O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Complete Guide to the CITP Body of Knowledge

Book Description

Looking for tools to help you prepare for the CITP Exam?

The CITP self-study guide consists of an in-depth and comprehensive review of the fundamental dimensions of the CITP body of knowledge. This guide features various and updated concepts applicable to all accounting professionals who leverage Information Technology to effectively manage financial information. There are five dimensions covered in the guide:

  • Dimension I Risk Assessment
  • Dimension 2 Fraud Considerations
  • Dimension 3 Internal Controls & Information Technology General Controls
  • Dimension 4 Evaluate, Test and Report
  • Dimension 5 Information Management and Business Intelligence

The review guide is designed not only to assist in the candidate's preparation of the CITP examination but will also enhance your knowledge base in today's marketplace.

Using the complete guide does not guarantee the candidate of successfully passing the CITP exam. This guide addresses most of the subjects on the CITP exam’s content specification outline and is not meant to teach topics to the candidate for the first time. A significant amount of cooperating and independent readings will be necessary to prepare for the exam, regardless of whether the candidate completes the review course or not.

Table of Contents

  1. Cover Page
  2. Title Page
  3. Copyright Page
  4. Contents
  5. Risk Assessment: Dimension 1
    1. 1.0 Introduction
    2. 1.1 Types of Risk Assessment
      1. 1.1.1 Risk Assessment Life Cycle Methodology
      2. 1.1.2 Enterprise Risk Assessment
      3. 1.1.3 Financial Statement Risk Assessment
      4. 1.1.4 IT Risk Assessment
      5. 1.1.5 Security Risk Assessment (audits)
    3. 1.2 Understanding Business Environment and Business Processes
      1. 1.2.1 Executive Management Functions
      2. 1.2.2 Complexity of Business Entities
      3. 1.2.3 Automated Bu sin ess Pr ocesses
    4. 1.3 Audit Risk Model for Financial Reporting
      1. 1.3.1 Assessing Inherent Risk
      2. 1.3.2 Assessing Control Risk
      3. 1.3.3 Risk of Material Misstatement
    5. 1.4 Develop a Walkthrough Plan
      1. 1.4.1 Determine Relevant Business Processes and Controls to Review
    6. 1.5 Draft Risk Assessment Report
      1. 1.5.1 Based on Evidence from Walkthroughs
      2. 1.5.2 Based on Other Applied Procedures
      3. 1.5.3 Usefulness of Best Practices
  6. Fraud Considerations: Dimension 2
    1. 2.0 Introduction
    2. 2.1 Description & Characteristics of Fraud
      1. 2.1.1 Definition of Fraud
      2. 2.1.2 Fraud Tree
      3. 2.1.3 Fraud Triangle
      4. 2.1.4 Scope of Fraud
      5. 2.1.5 Profile of the Executive Perpetrator
    3. 2.2 SAS No. 99 & Assessing Rmm Due to Fraud
      1. 2.2.1 The Importance of Exercising Professional Skepticism
      2. 2.2.2 Fraud Risk Factors
      3. 2.2.3 Behavioral Red Flags of Executive Fraudsters
      4. 2.2.4 Management Override of Controls
      5. 2.2.5 The SAS No. 99 Process – Assessing the RMM Due to Fraud
    4. 2.3 Prevention & Deterrence
    5. 2.4 Detection & Investigation
      1. 2.4.1 Use of IT Skills in Fraud Investigations
      2. 2.4.2 Use of IT in Fraud Investigations
      3. 2.4.3 Regulatory Standards
    6. 2.5 Digital Evidence
      1. 2.5.1 Legal Rules & Procedures
      2. 2.5.2 E-discovery Rules & Procedures
      3. 2.5.3 Federal & State Laws
  7. Internal Control & Information Technology General Controls: Dimension 3
    1. 3.0 Introduction
    2. 3.1 Internal Controls
      1. 3.1.1 Understanding of Internal Controls
      2. 3.1.2 Management Considerations for Evaluating Internal Controls
    3. 3.2 IT General Controls
      1. 3.2.1 Control Environment
      2. 3.2.2 Change Management
      3. 3.2.3 Logical Access
      4. 3.2.4 Backup & Recovery
      5. 3.2.5 Service Organizations
    4. 3.3 Application Controls
    5. 3.4 Information Security
      1. 3.4.1 Understanding IT Policies, Procedures, and Standards to Ensure Information/Data Security
      2. 3.4.2 Understanding Hardware and Physical Controls to Ensure Information/Data Security
      3. 3.4.3 Understanding Software and Other Process Controls to Ensure Information/Data Security
      4. 3.4.4 Understanding Concepts of Security Authorization and Authentication
      5. 3.4.5 Understanding Concepts of Encryption
    6. 3.5 Preparing an IT Audit Plan
      1. 3.5.1 Scoping of the IT Audit or Review
  8. Evaluate, Test, and Report: Dimension 4
    1. 4.0 Introduction
    2. 4.1 Types of Audit & Assurance Services
      1. 4.1.1 Financial Statement Audit
      2. 4.1.2 Assurance Services for Service Organizations
      3. 4.1.3 Other IT Assurance Services and IT Reviews
    3. 4.2 Auditing Techniques & Procedures
      1. 4.2.1 Planning for Tests of Controls
      2. 4.2.2 Evidence Gathering
      3. 4.2.3 Sampling Considerations
      4. 4.2.4 Technical Tools and Techniques (CAATs)
    4. 4.3 Assessment of Controls
      1. 4.3.1 Deficiency Evaluation of IT-Related Controls
      2. 4.3.2 Materiality/Impact to the Entity
      3. 4.3.3 Assessment Reporting
    5. 4.4 Information Assurance
      1. 4.4.1 Information Quality
      2. 4.4.2 Information Presentation
      3. 4.4.3 Information Timeliness
      4. 4.4.4 Information Auditability
  9. Information Management & Business Intelligence: Dimension 5
    1. 5.0 Introduction
    2. 5.1 Information Management
      1. 5.1.1 Information Lifecycle Management
      2. 5.1.2 Compliance
      3. 5.1.3 Information and Data Modeling
    3. 5.2 Business Process Improvement
      1. 5.2.1 Business Process Management
      2. 5.2.2 Systems Solution Management
      3. 5.2.3 Application Integration Management
    4. 5.3 Data Analysis & Reporting Techniques
      1. 5.3.1 Infrastructure/Platforms Typically Employed
      2. 5.3.2 Data Preparation
      3. 5.3.3 Available Functions, Tools, and Approaches
      4. 5.3.4 Tool Selection Process
    5. 5.4 Performance Management
      1. 5.4.1 Budget & Profitability Management
      2. 5.4.2 Performance Metrics and Reporting