Incluzion

CISA Certified Information System Auditor

Overview / Course outline

CISA (Certified Information Systems Auditor) training is designed to prepare individuals for the CISA certification exam, which is a globally recognized certification for professionals who audit, control, monitor, and assess information technology and business systems.
The benefits of CISA certification include recognition as a qualified professional in the field of IT audit, increased job opportunities and career advancement, and the ability to demonstrate knowledge and expertise in IT audit to employers, clients, and stakeholders. In addition to training, individuals may also need to have relevant work experience to be eligible to sit for the CISA exam.

Prerequisites​

No prior certifications are required.

What the topics cover

  • The course content surrounds the core Five Domains, outlined below;

What’s Included in this CISA Training Course?

What’s Included in this CISA Training Course?

  • Domain 1: Information Systems Auditing Process

  • Module 1: Planning
    Introduction
    IS Audit Standards, Guidelines, and Codes of Ethics
    Business Processes
    Types of Controls
    Risk-Based Audit Planning

  • Module 2: Execution
    Audit Project Management
    Sampling Methodology
    Audit Evidence Collection Techniques
    Data Analytics
    Reporting and Communication Techniques
    Quality Assurance and Improvement of the Audit Proces

  • Domain 2: Governance and Management of IT

    Module 3: IT Governance and IT Strategy
    Introduction to IT Governance and IT Strategy
    IT-Related Frameworks
    IT Standards, Policies, and Procedures
    Organisational Structure
    Enterprise Architecture
    Enterprise Risk Management
    Maturity Models
    Laws, Regulations, and Industry Standards Affecting the Organisation

    Module 4:  Management
    IT Resource Management
    IT Service Provider Acquisition and Management
    IT Performance Monitoring and Reporting
    Quality Assurance and Quality Management of IT

Certified Information Systems Auditor Course Outline

  • Domain 3: Information Systems Acquisition and Development

  • Module 5: Information Systems Acquisition and Development
    Project Governance and Management
    Business Case and Feasibility Analysis
    System Development Methodologies
    Control Identification and Design
  • Module 6: Information Systems Implementation
    Testing Methodologies
    Configuration and Release Management
    System Migration, Infrastructure Deployment, and Data Conversion
    Post-Implementation Review

    Domain 4: Information Systems Operations and Business Resilience

 

  • Module 7: Information Systems Operations
    Introduction
    Common Technology Components
    IT Asset Management
    Job Scheduling and Production Process Automation
    System Interfaces
    End User Computing
    Data Governance
    System Performance Management
    Problem and Incident Management
    Change, Configuration, Release, and Patch Management
    IT Service Level Management
    Database Management
  • Module 8: Business Resilience
    Business Impact Analysis
    System Resiliency
    Data Backup, Storage, and Restoration
    Backup and Restoration
    Backup Schemes
    Business Continuity Plan
    IT Business Continuity Planning
    Disasters and Other Disruptive Events
    Business Continuity Policy
    Business Continuity Planning Incident Management
    Development of Business Continuity Plans
    Other Issues in Plan Development
    Components of a Business Continuity Plan
    Key Decision-Making Personnel
    Backup of Required Supplies
    Insurance
    Plan Testing
    Auditing Business Continuity
    Disaster Recovery Plans

    Domain 5: Protection of Information Assets

    Module 9: Information Asset Security Frameworks, Standards, and Guidelines
    Introduction to Asset Security Frameworks, Standards, and Guidelines
    Auditing the Information Security Management Framework
    Privacy Principles
    Physical Access and Environmental Controls
    Identity and Access Management
    Network and End-Point Security
    Shadow IT
    Data Classification
    Data Encryption and Encryption Related Techniques
    Symmetric Key Cryptographic Systems
    Public (Asymmetric) Key Cryptographic Systems
    Applications of Cryptographic Systems
    Public Key Infrastructure
    Web-Based Communication Technologies
    Virtualised Environments
    Mobile, Wireless, and Internet of Things

  • Module 10: Security Event Management
    Security Awareness Training and Programs
    Information System Attack Methods and Techniques
    Security Testing Tools and Techniques
    Incident Response Management
    Evidence Collection and Forensics

What’s included on this course?

Course material, Knowledge Test, Certificate of attendance
NO CISA EXAMS INCLUDED *(The exam must be booked separately through ISACA. The exams are carried out during eight-week testing windows. These are arranged for 1st May to 30th June, 1st August to 30 September, and 1st November to 31st December. Exams take place in testing centres which are located globally.)

Course Duration

  • Course duration and time (optional)
  • 3 days (delivered over Saturdays)
    9:00am – 4:00pm

Who should attend this course?

  • Participants in CISA training may include;
  • IT auditors,
  • security professionals,
  • risk managers, and
    other professionals involved in IT governance and audit.