CISA Certified Information Systems Auditor

Master the skills required to conduct IS audits in an organization

ABOUT THE PROGRAM

CISA is issued by ISACA and is specially designed for those who manage, monitor and protect IT operations through auditing. This training will enable delegates to understand all the concepts and terminology used in the exam so that they can easily complete the exam. Over time, CISA has become a valuable and popular certification in the industry. The figure below depicts the latest statistics for individuals with CISA certificates.

CISA Certified Information Systems Auditor Enquiry

 

Enquire Now


----- OR -------

Reach us at +19661254487 or info@thehubofknowledge.com for more information.

PREREQUISITES

Professionals who want to participate in this course must have many years of experience in the IS audit field.

TARGET AUDIENCE

Identify and implement risk-based strategies based on IT audit standards Understand vulnerabilities, report compliance and institutional controls Understand the 5 areas of CISA Obtain the skills and knowledge required to pass the CISA certification exam Discover the guidelines, standards and best practices for information system audit

WHAT WILL YOU LEARN?

Identify and implement a risk-based strategy based on the standards of IT audit
Get to know about the vulnerabilities, reporting on compliance and institutional controls
Learn about the 5 domains of CISA
Achieve the skills and knowledge required to clear the exam for CISA certification
Discover guidelines, standards and best practices for Information System Audit

PROGRAM OVERVIEW

The CISA-certified information system auditor course covers five areas of information security audit. These are the foundations of CISA, and it is recommended that representatives have a complete understanding of these characteristics in order to pass the exam. Each area has multiple topics, which provide comprehensive knowledge about the focus area.

 

Exam

CISA Certified Information Systems Auditor course will have the following exam pattern:

  • 200 multiple choice questions
  • Exam Duration- 4 hours
  • Passing marks- 450/800

PROGRAM CONTENT

IS Audit Process

  • Task and Knowledge Statements
  • Executive Misconduct and Relevant Regulations
  • Regulatory Objectives
  • Threats and Vulnerabilities
  • Leadership through Governance
  • Policies, Standards, Guidelines and Procedures
  • Professional Ethics
  • Purpose of an Audit
  • Implement Audit Standards
  • The Executive Position of Auditor
  • Corporate Organisational Structure
  • Control audits to IS standards
  • Develop risk-based IT audit strategy
  • Implement risk management and monitor practices

Governance and Management of IT

  • Manage IT Governance
  • Effectiveness of IT Governance Structure
  • Tactical Management
  • IT organisational structure and human resources
  • Organisation’s policies, standards and procedures
  • Adequacy of the quality management system
  • IT management and monitoring
  • IT contracting strategies and policies
  • Resource investment of IT
  • Work with IT-related risks of organisation
  • Business Process Re-engineering
  • Operations Management
  • Follow-up to and assurance practices
  • Team business continuity plan

Acquisition, Development, and Implementation of IS

  • Business case development for IS acquisition
  • IS development, maintenance and departure
  • Project management practices and controls
  • Audit Process
  • Performing the Audit
  • Gather Audit Evidence
  • Conduct Audit Evidence Testing
  • Report Findings and Conduct Follow-Up
  • Requirement of Control, acquisition, development and test phases
  • Readiness for informing system
  • Project plan reviewing
  • Post-implementation system reviews

Operation, Maintenance, and Support of IS

  • Conduct reviews of organisational objectives
  • Service level management
  • Third party management practices
  • System Implementation and Operations
  • Understanding IT Services
  • IT Operations Management
  • Administrative Protection
  • Data administration practices for determining integrity and optimising databases
  • Use of capacity and performance monitoring tools & techniques
  • Problem Management practices
  • Change, configuration and release management practices
  • Backup and restore provisions
  • Control Controls Status
  • Implement Physical Protection
  • Organisation’s disaster recovery plan

Assets Protection and Information

  • Protection of Information Assets
  • Technical Protection part
  • Information security policies, standards and procedures
  • System and logical security controls- design, implement and monitor
  • Designing and monitoring of data classification processes and procedures
  • Design, implementation and monitoring
  • Information asset’s storage, retrieval, transport and disposing of