# Information Systems Auditing Course Canonical URL: ## Overview Learn the basic processes, tools, and techniques involved in auditing today's information systems. Become familiar with the basic audit techniques specified in the U.S. Government Accountability Office's Federal Information System Controls Audit Manual (FISCAM), selected National Institute of Standards and Technology (NIST) special publications, and other relevant audit guidance by engaging in exercises, case studies, lectures, and discussions. Improve your skill set by discovering alternative methods of evaluating and testing both general and business process application controls, including identifying indicators of potential fraud. Updated to reflect the revised 2014 internal control standards issued by the Comptroller General. ## What you'll learn - Provide a conceptual framework of internal controls in a computer environment. - Discuss the primary steps in conducting a risk assessment of an IT system. - Review the audit implications of recent technological changes. - Review the evaluation and testing procedures for General and Business Process Application Controls. ## Curriculum #### Module 1: Performing Information System Controls Audits - Plan, test, and report IS controls using a risk-based strategy that scopes work to objectives and resources. - Review audit trail concepts, layers of control, and fundamentals of reliable, available, auditable systems. - Plan the IS audit: define objectives and scope, understand operations and networks, identify key areas and risks, and document plans. - Test controls at entity, system, and application levels; evaluate effectiveness; and report results with required documentation. #### Module 2: Professional Guidance and Standards - Survey GAO guidance (e.g., Green Book), NIST publications, and OMB circulars pertinent to IS control assessments. - Review IIA frameworks (PPF, Practice Guides/GTAG, GAIT) and ISACA standards/objectives. - Note PCAOB standards and their implications for reporting control deficiencies. #### Module 3: Risk Considerations for an IT System - Define scope and identify potential threat-sources, vulnerabilities, and existing controls. - Assess likelihood and impact to determine risk levels (confidentiality, integrity, availability). - Document results and develop control recommendations and audit procedures. #### Module 4: Auditing in a Changing Environment - Examine evolution and complexity of IT (ERP, cloud) and associated control classifications. - Differentiate preventive, detective/corrective, and directive controls specific to IT. - Apply audit strategies and CAATs (e.g., test data, parallel simulation) in an IT environment. #### Module 5: Assessing the Effectiveness of General Controls - Use a structured methodology to evaluate entity-wide and system-level general controls. - Assess security management, access controls, configuration management, segregation of duties, and contingency planning. - Link general-control effectiveness to reliability of application-level controls. #### Module 6: Assessing the Effectiveness of Business Process Application Controls - Coordinate testing of application-level controls with entity and system general controls. - Evaluate application security (AS), business process controls (BP), interface controls (IN), and data management system controls (DA). - Perform audit programs for input, processing, and output controls to ensure completeness, accuracy, validity, confidentiality, and availability. #### Module 7: Case Study - Apply the full IS controls audit lifecycle—planning, testing, evaluation, and reporting—to a practical scenario. - Integrate risk analysis and control assessment findings to form conclusions and recommendations. ## Schedule - Jun 22, 2026 – Jun 24, 2026 — Live Online - Aug 11, 2026 – Aug 13, 2026 — Live Online - Sep 28, 2026 – Sep 30, 2026 — Live Online - Nov 18, 2026 – Nov 20, 2026 — Live Online ## Instructors ### Mark Gebicke — Instructor Mark E. Gebicke is an accomplished consultant and instructor with over 50 years of experience in auditing, leadership, and federal program evaluation. A retired Senior Executive from the U.S. Government Accountability Office (GAO), Mark spent two decades in GAO's Senior Executive Service, where he led performance reviews and provided congressional testimony on critical issues for agencies such as NASA, the Department of Defense, and the Department of Justice. His expertise spans personnel, readiness, logistics, budget, operations, anti-terrorism, and weapon systems, as well as performance reviews for agencies like the Federal Reserve, U.S. Postal Service, and Department of Energy. In addition to his auditing and consulting work, Mark has been a dedicated instructor at Graduate School USA since 2008. He draws on his extensive experience to teach courses on auditing techniques, leadership, and project management. During his tenure at GAO, he also developed and implemented the agency's Professional Development Program, managing over 200 new staff annually and mentoring Senior Executive Service candidates. Mark holds a Bachelor of Science in Business from High Point University and a Master of Science in Governmental Administration from George Washington University, and he has received numerous awards for his contributions to both GAO and Graduate School USA. ### Penny Popps — Instructor Penny N. Popps is an exceptional leader with 20+ years of private and public sector experience and expertise in the field of accounting, audit, compliance, risk management, fraud, and internal controls. She is the recipient of multiple public service, appreciation, recognition, and performance awards. And she’s currently devoted to teaching Financial Management courses at Graduate School USA as an Instructor. During her almost 15 years as a Federal Government Public Servant, she had many pivotal transformational leadership roles including being the 1st Fraud Risk Manager at the U.S. Small Business Administration (SBA) where she successfully helped to mature its Fraud Risk Management Program. She has a B.B.A in Accounting from the University of Texas at Arlington, Master of Business Administration (MBA) from Texas Woman’s University, Advanced Technical Certificate in Professional Accountancy from Dallas College, Certified Fraud Examiner (CFE), Certified Internal Controls Auditor (CICA), and the Department of Defense (DOD) Financial Management Certifications along with an ICF Associate Certified Coach (ACC) Certification. Prior to SBA, she had a career at HUD that spans over six years managing projects that ensured the successful and efficient delivery of affordable, safe, and decent housing to U.S. citizens along with safeguarding HUD's programs from fraud, waste, and abuse. While at HUD she led multiple audit teams in the execution of complex quality control reviews of independent public accounting firms (Single Audits), CIGIE reviews, financial assessments, staffing studies, annual OMB A-123 risk assessment reviews for the Accountability, Integrity, & Risk (AIR) Program, etc. During her Federal Government career, she also was the Branch Chief of Financial Reporting at the DHS ICE OCFO, Office of FM-Financial Service Center. She oversaw the operations of both the Payroll and Fund Balance with Treasury Units for all DHS ICE components which processed approximately $5.2B in payroll transactions and reconciled $10.1B in cash transactions, achieving improved optimization of FM. For many years, she also successfully led and supervised audit teams at the Defense Contract Audit Agency (DCAA) in which she recovered millions in questioned costs owed from contractors. And within state government, she recovered millions of sales and use tax dollars owed to the Texas State Comptroller of Public Accounts as she led various audits. All of her efforts ensured that taxpayer dollars were being utilized reasonably and efficiently. Popps’ many years of experience in the private sector included helping to build successful internal audit divisions at major corporations such as Essilor Group and Fossil Group. During her career, she continues to gain expertise and knowledge while paying it forward by mentoring, coaching, and training those new to the accounting, audit, compliance, risk management, fraud, and internal controls industries. Popps is very passionate about all her philanthropy and volunteer efforts, especially with Alpha Kappa Alpha Sorority, Inc. and the Junior League of Washington. It’s her mission to continue to provide service to all mankind during her career, in retirement, and throughout her life. She currently resides in Alexandria, VA and spends her leisure time reading. ### Lyndon S. Remias — Instructor Lyndon Remias is a trailblazer in the field of government auditing, known for his integrity, leadership, and commitment to public accountability. With over 28 years of experience spanning public, private, and governmental sectors, Lyndon has built a reputation as a trusted expert in financial oversight and risk management. He holds multiple professional certifications, including Certified Public Accountant (CPA), Certified Internal Auditor (CIA), Certified Government Auditing Professional (CGAP), and Certification in Risk Management Assurance (CRMA)—credentials that reflect both his technical mastery and dedication to excellence. Lyndon’s career includes impactful roles at organizations such as the City of Virginia Beach, Amerigroup Corporation, Eastern Virginia Medical School, NEXCOM, Auditor of Public Accounts, and KPMG, where he honed his skills in operational auditing, compliance, and performance evaluation. His leadership extended into public service when he was elected to the Virginia Beach School Board, demonstrating his commitment to community engagement and education. A passionate educator and thought leader, Lyndon has served as a seminar instructor for the Graduate School and the Institute of Internal Auditors (IIA), earning recognition as a Distinguished Instructor for his engaging delivery and deep subject matter expertise. He has presented at numerous professional conferences and has held key leadership positions within the IIA and the Virginia Local Government Auditors Association (VLGAA), including serving as President of both organizations. Currently, Lyndon contributes to the profession as a peer review team leader for the Association of Local Government Auditors (ALGA), helping ensure audit quality and ethical standards across the country. A proud graduate of Old Dominion University, Lyndon earned a Bachelor of Science in Business Administration with a major in Accounting. In 2013, he was honored with the Lifetime Achievement Award from ODU’s Accounting Department for his outstanding contributions to the profession and the university. ### James T. Campbell — Instructor James T. Campbell is a subject matter expert in federal financial management with more than a decade of experience developing and teaching budgeting, accounting, auditing, and internal control courses at Graduate School USA. His background includes extensive federal management consulting and audit work as a Senior Principal Consultant with PricewaterhouseCoopers LLP and IBM Consulting Services, as well as a long career providing independent audit and review services with the U.S. Government Accountability Office. At Graduate School USA, James Campbell leads classes on internal control requirements, performance auditing, federal accounting, financial statements, analysis techniques, and budgeting. He has also served as lead SME for the design of several open-enrollment courses focused on decision support and analytical skills. He holds a B.S. in Accounting from East Tennessee State University, an M.P.A. from Georgia State University, and is an active member of the AICPA and the Association of Government Accountants. ### Angelo Capolupo — Instructor Angelo M. Capolupo is a retired U.S. Army Colonel with over 38 years of military service and more than four decades of federal financial management experience. He is a Certified Public Accountant (CPA) and Certified Defense Financial Manager (CDFM), with a Master’s degree in Accounting from Rider University and a Master’s in Strategic Studies from the U.S. Army War College. Throughout his career, Angelo has held senior financial leadership roles, including Comptroller and Chief Financial Officer for the New Jersey Army & Air National Guard, as well as CFO for the New Jersey Department of Military & Veterans Affairs. His expertise spans federal budgeting, accounting, auditing, internal controls, payroll, grants management, and federal appropriations law. Notably, he established centralized funding and accounting operations supporting over $1.7 billion in wartime funding during deployments to Iraq, Bosnia, and Germany. Angelo has taught federal financial management to audiences ranging from entry-level staff to senior executives and continues to bring real-world experience into the classroom. He joined the GSUSA instructor team in early 2024 and is committed to helping students understand federal financial practices through practical examples and historical context. ## Pricing **Tuition:** $1199