifications and practical experience will further enhance your prospects in this field.
@@LearnITSecuritywithLuvJohar
Very Grateful For the Kindness and Support.
Sir,
Your guidance motivated me to pursue my career inIT Audit. You have provide enough detail that I was in search of.
Sir, Can I have your LinkedIn or any other social media profil. It will help Alot in future for any query about the path.
If I have that, I would be very thankful.
Regards
Ali Haider
@@AITech110 www.linkedin.com/in/luvjohar/
@@LearnITSecuritywithLuvJohar
Grateful Sir!
please share these videos with your friends @@AITech110
Only reading from the slides. Nothing explained properly.
apologies, please ask me if you have any specific questions, happy to help you
Hi sir can i have your contact
sure whatsapp +91 971 860 3114