IT Audit for Internal Auditors: Business challenges of Emerging Technologies

Date: 30 June 2020
Venue: Nicosia, Cyprus
Outline: Seminar Outline
Registration Form: Seminar Registration Form
Details: One of the roles of Internal Audit is to provide assurance that an organization’s risk management, governance and internal control processes are operating effectively.. Read More



Seminar outline

One of the roles of Internal Audit is to provide independent assurance that an organization’s risk management, governance and internal control processes are operating effectively.Internal Auditors help organizations to achieve their goals and objectives.They do this through a combination of assurance and consulting services. The assurance part of their work includes providing information to managers and governors about the level of efficiency of the systems and processes employed towards keeping their organization on track. They also provide consulting services, aiming at improving these systems and processes,where necessary.The purpose of an I.T.audit is to evaluate the system’s internal control design and effectiveness. This includes, but is not limited to, efficiency and security protocols, development processes, and I.T.governance or oversight.The primary function of an I.T.audit isto evaluate the systems that are in place for the security of an organization’s information. Specifically, Information Technology audits are used to evaluate the organization’s ability to protect its information assets and to properly dispense information to authorized parties. AnI.T.audit aims to evaluate the following: -Will the organization’s computer systems be available for the business at all times when required?(known as availability) -Will the information in the systems be disclosed only to authorized users? (known as security and confidentiality) -Will the information provided by the systems always be accurate, reliable, and timely? (measures the integrity) In this way, an audit engagement aims at assessing the risk to the organization’s valuable asset (its information) and establishing methods of minimizing and managing those risks.

Instructors :

Paschalis Pissarides,CRISC, CISM, CISA, CPA, CFE, CSXf

Paschalis has been in the field of Information Security for over 20 years in the Cyprus Banking sector, having previously worked for 9 years as Senior Information Systems Auditor at USA Group, a company based in Indianapolis USA.Past President of ISACA –Indiana Chapter USA (1995-1996& 2011-2015). He is currently serving on its Board of Directors as the Academic Relations Director.Received an undergraduate degree in Accounting & Management Information Systems, an MBA with specialization in Finance, and a Master’s degree in Political Science from Bowling Green State University, Ohio USA.He is also actively involved as a speaker in seminars and conferences in Cyprus and abroad in the areas of information security best practices,information systems auditing and risk management. He is certified by ISACA as a CISA, CISM, CRISC, and CSX Cybersecurity Fundamentals instructor,and has taught over the years the CISA, CISM, and CSX exam preparation courses.

Demos Demou

Demos is a Senior Manager in Risk Assurance Services -Digital Trustat PricewaterhouseCoopers and President of the Information Systems Audit and Control Association (ISACA) –Cyprus Chapter.He has a vast experience in the understanding, evaluation and validation of Information Systems and business procedures of a large number of companies operating locally and abroad. He has extensive experience (15 years) in providing Information Systems (IS) Audits,Security Management reviews, Risk Management, Data Protection and I.T.Compliance reviews. He also leads projects in relation to Third Party Assurance (ISAE 3402/SOC1 & ISAE3000/SOC2), Business Continuity Management (BCM), ISO 27001 implementation, I.T.Risk Diagnostic and Benchmarking, I.T.Governance, Security awareness and Data Protection trainings, IS Audits and security reviews.Demos holds the following professional and academic qualifications:

  • BSc in Accounting and Management Information Systems
  • MSc in Information Systems and Operational Research
  • CISA –Certified Information Systems Auditor
  • CRISC –Certified in Risk and Information Systems Controls
  • CICA –Certified Internal Control Auditor•ISO 27001 Lead Implementer.

Popi Christopoulou

Popihas I.T.risk experience in performing I.T.audits and risk advisory services, providing solutions and optimising existing controls within I.T.Governance, Cyber Security and Risk and Regulatory projects for several financial institutions, investment firms, insurance companies, and service providers. She also has previous experience in operational risk, working for Lloyd’s of London in the underwriting management area.

She is now a Product Owner in the Channels and Digital Products team of Hellenic Bank, working in the digital transformation and customer experience optimisation of the bank.

Christos Makedonas

Christosis leading the Technology Risk Services (TRS) at Grant Thornton (Cyprus) Ltd and he isthe Managing Director of thesubsidiarycompany Grant Thornton (Cyprus) Cybersecurity Ltd.He has been involved and lead projects in multiple areas anddisciplines,such as Cyber Security, Data Privacy and Data Protection, Discovery & Digital Forensics, Third-party Assurance, Internal and External I.T.Audit, Internal Control Design and Evaluation, Risk, Regulatory & Compliance, Business Continuity Management & Disaster Recovery, Business & Operational and Information Risk Management and Strategy, CAATs, and I.T.Governance.Christos has a Banking Operations Diploma, a BSc in Computing Informatics from the University of Plymouth and a MSc in Analysis, Design and Management of Information Systems (Focus in Information Security) from the London School of Economics and Political Science (LSE). He also has the followingprofessional qualifications:

  • Certified Information Systems Auditor (CISA)
  • Certified ISO 27001 Lead Implementer
  • Certified Cyber Forensics Professional (CCFP)
  • Certified BrainSpace Analyst•Certified Ethical Hacker (CEH)
  • EC-Council Certified Security Analyst (ECSA)
  • Certified Information Privacy Professional (CIPP/E)
  • Certified Forensics Investigation Practitioner (CFIP)
  • Certified Malware Investigator (CMI)•Certified Security Incident Specialist (CSIS)