This course is designed to help candidates prepare for sitting the ISACA CISA certification examination. By taking this course and obtaining CISA certification, your experience and skills in auditing and securing the organization’s information systems will be validated. Securing the organization’s information is a critical business objective in today’s business environment. The information that an organization depends on to be successful can be at risk from numerous sources. By effectively managing audit processes, controls, and other security aspects of the business, you will greatly contribute to the overall security of the organization.

starstarstarstarstar_outline

* Actual course outline may vary depending on offering center. Contact your sales representative for more information.

Learning Objectives

Upon successful completion of this course, students will be able to:

- implement information systems audit services in accordance with information systems audit standards, guidelines, and best practices.
- evaluate an organizations structure, policies, accountability, mechanisms, and monitoring practices.
- evaluate information systems acquisition, development, and implementation.
- evaluate the information systems operations, maintenance, and support of an organization; and evaluate the business continuity and disaster recovery processes used to provide assurance that in the event of a disruption, IT services are maintained.
- define the protection policies used to promote the confidentiality, integrity, and availability of information assets.

1

  • The Process of Auditing Information Systems Domain

  • Some Organizations, Laws, Standards, and Frameworks
    ISAAS
    From Governance to Procedures
    KGI, CSF, KPI, and KRI
    ALE, RTO, RPO, SDO, MTO, MTD, and AIW
    Risk Appetite, Tolerance, and Capacity
    From Threats to Controls
    Risk Management
    Sampling
    IS Auditor Duties for the Process of Auditing Information Systems Domain
2

  • The Governance and Management of IT Domain

  • Security Concepts
    Roles, Responsibilities, and a RACI Matrix
    Human Resources (HR)
    Outsourcing
    Cloud Computing
    Capital Expenditures and Operational Expenditures
    BCP, DRP, and BIA
    Plan Testing
    Enterprise Architecture
    Governance
    Information Security Policy
    Information Technology Management Practices
    IT Organizational Structure Roles and Responsibilities
    IS Auditor Duties for the Governance and Management of IT Domain
3

  • The Information Systems Acquisition, Development, and Implementation Domain

  • Project Management
    Benefits Realization
    The Software Development Lifecycle (SDLC)
    Software Development
    E-Commerce
    EDI
    Email
    Electronic Money
    Integrated Manufacturing System (IMS)
    Industrial Control Systems (ICS)
    Artificial Intelligence and Expert Systems
    Business Intelligence (BI)
    Decision Support System (DSS)
    Re-Engineering
    Other Business Applications
    Infrastructure
    Managing Change, Configuration, Patches, and Releases
    Application Controls
    IS Auditor Duties for the Information Systems Acquisition, Development, and Implementation Domain
4

  • The Information Systems Operations, Maintenance, and Service Management Domain

  • Information Systems Operations
    Hardware Architecture
    Operating Systems
    Database Management
    Third-Party Software
    Network Infrastructure
    Internet Concepts
    Telecommunications
    IS Auditor Duties for the Information Systems Operations, Maintenance, and Service Management Domain
5

  • The Protection of Information Assets Domain

  • Asset Classification
    Security Awareness and Training
    External Parties
    Computer Crime
    Logical Access
    Remote Connectivity
    Media Handling
    Network Security
    Firewalls
    Intrusion Detection
    Encryption
    Penetration Testing
    Environmental Issues
    Data Leakage Prevention (DLP)
    Physical Access
    IS Auditor Duties for the Protection of Information Assets Domain

Audience

The intended audience for this course is information security and IT professionals, particularly internal auditors, who are interested in earning the CISA certification. The course is also applicable to individuals who are interested in learning about information security audits, controls, and security.

Language

English

Prerequisites

To ensure your success, you should have at least five years of professional experience in information systems auditing, control, or security. You are also required to prove this level of experience to ISACA in order to obtain certification. The major areas of work experience are described in the CISA job practice domains: - The process of auditing information systems - Governance and management of IT - Information systems acquisition, development, and implementation - Information systems operations, maintenance, and service management - Protection of information assets

Course Info

Not Your Location? Change

Cost: $ 3,475

Length: 5.0 days (40 hours)

Level:

Next Available Classes:

Schedule select
08
May
Monday
9:00 AM ET -
5:00 PM ET
Available
Schedule select
21
Aug
Monday
8:00 AM PT -
4:00 PM PT
Available
Schedule select
13
Nov
Monday
9:00 AM ET -
5:00 PM ET
Available
Loading...