Information Systems – Security & Compliance


Businesses today operate in complex environments with ever increasing use of technology. To ensure efficiency and accuracy in information systems and for prevention of fraudulent practices, businesses require their information systems and processes to be audited. Stakeholders need assurance of confidentiality, integrity and availability of data.

The Information Systems – Security & Compliance course enables students to learn security concepts and understand how IT related risks can be minimized through security and control measures. Students will also develop an understanding of some important regulatory requirements. The course assumes the students to have a preliminary knowledge of computers and the internet. The course will enable students and/or professionals, interested in information security, risk and compliance, develop the knowledge and skills required to pursue careers as internal and external IS auditors, information security professionals, consultants, among others.

Target Audience: Internal Auditors, Information Security professionals, Chartered Accountants, Computer Science and Management Students, Under-Graduate Students keen on a career in IT Audit, Risk and Compliance.

Duration: 4 months

Days: Saturdays & Sundays

Time: 5PM to 7PM

Course Contents

  1. Information Risk Management
    • Understand threats and risks to information assets
    • Understand risk assessment in computerized environments
  2. Information Gathering Techniques in an IS audit
    • Understand audit planning, information collection techniques and forms of evidence
  3. IT Governance
    • Understand nature and frameworks on corporate governance for IT
  4. IT General Controls
    • Understand IT processes, risks and nature of IT general controls
  5. Physical and Environmental exposures and controls
    • Understand the nature of controls for physical and environmental risks of a data center
  6. An Overview of OS Security
    • Understand basic concepts, controls and audit procedures for auditing Windows OS
    • Understand directory and file structure, permissions, access privileges, learn user class, shadow files concepts for Unix
  7. Network Infrastructure Security
    • Understand security and control features of various network components
  8. Regulatory Compliance
    • Sarbanes-Oxley (SOX) – Understand the components and process for S404 compliance for general computer controls
  9. Specialized audits
    • SAS 70 audits – Understand COSO components, nature and methodology of SAS70 audits for service organizations
  10. Governance, Risk & Compliance (GRC)
    • Understand access controls, process controls and automating internal audits

    Information Systems – Security & Compliance Course

    • Admissions Open – April 2010
    • Course Fees – Rs 9,500/-
    • Click To Enroll

    Leave a Reply