The CISA (Certified Information Systems Auditor) by ISACA (Information Systems Audit and Control Associations) is one of the most respected certifications in the world. Information systems auditor use this certification to show organizations that they understand how to conduct an Information Systems audit efficiently.
What you will learn
The CISA Certification is recognized as one of the leading credentials in the areas of IS auditing, control, and information security. This official ISACA course provides you with in-depth coverage of the five CISA domains that are covered on the CISA Exam. These areas include auditing information systems; IT governance and management of IT; information systems acquisition, development, and implementation; information systems operations, maintenance, and support; and protection of information assets. This course is designed specifically for experienced information security professionals who are preparing to take the CISA exam.
Important Course Information
Requirements:
IT professionals must have 5 years or more of IS audit, control, assurance, and security experience.
Exam:
Computer-Based Testing (CBT) is offered during three testing windows of eight-week durations. The windows are May – June, August, and November – December. With ISACA CBT exams, candidates will now receive a preliminary score report at the conclusion of their exam. Official scores will be sent to candidates via email within 10 working days of their exam.
Course outline
Develop and implement a risk-based IT audit strategy
Plan specific audits
Conduct audits in accordance with IT audit standards
Report audit findings and make recommendations to key stakeholders
Conduct follow-ups or prepare status reports
Develop and implement a risk-based IT audit strategy
Plan specific audits
Conduct audits in accordance with IT audit standards
Report audit findings and make recommendations to key stakeholders
Conduct follow-ups or prepare status reports
Module 2: IT Governance and Management of IT
Evaluate the effectiveness of the IT governance structure
Evaluate IT organizational structure and human resources (personnel) management
Evaluate the organization’s IT policies, standards, and procedures
Evaluate the adequacy of the quality management system
Evaluate IT management and monitoring of controls
Evaluate IT contracting strategies and policies, and contract management practices
Evaluate risk management practices
Evaluate the organization’s business continuity plan
Module 3: Information Systems Acquisition, Development, and Implementation
Evaluate the business case for proposed investments in information
Evaluate the project management practices and controls
Conduct reviews to determine whether a project is progressing in accordance with project plans
Evaluate controls for information systems
Evaluate the readiness of information systems for implementation and migration into production
Conduct post implementation reviews of systems
Module 4: Information Systems Operations, Maintenance, and Support
Conduct periodic reviews of information systems
Evaluate service level management practices
Evaluate third-party management practices
Evaluate data administration practices
Evaluate the use of capacity and performance monitoring tools and techniques
Evaluate change, configuration, and release management practices
Module 5: Protection of Information Assets
Evaluate the information security policies, standards and procedures
Evaluate the design, implementation, and monitoring of system and logical security
Evaluate the design, implementation, and monitoring of physical access and environmental controls
Evaluate the processes and procedures used to store, retrieve, transport, and dispose of information assets