ICT Risk Management Framework translates DORA expectations into practical audit steps that teams can execute and evidence. You will learn what supervisors typically test, how to scope audits to critical services and dependencies, and how to document conclusions with defensible evidence. The course is designed for auditors, risk owners, and control functions who need repeatable, inspection-ready outcomes.
Objectives:
In this course, you should learn to:
- Explain the audit intent and scope for ICT Risk Management Framework.
- Identify expected controls evidence and governance artefacts.
- Apply a risk-based approach to testing and assurance activities.
- Recognise common failure patterns that drive supervisory findings.
- Prepare audit-ready outputs suitable for inspections and reviews.
Audience:
- Internal Audit
- ICT Risk
- Compliance
- IT Operations
- Security
- GRC
Duration:
2.5 hours
