Course Outline

Certified Information Systems Auditor (CISA)

Duration
5 Days
Price
$675.00
Course Type
No Location
This course is designed to help candidates prepare for sitting the ISACA CISA certification examination. By taking this course and obtaining CISA certification, your experience and skills in auditing and securing the organization’s information systems will be validated. Securing the organization’s information is a critical business objective in today’s business environment. The information that an organization depends on to be successful can be at risk from numerous sources. By effectively managing audit processes, controls, and other security aspects of the business, you will greatly contribute to the overall security of the organization.

Learning Objectives

Upon successful completion of this course, students will be able to:

  • - implement information systems audit services in accordance with information systems audit standards, guidelines, and best practices.
  • - evaluate an organizations structure, policies, accountability, mechanisms, and monitoring practices.
  • - evaluate information systems acquisition, development, and implementation.
  • - evaluate the information systems operations, maintenance, and support of an organization; and evaluate the business continuity and disaster recovery processes used to provide assurance that in the event of a disruption, IT services are maintained.
  • - define the protection policies used to promote the confidentiality, integrity, and availability of information assets.

Course Outline

1 - The Process of Auditing Information Systems Domain
  • Some Organizations, Laws, Standards, and Frameworks
  • ISAAS
  • From Governance to Procedures
  • KGI, CSF, KPI, and KRI
  • ALE, RTO, RPO, SDO, MTO, MTD, and AIW
  • Risk Appetite, Tolerance, and Capacity
  • From Threats to Controls
  • Risk Management
  • Sampling
  • IS Auditor Duties for the Process of Auditing Information Systems Domain
2 - The Governance and Management of IT Domain
  • Security Concepts
  • Roles, Responsibilities, and a RACI Matrix
  • Human Resources (HR)
  • Outsourcing
  • Cloud Computing
  • Capital Expenditures and Operational Expenditures
  • BCP, DRP, and BIA
  • Plan Testing
  • Enterprise Architecture
  • Governance
  • Information Security Policy
  • Information Technology Management Practices
  • IT Organizational Structure Roles and Responsibilities
  • IS Auditor Duties for the Governance and Management of IT Domain
3 - The Information Systems Acquisition, Development, and Implementation Domain
  • Project Management
  • Benefits Realization
  • The Software Development Lifecycle (SDLC)
  • Software Development
  • E-Commerce
  • EDI
  • Email
  • Electronic Money
  • Integrated Manufacturing System (IMS)
  • Industrial Control Systems (ICS)
  • Artificial Intelligence and Expert Systems
  • Business Intelligence (BI)
  • Decision Support System (DSS)
  • Re-Engineering
  • Other Business Applications
  • Infrastructure
  • Managing Change, Configuration, Patches, and Releases
  • Application Controls
  • IS Auditor Duties for the Information Systems Acquisition, Development, and Implementation Domain
4 - The Information Systems Operations, Maintenance, and Service Management Domain
  • Information Systems Operations
  • Hardware Architecture
  • Operating Systems
  • Database Management
  • Third-Party Software
  • Network Infrastructure
  • Internet Concepts
  • Telecommunications
  • IS Auditor Duties for the Information Systems Operations, Maintenance, and Service Management Domain
5 - The Protection of Information Assets Domain
  • Asset Classification
  • Security Awareness and Training
  • External Parties
  • Computer Crime
  • Logical Access
  • Remote Connectivity
  • Media Handling
  • Network Security
  • Firewalls
  • Intrusion Detection
  • Encryption
  • Penetration Testing
  • Environmental Issues
  • Data Leakage Prevention (DLP)
  • Physical Access
  • IS Auditor Duties for the Protection of Information Assets Domain

Target Audience

The intended audience for this course is information security and IT professionals, particularly internal auditors, who are interested in earning the CISA certification. The course is also applicable to individuals who are interested in learning about information security audits, controls, and security.

Upcoming Class Dates and Times
Login