The IT Audit course is designed to provide practical view in conducting IT audit and assurance in one organization. The course is designed to support professional staffs to expand their understanding of information technology (IT) audit.

The course presents a more in-depth view on the fundamentals of IT auditing by highlighting on topics such as: IT audit and control analysis, examination of control evidence in conducting IT audit, application control, and management of IT audit. The course will include discussion and exercises related to general control examinations and application system auditing. The course will also focus on control research and analysis for IT-related topic areas. In addition, through discussion and exercises, students will gain a working understanding of the process of developing audit work programs.

Participants will be expected to gain a working understanding of how to identify, reference and implement IT management and control policies, standards and related auditing standards. Regarding the latter, the objective is to learn how to identify and interpret the requirements of the standards and. implement the standards in auditing process.

Each class session will include discussion on an IT audit management, security, control or audit issues that participants should be familiar with.


At the completion of this course, the participants should be able to :
* Participants shall obtain an expanded understanding the role of IT auditors in evaluating IT-related operational and control risk and in assessing the appropriateness and adequacy of management control practices and IT-related controls inside participants’ organization
* Participants shall obtain the capability in conducting IT audit and implement techniques in performing assurance, attestation, and audit engagements
* Participants shall obtain an expanded familiarity with the principle references in IT governance, control and security as related to IT audit
* Participants shall obtain the working ability to plan, conduct, and report on information technology audits
* Participants shall obtain an understanding of the role of IT auditors regarding IT-related compliance and regulatory audits, such as evaluating control standards?


(1)-Introduction to Information Technology Audit :
The class session will focus on IT audit concepts and processes, which includes: review of some of the key fundamentals of IT auditing, including general auditing standards, risk-based auditing, pre-audit objectives, determining scope and audit objectives, and the process of performing an IT audit.

The class session will include discussion on IT performance, controls, control self-assessment, risk analysis, and the objectives of the IT audit or assurance report.

(2)-Conducting Information Technology Audit
The class session shall describe on practical methodology in conducting the effective and efficient IT audit, expand upon the need for appropriate controls and assurance processes for business and IT environment. The participants will be geared toward gaining a working understanding of the content and value of the management guidelines and assurance methodology. Discussion will focus on the importance of measurement in achieving organizational and IT objectives.

The session will also focus on the business and IT environments subject to operational and control assessments (audit).

(3)-Management Controls
The session will provide an overview of the control model such as: internal control, control analysis methodology from the Closing the Loop Framework, identification of business processes, considerations regarding materiality, and the assessment of IT value by which all these tools will be used assessing the appropriateness of IT processes.

The class session will also expand upon the audit process by providing methodology for developing audit strategies and developing audit work programs with reference to best practices (CobiT, BS 17799,etc). In this regard, the participant will cover organizational structure, accountability, role of the IT steering committee and oversight functions, and method for ensuring that appropriate policies and procedures are in place.

(4)-Application Controls
The class session will expand upon the requirements for application system audits, use of audit software, and IT service delivery. From an audit perspective, the objective is to provide assurance that application systems have integrity, and that IT service management practices will ensure the delivery of the level of services required to meet the business organization’s objectives.

Topic areas will include such as: types of application systems, application control assessment, evaluating IT service agreements, problem management, help desk functions, and network standards.

(5)- Evidence Collection and Evaluation
The class session will expand the methods in conducting the evidence collection, evaluation and reporting which cover the observed processes, documentary audit and analysis of evidence using appropriate tools such as: sampling, CAAT, and etc. The participants will be driven towards having the capability in conducting effective evidence collection and evaluation which are essential

(6)- Managing the IT Audit Function
The class session will focus on management issues regarding how to manage IT audit and assurance functions. The class material will include developing and assessing staff knowledge and skills, competency measurement, assignment of staff, documentation and continuing education requirements. Discussion will be on best approaches for involvement in professional organizations, obtaining certifications, and professional development.

The class will also focus on the key issues surrounding audit and assurance engagements, such as establishing auditee/auditor protocols, oral and written communication requirements, engagement administration, and follow-up requirements.


Pelatihan ini menggunakan metode interaktif, dimana peserta dikenalkan kepada konsep, diberikan contoh aplikasinya, berlatih menggunakan konsep, mendiskusikan proses dan hasil latihan.

1. 50% Theory
2. 50% Practices
3. Dynamic and interactive training presentation.


* IT Managers
* Security Managers
* Auditing Staffs
* IT Operation Staffs


Tatto Sugiopranoto

Formal Education

2003 : MBA program at Queen Elizabeth of North Georgia University.

Majoring in Public Finance Development. Vancouver – Canada
1979 : Institut Pertanian Bogor, Bachelor Degree Faculty of Agriculture, majoring in Socio Economic.

Training & Seminar

1979 : FORTRAN & Assembly Programming Training for Texas Instrument Platform at PT Berca International Jakarta
1979 : BASIC Programming for Micro Computer, DASAAD Musin Concern Jakarta.
1980 : COBOL Programming Training at PT. Elnusa Jakarta
1981 : Statistical Analysis System (SAS) Programming for IBM Main Frame, IPB Bogor.
1982 : BASIC Language Computer Programming, Pusat Data Statistik Pertanian (PUSDATIK) Departemen Pertanian Jakarta.
1982 : SPSS ( Statistical Program for Social & Scient ) Training, Balai Penelitian Peternakan, Bogor
1983 : ISDN Seminar for Wide Area Network, IBM Bangkok – Thailand.
1985 : Local Area Network Training at Symme Darby Benhard, Penang, Malaysia
1987 : Network Planning & Global Networking Workshop, Microsoft Singapura
1988 : Executive Development Program Bank at Bank Susila Bhakti, Jakarta
1989 : Development Management Skill Training, Citibank Jakarta
1989 : Total Quality Management Training, Astra Indonesia – Jakarta
1992 : Selling Skill Training, Bank Muamalat – Jakarta
1992 : Credit Analyst Training Bank Muamalat – Jakarta
1993 : TCP/IP Training, INIXINDO Jakarta.
1994 : Outbound Training – Personal Development, Pulau Bidadari-Kepulauan Seribu, Jakarta. Prepare by PT. Astra Motor Indonesia.
1994 : Training for the Trainer, Service Excellence Program. Bank Muamalat – Jakarta.
1996 : Facilitator for Syariah Trade & Financial Management Workshop, Bank Muamalat Jakarta.
1996 : Manajemen Dana Pensiun, Lembaga Manajemen Universitas Indonesia – Jakarta
1997 : “Trade Finance Trainning”. Perbanas, Jakarta.
1997 : “Banks Investation & Fund Manager’s Trainning”, Indonesia University, Jakarta
1997 : Lokakarya Reksadana Syariah : “Pasar Modal dalam perbankan Syariah” as Speaker.
1998 : Prinsip Akutansi Syariah untuk Bank dan Perusahaan Asuransi, Universitas Trisakti, Jakarta.
1998 : Islamic Bank and Economic Forum, Bahrain
2003 : Project Management Professionals (PMP) Certification, Jakarta
2003 : Islamic Banking : Risk Management, Regulation and Supervision. Bank Indonesia

Work Experience

2008 : Developing “Business Continuity Planning & Disaster Recovery Planning Procedures” for PT. Jamsostek Indonesia.
2008 : Risk Management Audit as a BASEL II Policies for Bank BNI46 Jakarta
2007 – now : IT & Sharia Advisor for Primer Koperasi MABES AU. Developing Koperasi Sharia System and Procedure.
2006 : Consultant for Core Banking Assessment and Data Center Audit. Bank Pemerintah Daerah Sulawesi Utara
2005 – 2006 : Develop and implementation Information Technology Capacity Planning and Contingency Plan Procedure for Bank Permata.
2003 – 2004 : Architect & designer for Bank Muamalat Application New KIBLAT
2003 – now : Sharia Advisor for Sharia IT PT. Sigma Cipta Caraka
2003 : Consultant for BNI 46 Syariah, as Technology Business Requirement reviewer. Join with Financial Network System (FNS) Australia and IBM Jakarta as counterpart.
2002 : Consultant for AJB Bumiputera Syariah, as Technology Business Analyst and Product Architecture.
2002 : Consultant for Bank Danamon Syariah. Assessment and Planning Information Technology for Unit Usaha Syariah Danamon.
2003 : As Project Manager for IT Implementation at Unit Usaha Syariah Bank Danamon.
2000 – 2001 : Consultant and Trainer for Syariah Banking at Institut Bankir Indonesia / LPPI.

Establish Pengembangan Perbankan Syariah IBI, the new department in IBI/LPPI.
As a trainer for regular program : Service Excellence, Selling Skill,
Building Islamic Worker, Trade Finance, Bank Operation, Management Skill.
1992`- 2000 : Bank Muamalat Indonesia
1997 In charge to establish Muamalat Pension Fund.
Responsible to set up the Terms & Condition of Pension Fund under the guidance of Ministry of Finance, setting up the system and internal procedure in relation to other Muamalat banking product
1996 : System & Procedure Department
1994 : Operation Head at Main branch, Head Office Jakarta. Acting for Regional Operation Jawa and Kalimantan.
1992 : Technology & System Development
1988 – 1992 : Bank Susila Bhakti
1988 : Executive Development Program Training
1989 : Operation Department – Jakarta
1991 : Branch Manager, Mangga Dua Branch – Jakarta
1987 – 1988 : General Manager, PT Nusantara Komputer. Focusing in Training and Consultant
1983 – 1987 : PT. Perkebunan Wilayah I – Sumatera as Technology Development Program Advisor for PT Perkebunan I – PT Perkebunan IX.
1982 – 1983 : Balai Penelian Ternak, Departemen Pertanian as researcher for Small Ruminant in Collaborative Small Ruminant Research Program, Davis University – California Project.
1981 : Conoco Oil, Badak – Kalimantan, as Operator Honeywell Bull Level 6 machine

Jadwal Pelatihan 2024 :

  • Batch 1 : 03 – 04 Januari 2024 | 16 – 17 Januari 2024
  • Batch 2 : 07 – 08 Februari 2024 | 20 – 21 Februari 2024
  • Batch 3 : 05 – 06 Maret 2024 | 19 – 20 Maret 2024
  • Batch 4 : 09 – 10 April 2024 | 13 – 24 April 2024
  • Batch 5 : 07 – 08 Mei 2024 | 22 – 23 Mei 2024
  • Batch 6 : 05 – 06 Juni 2024 | 25 – 29 Juni 2024
  • Batch 7 : 09 – 10 Juli 2024 | 23 – 24 Juli 2024
  • Batch 8 : 06 – 07 Agustus 2024 | 20 – 21 Agustus 2024
  • Batch 9 : 04 – 05 September 2024 | 18 – 19 September 2024
  • Batch 10 : 18 – 19 Oktober 2024 | 15 – 16 Oktober 2024
  • Batch 11 : 06 – 07 November 2024 | 26 – 27 November 2024
  • Batch 12 : 04 – 05 Desember 2024 | 18 – 19 Desember 2024

Catatan : Jadwal dapat menyesuaikan dengan kebutuhan anda.

Biaya dan Lokasi Pelatihan :

  • Jakarta :
  • Bandung
  • Yogyakarta
  • Surabaya
  • Malang
  • Bali
  • Lombok

Catatan : Biaya diatas belum termasuk akomodasi/penginapan. Apabila ada pertayaan mengenai materi, biaya, lokasi, jadwal dan penawaran lainnya, hubungi kami di nomor CS kami.

Fasilitas Pelatihan di

  1. Penjemputan dari Hotel/Bandara/Stasiun/Terminal.
  2. Training Kit (Dokumentasi photo, Blocknote, ATK, Flashdisk, dll).
  3. Transportasi Peserta ke tempat pelatihan.
  4. 2x Coffe Break & 1 Lunch (Makan Siang).
  5. Training Room Full AC and Multimedia.
  6. Free Bag or Bagpackers (Tas Training).
  7. Softfile Foto Training
  8. Sertifikat Pelatihan.
  9. Souvenir Exclusive.