Certified Information Systems Auditor Training (CISA)
Certified Information Systems Auditor Training (CISA) Course – Hands-on
The CISA designation is a globally recognized certification for IS audit control, assurance and security professionals.
An ISACA Certified Information Systems Auditor is recognized as one of the leading authorities in the areas of IS auditing, control, and information security. This Certified Information Systems Auditor Training (CISA) course provides you with in-depth coverage of the five CISA domains that are covered on the CISA exam. These domains include auditing information systems; IT governance and management; information systems acquisition, development, and implementation; information systems operations, maintenance, and support; and protection of information assets.
In today’s complex, fast-paced business environment, information has become the most valuable currency for enterprises around the globe. Information systems professionals play vital roles in leveraging the value and assuring the security and integrity of data that drives business. CISA is recognized the world over as proof of competency and experience in providing assurance that critical business assets are secured and available.
- CISA affirms your credibility to offer conclusions on the state of an organization’s IS/IT security, risk and control solutions.
- CISA confirms to stakeholders your abilities to identify critical issues and recommend enterprise specific practices to support and safeguard the governance of information and related technologies.
- CISA offers proof of your competency in IT controls and your understanding of how IT relates to business.
- CISA assures your understanding of policies, standards, procedures, and controls to ensure the confidentiality, integrity, and availability of information assets.
This Certified Information Systems Auditor Training (CISA) course supports a certification that is a DoD Approved 8570 Baseline Certification and meets DoD 8140/8570 training requirements.
Your Registration Includes
- 4 Days of CISA Training from an Authorized ISACA Instructor
- ISACA issued CISA Training Courseware / Review Manual
- ISACA issued CISA Review Questions, Answers & Explanations (6-Month Subscription)
Certified Information Systems Auditor Training (CISA) Course – Customize it
- We can adapt this Certified Information Systems Auditor Training (CISA) course to your group’s background and work requirements at little to no added cost.
- If you are familiar with some aspects of this Certified Information Systems Auditor Training (CISA) course, we can omit or shorten their discussion.
- We can adjust the emphasis placed on the various topics or build the Certified Information Systems Auditor Training (CISA) around the mix of technologies of interest to you (including technologies other than those included in this outline).
- If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the Certified Information Systems Auditor Training (CISA) course in manner understandable to lay audiences.
Certified Information Systems Auditor Training (CISA) Course – Audience/Target Group
The intended audience for the Certified Information Systems Auditor Training (CISA) program is professionals with work experience in information systems auditing, control or security. Sample job titles might include:
- IS/IT Auditors
- IS/IT Consultants
- Security Professionals
- IS/IT Audit Managers
Certified Information Systems Auditor Training (CISA) Course – Objectives:
This official CISA training seminar has a total of seven primary sections. All seven sections will collectively help you prepare for the CISA certification exam while also enhancing your overall competencies in auditing, controlling, monitoring and assessing information technology and business systems. The seven primary sections you will cover are the following:
- General Information Regarding the Exam
- CISA Domain 1: The Process of Auditing Information Systems
- CISA Domain 2: Governance and Management of IT
- CISA Domain 3: Information Systems Acquisition, Development, and Implementation
- CISA Domain 4: Information Systems Operations, Maintenance and Service Management
- CISA Domain 5: Protection of Information Assets
- Exam Practice / Preparation (Sample Exam)
Participants in the CISA training program will be provided instruction designed to provide the following:
- An understanding of the format and structure of the CISA certification exam.
- A knowledge of the various topics and technical areas covered by the exam.
- Practice with specific strategies, tips, and techniques for taking and passing the exam.
- Opportunities to execute practice questions with debriefs of answers.
Certified Information Systems Auditor (CISA)
Domain 1 – The process of Auditing Information Systems (21%)
Domain 2 – Governance and Management of IT (16%)
Domain 3 – Information Systems Acquisition, Development, and Implementation (18%)
Domain 4 – Information Systems Operation, Maintenance, and Service Management (20%)
Domain 5 – Protection of Information Assets (25%)
- All ISACA certification exams consist of 150 multiple choice questions that cover the respective job practice areas created from the most recent job practice analysis.
- You have 4 hours to complete the exam.
Certified Information Systems Auditor Training (CISA) – Course Content
The Process of Auditing Information Systems
- Develop and implement a risk-based IT audit strategy
- Plan specific audits
- Conduct audits in accordance with IT audit standards
- Report audit findings and make recommendations to key stakeholders
- Conduct follow-ups or prepare status reports
IT Governance and Management of IT
- Evaluate the effectiveness of the IT governance structure
- Evaluate IT organizational structure and human resources (personnel) management
- Evaluate the organization’s IT policies, standards, and procedures
- Evaluate the adequacy of the quality management system
- Evaluate IT management and monitoring of controls
- Evaluate IT contracting strategies and policies, and contract management practices
- Evaluate risk management practices
- Evaluate the organization’s business continuity plan
Information Systems Acquisition, Development, and Implementation
- Evaluate the business case for proposed investments in information
- Evaluate the project management practices and controls
- Conduct reviews to determine whether a project is progressing in accordance with project plans
- Evaluate controls for information systems
- Evaluate the readiness of information systems for implementation and migration into production
- Conduct post implementation reviews of systems
Information Systems Operations, Maintenance, and Support
- Conduct periodic reviews of information systems
- Evaluate service level management practices
- Evaluate third-party management practices
- Evaluate data administration practices
- Evaluate the use of capacity and performance monitoring tools and techniques
- Evaluate change, configuration, and release management practices
Protection of Information Assets
- Evaluate the information security policies, standards and procedures
- Evaluate the design, implementation, and monitoring of system and logical security
- Evaluate the design, implementation, and monitoring of physical access and environmental controls
- Evaluate the processes and procedures used to store, retrieve, transport, and dispose of information assets