Certified Information Systems Auditor (CISA) Certification

The CISA Certification is recognized as one of the leading credentials in the areas of IS auditing, control, and information security. This official ISACA course provides you with in-depth coverage of the CISA certification requirements, specifically the five CISA domains that are covered on the CISA Exam. These domains include auditing information systems; IT governance and management of IT; information systems acquisition, development, and implementation; information systems operations, maintenance, and support; and protection of information assets. This course is designed specifically for experienced information security professionals who are preparing to take the CISA exam.

You Will Learn How To

  • Prepare for and pass the Certified Information Systems Auditor (CISA) Exam
  • Develop and implement a risk-based IT audit strategy in compliance with IT audit standards
  • Evaluate the effectiveness of an IT governance structure
  • Ensure that the IT organizational structure and human resources (personnel) management support the organization’s strategies and objectives
  • Review the information security policies, standards, and procedures for completeness and alignment with generally accepted practices

Important Course Information

Requirements:

  • IT professionals must have 5 years or more of IS audit, control, assurance and security experience.

Exam Information:

  • Computer-Based Testing (CBT) is offered during three testing windows of eight-week durations. The windows are 1 May-30 June 2018, 1 August-30 September 2018 and 1 November-31 December 2018. With ISACA CBT exams, candidates will now receive a preliminary score report at the conclusion of their exam. Official scores will be sent to candidates via email within 10 working days of their exam.
  • The ISACA Exam Candidate Information Guide provides valuable information regarding exam day rules and information as well as exam dates and deadlines. You can find the 2018 copy at ISACA.org.

Certification Information:

  • This is an ISACA certification prep course.

Course Outline

The Process of Auditing Information Systems

  • Develop and implement a risk-based IT audit strategy
  • Plan specific audits
  • Conduct audits in accordance with IT audit standards
  • Report audit findings and make recommendations to key stakeholders
  • Conduct follow-ups or prepare status reports

IT Governance and Management of IT

  • Evaluate the effectiveness of the IT governance structure
  • Evaluate IT organizational structure and human resources (personnel) management
  • Evaluate the organization’s IT policies, standards, and procedures
  • Evaluate the adequacy of the quality management system
  • Evaluate IT management and monitoring of controls
  • Evaluate IT contracting strategies and policies, and contract management practices
  • Evaluate risk management practices
  • Evaluate the organization’s business continuity plan

Information Systems Acquisition, Development, and Implementation

  • Evaluate the business case for proposed investments in information
  • Evaluate the project management practices and controls
  • Conduct reviews to determine whether a project is progressing in accordance with project plans
  • Evaluate controls for information systems
  • Evaluate the readiness of information systems for implementation and migration into production
  • Conduct post implementation reviews of systems

Information Systems Operations, Maintenance, and Support

  • Conduct periodic reviews of information systems
  • Evaluate service level management practices
  • Evaluate third-party management practices
  • Evaluate data administration practices
  • Evaluate the use of capacity and performance monitoring tools and techniques
  • Evaluate change, configuration, and release management practices

Protection of Information Assets

  • Evaluate the information security policies, standards and procedures
  • Evaluate the design, implementation, and monitoring of system and logical security
  • Evaluate the design, implementation, and monitoring of physical access and environmental controls
  • Evaluate the processes and procedures used to store, retrieve, transport, and dispose of information assets

Please contact us for more information.


For your cybersecurity training and consulting, go with the pros at SeattlePro.