IIA Board members pose for a group photo.
The Institute of Internal Auditors Qatar (IIA) recently held two day’s workshop on “Risk based IT Auditing” and a seminar on “Cyberattack- resilience” at Oryx Rotana Hotel.
Trainer R Vittal Raj, is a management and assurance expert with over 25 years of experience specialising in the fields of IT Governance, information security and IT assurance, risk management, technical audits, cybercrime controls and investigations. Vittal is currently advisor on cybersecurity to several regulatory bodies and member on Information Systems Audit Association’s (ISACA) committee. He is also in the IIA’s Advanced Technology Committee and IT Committee of Chartered Accountants.
“Internet, mobility, and emerging technologies such as the cloud, mobile apps, social media, are today, business game changers. Extracting business value from IT while balancing the associated risks are amongst the top priorities. The increasing IT operational failures, data breaches, digital scams and cyber-attacks have not spared even monolithic global enterprises. Hence it is an imperative for the board to be assured on the state of protection of its information resources from IT risks, while driving IT-leveraged growth” Vittal stated in his opening remark.
Talking about the role of modern Internal Auditors, Vittal said, “Internal audit is fast transforming from mere historic assurance on transaction integrity and internal controls to strategic advisory role to the board on managing risks from business technology”.
The workshop with 50 participants spread across beginners to experts was taken through arenas such as IT risks and audit concepts, phases, mapping IT components in key business processes, planning and use of Risk Analysis in audit scope etc.
IT audit execution included discussion on key controls in IT security, governance, application security, general controls and audit of IT application controls. The last part of the training emphasized on effective audit communication including Reports on findings.
