Aethos Academy
Dates Being Finalized

Where modern assurance
is learned, not inherited.

Most assurance education is built around how controls worked in the past. Academy is built around how platforms work now—and what practitioners actually need to operate inside them.

Live, cohort-based training led by a seasoned practitioner with deep roots in IT audit and platform assurance. Not lecture recordings. Not certification prep. The real work.

Training Cohorts

Live, small-group training.
Built for practitioners doing the work.

Each cohort is a focused, live engagement designed to take you from aware to operationally capable. Small groups, real scenarios, direct access to the instructor. Each cohort stands on its own—take what's relevant to where you are now.

Dates Being Finalized

SOX ITGC Readiness for Modern Platform Environments

Going through a first-year SOX audit—or inheriting an ITGC program built for a different tech stack? This cohort teaches you how to assess, rationalize, and rebuild for the environment you're actually in.

FormatLive — Virtual
Sessions3 × 60 min
Cohort Size12 practitioners max
LevelManager — Director
Price$599 / seat
Subscriber Price$499 / seat

Most ITGC programs were designed around a technology stack that no longer reflects how organizations run. This cohort teaches you how to scope, rationalize, and rebuild an ITGC program for the cloud-native, CI/CD-driven environments that modern enterprises operate in—and how to communicate those decisions to external auditors.

  • Scoping ITGC programs across cloud-native and hybrid platform environments
  • Control rationalization: identifying gaps, redundancies, and coverage failures
  • Mapping PCAOB AS 2201 requirements to modern infrastructure
  • Building an ITGC population strategy that scales as the tech stack evolves
  • Communicating control design decisions to external auditors effectively
  • Readiness assessment frameworks for first-year and re-scoped SOX programs
Included with enrollment

2 post-cohort sessions with the instructor

After the cohort ends, you get two dedicated follow-on sessions to use however is most useful — applying concepts to your specific environment, working through questions from the field, thinking through audit strategy, or whatever the conversation calls for.

Notify Me When Open Subscribe to the Aethospect — we'll reach out when enrollment opens.

Frameworks Practitioner subscribers ($799/yr) receive the $499 seat rate automatically at enrollment. For team or group training, contact [email protected].

Dates Being Finalized

Understanding CI/CD Pipelines for Auditors

The pipeline is no longer a development concern. It is a financial reporting control surface. This cohort teaches you how to audit it like one.

FormatLive — Virtual
Sessions3 × 60 min
Cohort Size12 practitioners max
LevelPractitioner — Manager
Price$599 / seat
Subscriber Price$499 / seat

Most IT auditors can describe CI/CD in general terms. Far fewer can identify where a pipeline introduces unauthorized change risk, where separation of duties collapses, or what evidence actually demonstrates that a deployment gate was enforced rather than bypassed. This cohort closes that gap.

You will leave knowing how to read a pipeline configuration, map its control points, identify where SOX ITGC requirements attach, and design a testing approach that produces defensible evidence.

  • How CI/CD pipelines are architected and where control surfaces live
  • Mapping pipeline stages to ITGC change management requirements
  • Identifying separation of duties failures in automated workflows
  • What branch protection, approval gates, and environment controls actually prove
  • Evidence collection strategies that hold up to PCAOB scrutiny
  • Common pipeline misconfigurations and how auditors detect them
  • Testing approaches for GitHub Actions, GitLab CI, Jenkins, and CircleCI
  • How to document pipeline audit findings in a way reviewers understand
Included with enrollment

2 post-cohort sessions with the instructor

After the cohort ends, you get two dedicated follow-on sessions to use however is most useful — applying concepts to your specific environment, working through questions from the field, thinking through audit strategy, or whatever the conversation calls for.

Notify Me When Open Subscribe to the Aethospect — we'll reach out when enrollment opens.

Frameworks Practitioner subscribers ($799/yr) receive the $499 seat rate automatically at enrollment. For team or group training, contact [email protected].

Dates Being Finalized

Cloud Identity & Access Management for IT Auditors

IAM in cloud environments is not a permissions list. It is a policy architecture—and auditing it requires understanding how identity, roles, and entitlements actually propagate at runtime.

FormatLive — Virtual
Sessions3 × 60 min
Cohort Size12 practitioners max
LevelPractitioner — Manager
Price$599 / seat
Subscriber Price$499 / seat
  • How AWS IAM, Azure Entra ID, and GCP IAM models differ structurally
  • Privilege escalation pathways that standard access reviews miss
  • Auditing service accounts, workload identities, and federated access
  • Designing effective access reviews that go beyond last-login dates
  • Evidence strategies for SOX logical access controls in cloud environments
  • What identity drift looks like and how to detect it during fieldwork
Included with enrollment

2 post-cohort sessions with the instructor

After the cohort ends, you get two dedicated follow-on sessions to use however is most useful — applying concepts to your specific environment, working through questions from the field, thinking through audit strategy, or whatever the conversation calls for.

Notify Me When Open Subscribe to the Aethospect — we'll reach out when enrollment opens.

Frameworks Practitioner subscribers ($799/yr) receive the $499 seat rate automatically at enrollment. For team or group training, contact [email protected].

Dates Being Finalized

IT Application Controls Testing: A Practitioner's Field Guide

ITACs are where SOX testing gets hard. Inputs, interfaces, processing logic, and outputs—each with different failure modes, different evidence requirements, and different ways auditors get it wrong.

FormatLive — Virtual
Sessions3 × 60 min
Cohort Size12 practitioners max
LevelPractitioner — Senior
Price$599 / seat
Subscriber Price$499 / seat
  • The ITAC taxonomy: automated controls, interface controls, report controls, and access
  • Designing walkthroughs that actually map the control logic
  • When to rely on an ITAC vs. when to extend manual testing
  • Evidence standards that hold up under PCAOB AS 2201 inspection
  • Testing completeness and accuracy of system-generated reports
  • Common deficiency patterns and how to remediate them effectively
Included with enrollment

2 post-cohort sessions with the instructor

After the cohort ends, you get two dedicated follow-on sessions to use however is most useful — applying concepts to your specific environment, working through questions from the field, thinking through audit strategy, or whatever the conversation calls for.

Notify Me When Open Subscribe to the Aethospect — we'll reach out when enrollment opens.

Frameworks Practitioner subscribers ($799/yr) receive the $499 seat rate automatically at enrollment. For team or group training, contact [email protected].

Why This Is Different

Not another survey course.
Not a certification sprint.

There is no shortage of IT audit training. There is a significant shortage of training built for how platforms actually behave and how auditors actually work inside them.

01

Live and direct.

Every session is live. You bring your real questions, your actual scenarios, and the environments you're working in. The conversation shapes the training—not the other way around.

02

Small cohorts by design.

Twelve practitioners maximum. This is intentional. The quality of learning degrades as cohort size scales up. Aethos doesn't compromise that for throughput.

03

Platform-native from the start.

Content is built around how the platforms work—their actual architecture, their real failure modes, their native evidence. Not adapted from generic IT audit curricula.

04

Built for operational outcome.

The goal is not awareness. It is capability. Every cohort ends with practitioners who can apply what they learned in the field—in the next engagement, not in a future course.

05

Grounded in real fieldwork.

The scenarios, the failure patterns, the evidence examples—all drawn from actual engagements. Not hypotheticals constructed to fit a learning objective.

06

Connected to the Aethos ecosystem.

Academy cohorts pair directly with Aethos Frameworks—so what you learn maps to the control structures, testing approaches, and evidence models you can use immediately.

The Academy Curriculum

Practitioner capability across
the modern platform stack.

Each cohort is independent—take what's relevant to where you are now, return as your environment evolves. No prescribed sequence, no prerequisites.

01

SOX ITGC Program Design

Scoping, rationalization, and architecture for ITGC programs in organizations where the tech stack has outpaced the control framework built to govern it.

02

CI/CD & DevOps Pipelines

Where unauthorized change risk actually lives in modern software delivery. How to map, test, and produce evidence from automated deployment architectures.

03

Cloud Identity & Access

IAM in cloud-native environments goes well beyond user provisioning. Roles, policies, service accounts, federated identity—and how to audit each of them effectively.

04

IT Application Controls

Automated controls, interface controls, report controls, and access. A rigorous, practitioner-level approach to ITAC design and testing under PCAOB AS 2201.

Get early access

The material is ready.
Dates are being set.

Each cohort is $599 per seat. Frameworks Practitioner subscribers ($799/yr) enroll at $499. Aethospect subscribers get first notice and enrollment access before anything is announced publicly. Subscribe now and we'll reach out directly when a cohort opens.

Join the Aethospect

Free. Practitioner-focused. No noise.