CISA Certified Information System Auditor

Overview / Course outline

CISA (Certified Information Systems Auditor) training is designed to prepare individuals for the CISA certification exam, which is a globally recognized certification for professionals who audit, control, monitor, and assess information technology and business systems.
The benefits of CISA certification include recognition as a qualified professional in the field of IT audit, increased job opportunities and career advancement, and the ability to demonstrate knowledge and expertise in IT audit to employers, clients, and stakeholders. In addition to training, individuals may also need to have relevant work experience to be eligible to sit for the CISA exam.

Prerequisites

No prior certifications are required.

What the topics cover

The course content surrounds the core Five Domains, outlined below;

What’s Included in this CISA Training Course?

Domain 1: Information Systems Auditing Process
Module 1: Planning
Introduction
IS Audit Standards, Guidelines, and Codes of Ethics
Business Processes
Types of Controls
Risk-Based Audit Planning
Module 2: Execution
Audit Project Management
Sampling Methodology
Audit Evidence Collection Techniques
Data Analytics
Reporting and Communication Techniques
Quality Assurance and Improvement of the Audit Proces
Domain 2: Governance and Management of IT
Module 3: IT Governance and IT Strategy
Introduction to IT Governance and IT Strategy
IT-Related Frameworks
IT Standards, Policies, and Procedures
Organisational Structure
Enterprise Architecture
Enterprise Risk Management
Maturity Models
Laws, Regulations, and Industry Standards Affecting the Organisation
Module 4: Management
IT Resource Management
IT Service Provider Acquisition and Management
IT Performance Monitoring and Reporting
Quality Assurance and Quality Management of IT

Certified Information Systems Auditor Course Outline

Domain 3: Information Systems Acquisition and Development

Module 5: Information Systems Acquisition and Development
Project Governance and Management
Business Case and Feasibility Analysis
System Development Methodologies
Control Identification and Design
Module 6: Information Systems Implementation
Testing Methodologies
Configuration and Release Management
System Migration, Infrastructure Deployment, and Data Conversion
Post-Implementation Review

Domain 4: Information Systems Operations and Business Resilience

Module 7: Information Systems Operations
Introduction
Common Technology Components
IT Asset Management
Job Scheduling and Production Process Automation
System Interfaces
End User Computing
Data Governance
System Performance Management
Problem and Incident Management
Change, Configuration, Release, and Patch Management
IT Service Level Management
Database Management
Module 8: Business Resilience
Business Impact Analysis
System Resiliency
Data Backup, Storage, and Restoration
Backup and Restoration
Backup Schemes
Business Continuity Plan
IT Business Continuity Planning
Disasters and Other Disruptive Events
Business Continuity Policy
Business Continuity Planning Incident Management
Development of Business Continuity Plans
Other Issues in Plan Development
Components of a Business Continuity Plan
Key Decision-Making Personnel
Backup of Required Supplies
Insurance
Plan Testing
Auditing Business Continuity
Disaster Recovery Plans

Domain 5: Protection of Information Assets

Module 9: Information Asset Security Frameworks, Standards, and Guidelines
Introduction to Asset Security Frameworks, Standards, and Guidelines
Auditing the Information Security Management Framework
Privacy Principles
Physical Access and Environmental Controls
Identity and Access Management
Network and End-Point Security
Shadow IT
Data Classification
Data Encryption and Encryption Related Techniques
Symmetric Key Cryptographic Systems
Public (Asymmetric) Key Cryptographic Systems
Applications of Cryptographic Systems
Public Key Infrastructure
Web-Based Communication Technologies
Virtualised Environments
Mobile, Wireless, and Internet of Things
Module 10: Security Event Management
Security Awareness Training and Programs
Information System Attack Methods and Techniques
Security Testing Tools and Techniques
Incident Response Management
Evidence Collection and Forensics

What’s included on this course?

Course material, Knowledge Test, Certificate of attendance
NO CISA EXAMS INCLUDED *(The exam must be booked separately through ISACA. The exams are carried out during eight-week testing windows. These are arranged for 1st May to 30th June, 1st August to 30 September, and 1st November to 31st December. Exams take place in testing centres which are located globally.)

Course Duration

Course duration and time (optional)
3 days (delivered over Saturdays)
9:00am – 4:00pm

Who should attend this course?

Participants in CISA training may include;
IT auditors,
security professionals,
risk managers, and
other professionals involved in IT governance and audit.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.