COURSE FEE: $795
Client/server (C/S) architectures has seen the fastest growth IT technology in organizations worldwide. C/S technology is in a state of continuous flux in concept, capabilities and vendors. This will have a significant impact on the firm's operations and on the work of auditors and security professionals. C/S will change the way that businesses operate and will consequently bring up new features that must be harnessed early to protect the organization.
Describe basic and advanced forms of client/server architectures
Analyze the main threats and exposures and the audit and control challenges of operating in a C/S environment and the impact on the organizations' effectiveness and efficiency as an empowering tool in business reengineering
Describe the audit and control characteristics of interest to auditors
Discuss controls for the C/S environment and the audit approaches that the auditor should consider when auditing in a C/S environment to assist management in sound C/S implementation.
CLIENT/SERVER ARCHITECTURES - BACKGROUND
TECHNICAL, CONTROL AND AUDIT CHARACTERISTICS OF C/S
MAJOR THREATS AND POTENTIAL EXPOSURES
Client and server splits,. Multi-level security environments threats
Distribution and dispersion of mission critical data
Dissemination of dispersed data
Loss, destruction, alteration and theft of dispersed data
Backup and recovery
Miscellany of vendor products, concepts and product stability, etc.
CONTROLS FOR CLIENT/SERVER SYSTEMS
Control zones and control points for C/S basic client/server architectures
Control zones for complex, multi-platform C/S architectures
Control objectives for C/S control zones/points (workstations, communications, connectivity, client-side, server side, server database, server software, vendors, etc.)
Multi-platform and complex client/server environment and additional control points. Mainframe server controls
AUDIT APPROACHES FOR CLIENT/SERVER SYSTEMS
Audit strategy and audit involvement postures
Audit evidence, audit trails
Audit and test approaches - Controls review vs. testing of C/S controls Recommendations for management to harness C/S
This is the only course available on client/server specifically directed to internal controls and security. Participants should acquire the proprietary manual MAP-34 "Control, Audit & Security of Client/Server Systems", which will be used in class, at the special price of $115 instead of the list price of $175. See description of MAP-34 IN MASP PUBLICATIONS SECTION.