Dates : 16-17 September 2026
The training is 2x1 day from 09:00 to 17.00
Language : English
CPE Points : 16
Deadline to register : 4 September 2026
Trainer name: Nikolai Hombach
Type of session (Online training/ In-Person Training / Webinar): Online training

Overview 

In today's business world, knowledge of IT systems and technologies is crucial to succeed. Internal Audit teams can make a significant contribution here. Modern companies rely on digital processes and technologies to automate their business processes and increase efficiency. To review and evaluate these processes and reduce bottlenecks in the area of IT audit, IT audit knowledge has become indispensable – not just for IT specialists, but also for business auditors. Business auditor with sound knowledge of IT auditing can better understand the importance of information systems and processes and thus help to identify important risks and associated problems at an early stage.

Objective of this is course is to build on existing basic knowledge to prepare auditors for important new IT audit topics and to deepen existing IT audit knowledge for business auditors. In doing so, we also draw directly on examples and audit expertise from our IT project experience with numerous companies.

In the context of international IT requirements, key technology-supported business processes and their possible applications are examined from an auditing perspective.

Methodology:
Interactive specialist lecture, role play, practical exercises, case studies, reflection

Who should attend?

Audit professionals, audit managers, business auditors wanting to brush-up on the basics of IT audits

Course description

1. Level playing field audit planning (allocation between IT and specialist auditors)

2. Fundamentals of IT auditing and cooperation with business auditing

3. Status quo for auditing business applications   

• • Asset & configuration management  

  • Incident, problem, and event management

  • Requirements management, change, and test management 

  • IAM / Authorization Management

  • Business Continuity Management

  • Provider / Supplier Management

4. Integration of use cases in audit engagements, including the following topics   

• • Change Management    

  • Identity and Access Management

  • Risks and Controls

  • Robotic Process Automation (RPA)

  • Information Security, Cyber Security 

5. Other key aspects in the IT audit context    

6. Flashlight New EU directive: Digital Operational Resilience Act (DORA) 

7. Focus topics of IT security, IT audit from a regulatory perspective

8. Cyber security audit aspects

9. Robotic process automation (RPA)

10. Embedding IT security in the three lines of defense model environment

11. Joint conclusion and action plan for immediate application in your audit practice

Trainer bio

Nikolai Hombach

Nikolai Hombach is responsible for the IT Assurance & Consulting sub-segment at the ARC Institute as a management assessor, director, and trainer. Since 1998, he has been a consultant for IT service management and IT governance with a focus on practical implementation. Prior to this position, Nikolai Hombach was a management consultant and member of the management board of a systems and consulting company in Frankfurt am Main, where he was responsible for 60 employees. He studied computer engineering at the University of Siegen.
Mr. Hombach works continuously for various DAX 30 organizations, among others. His references include Sandoz in Austria, SBB, Volkswagen, DZ BANK, RTL Television, Bayerische Landesbank in Luxembourg, and Noventum.