CISA Course - Training and Certification
Certified Information System Auditor (CISA) course which gives exposure and expertise to the foundation of Audit and Security. .
About CISA Certification Course
CISA (Certified Information Systems Auditor) Course is an entry to mid-level professional certification. Having a CISA Certification will validate your skills and expertise in a risk-based approach. The knowledge gained during the training will help in planning, executing, and reporting in audit management. CISA Course will provide a valid and reliable means to incorporate privacy by designs, products, platforms, and processes to help an organisation manage cost and work efficiency goals.
Accredited by :
Prerequisite
There are no prerequisites for attending the Certified Information System Auditor (CISA®) program; however, a minimum of 5 years of experience in IS/IT Audit, Control, Security, and Assurance is required to earn the CISA® Certification.
CISA Course Curriculum
Certified Information Systems Auditor (CISA) - 5 Days (40 Hours)
1. The Process of Auditing Information Systemsile
- ISACA Information Systems Auditing Standards and Guidelines
- Fundamental Business Processes
- Develop and Implement an Information Systems Audit Strategy
- Plan Audit
- Conduct an Audit
- The Evidence Life Cycle
- Communicate Issues, Risks, and Audit Results
- Support the Implementation of Risk Management and Control Practices
2. IT Governance and Management
- Evaluate the Effectiveness of IT Governance
- Evaluate the IT Organizational Structure and HR Management
- Evaluate the IT Strategy and Direction
- Evaluate IT Policies, Standards, and Procedures
- Evaluate the Effectiveness of Quality Management Systems
- Evaluate IT Management and Monitoring of Controls
- IT Resource Investment, Use, and Allocation Practices
- Evaluate IT Contracting Strategies and Policies
- Evaluate Risk Management Practices
- Performance Monitoring and Assurance Practices
- Evaluate the organisation’s Business Continuity Plan
3. Information Systems Acquisition, Development & Implementation
- Evaluate the Business Case for Change
- Evaluate Project Management Frameworks and Governance Practices
- Development Life Cycle Management
- Perform Periodic Project Reviews
- Evaluate Control Mechanisms for Systems
- Evaluate Development and Testing Processes
- Evaluate Implementation Readiness
- Evaluate a System Migration
- Perform a Post-Implementation System Review
4. Information Systems Operations, Maintenance & Support
- Perform Periodic System Reviews
- Evaluate Service Level Management Practices
- Evaluate Third-Party Management Practices
- Evaluate Operations and End User Management Practices
- Evaluate the Maintenance Process
- Evaluate Data Administration Practices
- Evaluate the Use of Capacity and Performance Monitoring Methods
- Evaluate Change, Configuration, and Release Management Practices
- Evaluate Problem and Incident Management Practices
- Evaluate the Adequacy of Backup and Restore Provisions
5. Protection of Information Assets
- Information Security Design
- Encryption Basics
- Evaluate the Functionality of the IT Infrastructure
- Evaluate Network Infrastructure Security
- Evaluate the Design, Implementation, and Monitoring of Logical Access Controls
- Risks and Controls of Virtualisation
- Evaluate the Design, Implementation, and Monitoring of Data Classification Process
- Evaluate the Design, Implementation, and Monitoring of Physical Access Controls
- Evaluate the Design, Implementation, and Monitoring of Environmental Controls
Exam Info
- LEVEL: standard-level certification course
- Re-Certification Required: Yes
- Pass Mark: 400 (50%)
- Total no. of questions: 150 questions
- Negative Marking: No
- Duration of exam: 4 hrs
Skills You Learn
- Governance and IT management
- Information Systems acquisition development and implementation
- Information Systems operations maintenance and service management
- Auditing Information Systems
- Vulnerability assessment and identification
- Information asset protection
Skills You Learn
- Governance and IT management
- Information Systems acquisition development and implementation
- Information Systems operations maintenance and service management
- Auditing Information Systems
- Vulnerability assessment and identification
- Information asset protection
