Logical Security Applications


              Identify how application security controls relate to an IT audit.
              Learn the fundamentals of how databases and database management systems operate.
              Discuss high-level database security controls.
              Describe common operating system controls.

            Additional Resources

            Additional resources for further reading include:

            The IIA’s GTAG “Auditing User-Developed Applications”

            The IIA’s GTAG “Identity and Access Management”

            The IIA’s GTAG “Auditing Application Controls”

            The IIA’s GTAG “IT Essentials for Internal Auditors”

            Summary

            Information technology is essential for most business processes. Reliance on technology has
            changed threat landscapes; and with that, the way internal auditors perform process assessments.
            The line between business controls and technical controls is blurring with automation, and so too, is
            the ability to parse out activities that are performed by traditional operational, financial, and IT
            auditors.

            Technology now drives both success and failure, and technology controls need to be assessed
            alongside non-technical controls to understand where the risks lie within a business process.

































            Copyright © 2022 by The Institute of Internal Auditors, Inc. All rights reserved.