top of page


​Dates : 16 - 17 April 2024 (2 days training)

Timing : 09.00 - 17.00 (10:30 - 15 min break / 12:00 - 13:00 lunch break / 15:30 - 15 min break)

Language : English

​Deadline to register: 01/04/2024

​CPE Credits: 14

Instructor: Nikolai Hombach, IT Audit Lead, Director Audit Research Center | ARC Institute

​Location : IIA Luxembourg Office - 4 Op de Leemen L5846 Fentange -


Fit for IT audit for business auditors

- Fit for General IT Audit Controls including Robot Process Automation-

Training description and goals

Focus: To enable business auditors to deal with general IT audit controls and to assess key aspects in a process-oriented manner.

This two-day audit training conveys the risks associated with the use of innovative IT technologies such as blockchain, smart contracts, robotic process automation or artificial intelligence.

The course illustrates how these technologies or their risks are covered by the classic IT audit topics of a specialist auditor and the additional questions that arise for a company. The corresponding risks are also examined in the context of the IT regulations DORA and the use of COBIT.

Each block of classic IT audit topics concludes with a collection of IT audit questions that can be used by the specialist auditor as an audit guide in subsequent audits.

All in all, the essential basics of IT risk are provided for business auditors, enabling them to independently perform audit steps when examining business processes. Based on years of audit experience in joint audits, IT audit questions are addressed that a specialised auditor can handle independently, i.e. without specific and deep IT expertise.


• Registration and classification of applications in an IT asset inventory system

• Definition of responsibilities (functional, technical, operational)

• IT security and addressing the protection objectives of availability, confidentiality and integrity

• Risks associated with new technologies and innovations

                     Blockchain

                     Smart contracts

                     Robotic Process Automation (RPA)

                     Artificial Intelligence

• Identity and authorisation management responsibilities for RPA technical users

• Software engineering - code reviews, RPA algorithms

• Requirements management - functional concepts as the basis for changes and functional acceptance testing in RPA

• Change and release processes for new application releases

• Authorisation management

• Outsourcing and supplier management • Individual data processing (e.g. Access databases and Excel)

• Individual data processing (e.g. Access databases and Excel)

Fit for IT audit for business auditors

    bottom of page