Certified Information Systems Auditor (CISA)

COURSE OVERVIEW

For those working in IS audit, control, assurance, and security, the CISA designation is a worldwide recognized certification.

Being CISA certified shows that you have audit experience, expertise, and understanding. It also shows that you can identify vulnerabilities, provide compliance reports, and implement controls in the company.

Achieve CISA, which is recognized globally as the benchmark for individuals who audit, control, monitor, and evaluate business and information technology systems, to further your career.

TARGET AUDIENCE

CISA is intended for:

IT/IS Auditors

IT/IS Consultants

Managers of IS/IT Audits

Experts in Security

Auditors who are not IT

Course Prerequisites

five years or more of professional experience in information systems auditing, control, or security (as defined by the CISA employment practice areas)

Expected Accomplishments

When this course is over, you will:

Learn more about the standards and principles for IS audit and assurance.

Gain a basic understanding of the CISA’s five domains.

Discover the techniques used by those who pass the CISA exam.

COURSE OUTLINE

All five of the CISA domains are covered in the course, and every section directly relates to a CISA job practice.

The following are the task and knowledge assertions, as well as the job practice domains:

Domain 1: Information Systems Auditing Process

Domain 1 Workbook: Task Statements, Glossary, Notes, and Knowledge Statements

Plans and Strategies for Risk-Based IS Audits

Perform Process & Procedure Audits

Key Ideas

Self-Assessments for Control (CSA)

Share Audit Findings and Follow-Up

Activity for Domain 1 Case Study

Domain 2: IT Governance and Management

Workbook for Domain 2: Knowledge Declarations, Task Declarations, Glossary, and Notes

Assess the Information Technology Plan

Examine the IT Governance Framework

Examine the HR department, IT policies, standards, and procedures, as well as the organization structure of IT.

Examine IT portfolio management and resource management.

Examine IT management and risk management procedures.

Assess Controls and KPIs

Assess the BCP Domain 2 Case Study Activity of the Organization

Domain 3: Development, Acquisition, and Implementation of Information Systems

Domain 3 Workbook: Glossary, Notes, Task Statements, and Knowledge Statements

Analyze the proposed investments’ business case.

Examine the Contract Management & IT Supplier Selection Procedures.

Examine the Framework for Project Management and Conduct Project Evaluations

Cloud Service Provider (CSP) Architecture and Virtualization

Assess Information Systems Controls During Acquisition

Assess Implementation Readiness and Conduct Post-Deployment Assessments

Activity for Domain 3 Case Study

Domain 4: Information Systems Maintenance, Operations, and Service Administration

Domain 4 Workbook: Task Statements, Glossary, Notes, and Knowledge Statements

Assess the Practices and Framework of IT Service Management

Perform Information System Reviews on a Regular Basis

Examine IT Maintenance and Operations

Analyze data quality and database management techniques.

Assess Incident & Problem Handling

Practices for Change and Release Management

Examine end-user computing, IT resilience and continuity.

Testing for Disaster Recovery

Activity for Domain 4 Case Study

Domain 5: Information Asset Protection

Workbook for Domain 5: Task Statements, Knowledge Statements, Glossary, and Notes

Examine privacy and information security.

Examine the Environmental and Physical Controls

Analyze the logical and system security controls.

Consider data classification and information asset security measures.

Assess Information Security Initiatives

Activity for Domain 5 Case Study