ISACA CERTIFIED INFORMATION SYSTEMS AUDITOR (ISACA CISA)

COURSE DESCRIPTION

The CISA Certification, or Certified Information Systems Auditor, educates candidates in Information Systems Auditing, Control, and Security. This highly sought-after credential covers Five Domains of Information Security Auditing, thus allowing professionals to enhance their skills in Information Technology and Security. Avail the guidance of our experienced trainers and be ready to ace in the field.

OBJECTIVES:

• Enhance your knowledge about information system auditing techniques
• Validation of expertise in Information Systems Auditing, Control, and Security
• Enhanced credibility with the globally recognised CISA Certification
• Expand your knowledge on the subject with our comprehensive curriculum
• Enjoy the benefits of training sessions conducted by expert trainers

WHO IT IS FOR:

The CISA Training Certification is a globally recognised certification, designed to validate the expertise of professionals in auditing, controlling, and assuring information systems. This CISA Certification, can be beneficial for multiple professionals, including:

• Information Systems Auditors
• Internal Auditors
• Risk Management Specialists
• Compliance Officers
• Security Analysts
• IT Consultants
• Data Protection Officers

COURSE OUTLINE:

Domain 1: Information Systems Auditing Process
Module 1: Planning
• Introduction
• IS Audit Standards, Guidelines, and Codes of Ethics
• Business Processes
• Types of Controls
• Risk-Based Audit Planning
• Types of Audits and Assessments

Module 2: Execution
• Audit Project Management
• Sampling Methodology
• Audit Evidence Collection Techniques
• Data Analytics
• Reporting and Communication Techniques
• Quality Assurance and Improvement of the Audit Process

Domain 2: Governance and Management of IT
Module 3: IT Governance and IT Strategy
• Introduction to IT Governance and IT Strategy
• IT-Related Frameworks
• IT Standards, Policies, and Procedures
• Organisational Structure
• Enterprise Architecture
• Enterprise Risk Management
• Maturity Models
• Laws, Regulations, and Industry Standards Affecting the Organisation

Module 4: IT Management
• IT Resource Management
• IT Service Provider Acquisition and Management
• IT Performance Monitoring and Reporting
• Quality Assurance and Quality Management of IT

Domain 3: Information Systems Acquisition and Development
Module 5: Information Systems Acquisition and Development
• Project Governance and Management
• Business Case and Feasibility Analysis
• System Development Methodologies
• Control Identification and Design

Module 6: Information Systems Implementation
• Testing Methodologies
• Configuration and Release Management
• System Migration, Infrastructure Deployment, and Data Conversion
• Post-Implementation Review

Domain 4: Information Systems Operations and Business Resilience
Module 7: Information Systems Operations
• Introduction
• Common Technology Components
• IT Asset Management
• Job Scheduling and Production Process Automation
• System Interfaces
• End User Computing
• Data Governance
• System Performance Management
• Problem and Incident Management
• Change, Configuration, Release, and Patch Management
• IT Service Level Management
• Database Management

Module 8: Business Resilience
• Business Impact Analysis
• System Resiliency
• Data Backup, Storage, and Restoration
o Backup and Restoration
o Backup Schemes
• Business Continuity Plan
o IT Business Continuity Planning
o Disasters and Other Disruptive Events
o Business Continuity Policy
o Business Continuity Planning Incident Management
o Development of Business Continuity Plans
o Other Issues in Plan Development
o Components of a Business Continuity Plan
o Key Decision-Making Personnel
o Backup of Required Supplies
o Insurance
o Plan Testing
o Auditing Business Continuity
• Disaster Recovery Plans

Domain 5: Protection of Information Assets
Module 9: Information Asset Security Frameworks, Standards, and Guidelines
• Introduction to Asset Security Frameworks, Standards, and Guidelines
• Privacy Principles
• Physical Access and Environmental Controls
• Identity and Access Management
• Network and End-Point Security
• Shadow IT
• Data Classification
• Data Encryption and Encryption Related Techniques
• Public Key Infrastructure
• Web-Based Communication Technologies
• Virtualised Environments
• Mobile, Wireless, and Internet of Things

Module 10: Security Event Management
• Security Awareness Training and Programmes
• Information System Attack Methods and Techniques
• Security Testing Tools and Techniques
• Incident Response Management
• Evidence Collection and Forensics

For FULL COURSE OUTLINE, please contact us. Please contact us for the schedules and for booking a private class

Inquire Now