Data Analytics for Information Security Audit

    • Duration:  3 days of full-time study (Approx. 24 hours).
    • Prerequisites: Working knowledge of Excel. Although not mandatory but a good working knowledge of audit software such as ACL or IDEAS could be helpful. 
  •  Course fee per participant:
    •  Online : $450 (USD) delivered through zoom/webex
    •  Onsite: Send us an email at to get a quotation

Course overview.

Data analytics is a tool that provides opportunities for Internal Audit (IA) function to boost its capacity and improve the quality of audit procedures and assurance through automated oversight. It enables real-time review of large data sets on an ongoing basis. Most IA functions whether large or small can embark on this journey of audit data analytics. The objective of this course is to prepare participants with knowledge of various aspects of a successful data analytics framework and how they can implement or enhance an existing data analytics program in their organization.  

Using advanced analytics is not the responsibility of the IT Audit function anymore, internal auditors are now leveraging data analytics as a primary tool for aligning risk with strategy, enhancing performance, driving insights, and designing audit procedures that give a higher level of assurance.

Course details.

This 3-day course is intended to enable auditors to enhance their audit and risk assessments skills by using data analytics. During the practical parts of the course, you will work on case studies that will utilize data from various business processes and embed analytics in audit procedures in processes such as payroll, travel expenses, and procure to payment cycle (P2P). Participants should ideally be audit, risk, or finance professionals and have a working knowledge of MS Excel and spreadsheets.  

Course objectives

  • To understand data analytics and its role in the performance of an efficient audit. 
  • To understand the application of data analysis, sampling, and analytics  
  • To identify and be able to apply relevant data analytics tools and techniques 
  • To be able to apply/execute the VBA in excel.  
  • To understand and be aware of data visualization techniques and harness the power of data visualization using Power BI  

Course prerequisites.

Although not obligatory, a good working knowledge of auditing software such as ACL or CaseWare IDEA could be useful.  

Software requirement.

Kindly bring your laptop with the version of Microsoft Excel you use on a day-to-day basis.  

Who should attend?

This course is designed for auditors and risk management professionals who need to enhance their audit procedures by using advanced audit analytics. It is also useful for chief financial officers, chief audit executives, and chief risk officers, as well as risk management professionals, especially in the banking, oil and gas, and manufacturing sectors. Procurement and contracts professionals and forensic auditors who perform advanced analysis data would also benefit. 

Course Outline

Day one    

  • What is Data Analytics? 
  • What is CAATs? 
  • Overview of the data analysis process.  
  • Data analysis tools selection  
  • Overview Pivot tables and Power Pivots and Power Query editor in Excel  
  • Data sampling using Excel  
  • Importing Data from source systems in excel  

Case Studies  

  • Testing (P2P) Procure 2 Pay cycles 
  • Testing HR Data 

Day two 

  • Using advanced Excel techniques for data preparation and wrangling 
  • Case Study Testing GL for MJE (Manual Journal Entries)  
  • Case study: Business success from risk and fraud analytics    
  • Data Visualization and Storyboarding using Power BI.
  • Case study: Spotting audit exceptions and indicators of fraud.    

Day three 

  • Internal audit analytics    
  • Case study: Travel expenses 
  • Predictive risk and fraud analytics
  • Case study: Auditing Key Performance Indicators (KPI’s) using regression techniques   
  • Correlation and regression techniques to identify audit exceptions  
  • Case study: Identifying manipulations in financial statements  

Course Outline

For a detailed outline of syllabus components covered every day along with upcoming training schedule, drop us an email at

Enquire about this course

For more information on this or any of our other courses, please do not hesitate to contact our support team:

Instructor profile

CEO & Trainer

Waqar has over 20 years professional experience assisting clients around the world in Data Governance, Conversion, Quality Management, Analytics.

I provide information security services. Some of my projects include the following:

  1. BISP / Ehsaas Program – Government of Pakistan: Performed ISO 27001 Risk Assessment, Developed Remediation Plan Development, Developed Information Security Policies, developed and delivered ISO 27001 training, developed strategies for Disaster Recovery and BCP
  2. TD Bank, Information Security, SME for Information Security Audit Remediation
  3.  TD Bank, Canada: Information Security Risk Reporting for GRC Archer using Tableau and MS Access. Includes Security Risk Data Aggregation and Reporting. Assisted with various security projects including Security KPI
  4. National Savings – Government of Pakistan: Developed IT and Information Security Strategy for the Digitization project
  5. TD Bank, Canada: Performed several Information Security Audits including SOX Audits
  6. Global Trade Corporation, Canada: Provided ISO 27001 consultancy
  7. Bank of Montreal, Canada: Developed Audit Programs for several Information Security areas such as Data Leakage Prevention, Fraud, IT Operations, Network Security, Disaster Recovery etc.
  8. Meridian Credit Union, Canada – Information Security assessment using COBIT 5 Maturity Assessment
  9. Volunteer Work: I am giving free coaching and training support to CISSP aspiring individuals. If interested, please connect with me.