CITP Body of Knowledge
The CITP credential holder possesses a breadth of business and technology experience. The CITP Body of Knowledge represents the qualifying areas of information assurance and management knowledge for both business experience and life long learning.
This visual depiction illustrates the interconnectivity and continuous process flow of the areas that comprise the CITP Body of Knowledge.
All CITP professionals should possess an understanding of the following knowledge and skills:
Section 1 – Risk Assessment
- Initial evaluation of risks that may impact the possibility of a material misstatement or the vulnerability of an organization’s assets with initial assumptions, research, and uncertainties
Section 2 – Fraud Considerations
- Consideration of the risks of material misstatement due to fraud and determine specific IT techniques to detect fraud.
Section 3 – Internal Control and IT General Controls
- Provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes/use.
Information Technology General Controls
- Control objectives relate to the confidentiality, integrity, and availability of data and the overall management of the IT function of the business enterprise.
- Understand, identify, design, implement, and monitor processes/systems used to enable security of information
Section 4 – Evaluate, Test, and Report
Types of Audit and Attest Services
- Provide assurance to the public on financial statements, a client service, or a specific segment or piece of an entity’s operations.
Auditing Techniques & Procedures
- Techniques and options to design and execute testing procedures.
Assessment of Controls
- Evaluation process of controls and the entity’s environment after examination and testing.
- Provide assurance on the presentation, timeliness, and auditability of information.
Section 5 – Information Management & Business Intelligence
- Ensure that information is managed such that it provides value in a number of aspects.
Business Process Improvement
- Identify opportunities and understand the value of using information technology to create work flows and processes that enable more effective use of resources.
Data Analysis & Reporting Techniques
- Process of gathering, modeling, and transforming data with the goal of highlighting useful information, suggesting conclusions, and supporting decision making.
- Apply data analysis and reporting concepts to analyze enterprise performance and help the organization achieve its accountability goals and objectives, using financial and non-financial information.