Continuing IT Training Program
Auditing Applications Systems Development
Program OverviewThis course provides training on building security into the application development process. The skills help examiners understand what specific areas to be concerned with in the development process, as well as understand the system development lifecycle. The course covers essential baseline terminology and concepts related to systems development, quality assurance, and separation of duties.
Key ObjectivesThis course will cover:
- Common application development risks;
- How to address and mitigate development risks;
- Mapping systems and data flows;
- Differentiate development and implementation risks between purchased off-the shelf, vendor developed, developed in-house, and web-based development;
- Different types of development models: i.e. cascade, Capable Maturity Model, Agile, etc.
- Implementation and change control;
- Project management including the roles of the information security and internal audit departments;
- Quality assurance; and
- Scoping the audit/establishing objectives.
Instructional FormatFacilitated classroom discussion and lectures
Risk Management Examiners with 12-15 months on the job experience conducting IT examinations and an expectation of examining in-house-developed applications in a financial institution or technology service provider.
This course is open to appropriate staff of the FDIC and partner government regulatory agencies. This course is not open to the public or staff of private banks.
PrerequisitesParticipant should have attended ITEC and all Basic Level courses
Post Course FeedbackNone
For more information, please contact Kathryn Shipley at (703) 516-5071.