Description
Course Description and Outline for Risks, Controls and Audit of IT Projects – an Introduction
By Reginald C. Nery, CPA, CIA, CFSA, CRMA, CCSA, CISSP, CISA, CISM, COBIT5 (5), COBIT5 (I)
The goal is to provide a comprehensive overview of controls, risks, and audit in IT projects and how they contribute to project success and overall organizational performance. Specifically, he course is intended to introduce to the participants the common risks, controls and best practices in IT project management, strategies and procedures in conducting IT Project Audits, insights and lessons learned from successful and failed projects, and the importance of a Comprehensive Approach to Controls, Risks, and Audit using the generally accepted framework for project management and the governance and management of Information and Technology.
I. Introduction
A. Overview of IT Projects
1. Project Terms and Concepts
2. Project Principles
B. Importance of Controls, Risks, and Audit
C. Purpose and Objectives of the Presentation
II. Risks in IT Projects
A. Common IT Project Risks
1. Scope Creep
2. Resource Constraints
a) People (availability, skill sets, experience, retention and attrition)
b) Tools and equipment
c) Time
d) Budget
3. Schedule Delays
4. Technical Challenges
5. Data Security and Privacy Risks
6. Regulatory Compliance Risks
Stakeholders Risks
B. Risk Assessment and Mitigation
1. Identifying Project Risks
2. Assessing Risk Impact and Probability
3. Developing Risk Mitigation Strategies
4. Risk Monitoring and Response Planning
III. Controls in IT Projects
A. Definition of Controls
B. Types of Controls
1. Project Management Controls (Scope, schedule, resource)
2. Security Controls
3. Quality Controls
4. Change Management Controls
5. Communication Management Controls
6. Procurement Management Controls
7. Cost Management Controls
C. Implementing Effective Controls
1. Identifying Control Objectives
2. Designing Control Mechanisms
3. Roles and Responsibilities for Controls
4. Monitoring and Enforcement of Controls
D. The Relationship between Controls and Risks
E. Integrating Controls into the Project Management Process
F. Applying ISACA’s COBIT and PMI’s PMBOK 7th Edition
IV. IT Project Audit
A. Importance of IT Project Audit
B. Types of IT Project Audits
1. Internal Audits
2. External Audits
C. Audit Planning and Execution
1. Defining Audit Scope and Objectives
2. Conducting Risk-Based Audits
3. Gathering Evidence and Data 4. Audit Testing and Analysis
D. Assessing Control Effectiveness
1. Evaluating Compliance with Policies and Procedures
2. Reviewing IT Project Documentation (Deliverables)
3. Assessing Control Design and Implementation
E. Reporting Audit Findings
1. Documenting Audit Results
2. Communicating Findings to Stakeholders
3. Providing Recommendations for Improvement
V. Case Studies and Examples
A. Real-Life Examples of IT Project Controls and Risks
B. Lessons Learned from Successful IT Projects
C. Lessons Learned from IT Project Failures
VI. Conclusion
A. Summary of Key Points
B. Importance of Continuous Improvement
C. Q&A and Discussion
Resource Speaker:
MR. REGINALD C. NERY
CIA, CPA, CISA, CRMA, CFSA, CCSA, COBIT (F/I)
SVP, Chief Audit Executive, Bank of Commerce
Former IRM Partner of a Top 4 Auditing Firm
Past President & Chairman IIA-Philippines
Past President, Board Member and Founding Member of ISACA – Manila
Date/Time Schedule:
7 October 2023 (Saturday)
9:00 AM to 5:00 PM
Training Fee per Participant:
Member Institution – P 2,800.00
Non-Member Institution – P 3,920.00
**VAT Inclusive