Risk-Based IT Auditing

Tichaona Zororo is the Vice President and Program Coordinator ISACA South Africa, an Audit Committee Member of KZN Legislature, Eastern Cape Province Department of Roads & Public works and Setsoto Local Municipality and a Member of ISACA International’s Framework Committee charged with identifying and supporting activities required to appropriately define, build and maintain a globally applicable and practically useable ISACA enterprise governance and management of IT (GEIT) framework (COBIT). He has served on the ISACA international CGEIT Test Enhancement Sub Committee and External Advocacy Committee.He is an IT advisory and assurance Executive with vast years of in-depth experience in mainstream IT, IT auditing, IT Governance and IT Risk across private and public sectors in the USA, Belgium, UK, India and numerous countries across Africa. Tichaona Zororo is Director IT advisory with EGIT | Enterprise Governance of IT an IT Advisory and COBIT 5 Accredited Training firm based in South Africa focusing on advising the Board, Senior Business Executives and Management, IT Auditing, IT Governance Advisory and Enterprise Risk Management. He is an advisor to numerous boards and executives in Africa and abroad on Emerging Technologies, Enterprise Governance and Management of Enterprise IT, IT Risk, IT Security and IT Auditing. He is Chairman IT Governance Committee of Eastern Cape Province Department of Roads & Public works. He is a sought after trainer, speaker and published author in IT Governance, COBIT 5, IT Auditing, Social Media, Cloud Computing, Big Data, Cyber Security and a renowned COBIT 5 subject matter expert and accredited trainer who has participated in the review and development of numerous COBIT 5 publications, ISACA white papers and audit programs. Tichaona Zororo is a Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in Risk Management Assurance (CRMA), Certified in Risk and Information Systems Control (CRISC), Certified in Governance of Enterprise IT (CGEIT) and Certified COBIT 5 Assessor. He Holds a B.Sc. Honours Information Systems (MSU), A Post Graduate Diploma in Computer Auditing (Wits) and several other certificates in business and IT. He is credited for being the first COBIT 5 Certified Assessor in South Africa and the 40th internationally. Tichaona is an accredited COBIT 5 Foundation, Implementation and Assessor qualifications trainer.

What Is IT Auditing? Introduction to Auditing Standards and Guidelines (International Professional Practice Framework (IPPF) and IT Auditing Framework (ITAF)). The Shifting Socus of IT Auditing from a Checklist Auditor to an Independent Strategic Advisor. Types of IT Auditing. Business Centric IT Auditing. Documenting the IT Auditing Work. How to Perform an IT Governance Audit. Application Control Reviews. Auditing Outsourced IT Environments. Business Continuity Management Planning (BCMP), IT Disaster Recovery Planning (DRP) and Data Backup. Information Processing Facilities (Data Centre) Physical and Environmental Controls. Performance and Capacity Management. Active Directory. Change Management. Service Requests, Problem and Incident Management. IT Projects (IT Enabled Investments) Review. Data Analytics. Auditing Emerging Technology. Advisory versus Assurance: Where Is the Value-Add? Case Studies.