CISA Certification Course

In today’s complex, fast-paced business environment, information has become the most valuable currency for enterprises around the globe. Information systems professionals play vital roles in leveraging the value and assuring the security and integrity of data that drives business.

CISA is recognized the world over as proof of competency and experience in providing assurance that critical business assets are secured and available.

Course Outline

Module 1: The Process of Auditing Information Systems

• Develop and implement a risk-based IT audit strategy

• Plan specific audits

• Conduct audits in accordance with IT audit standards

• Report audit findings and make recommendations to key stakeholders

• Conduct follow-ups or prepare status reports

Module 2: IT Governance and Management of IT

• Evaluate the effectiveness of the IT governance structure

• Evaluate IT organizational structure and human resources (personnel) management

• Evaluate the organization’s IT policies, standards, and procedures

• Evaluate the adequacy of the quality management system

• Evaluate IT management and monitoring of controls

• Evaluate IT contracting strategies and policies and contract management practices

• Evaluate risk management practices

• Evaluate the organization’s business continuity plan

Module 3: Information Systems Acquisition, Development, and Implementation

• Evaluate the business case for proposed investments in information

• Evaluate the project management practices and controls

• Conduct reviews to determine whether a project is progressing in accordance with project plans

• Evaluate controls for information systems

• Evaluate the readiness of information systems for implementation and migration into production

• Conduct post-implementation reviews of systems

Module 4: Information Systems Operations, Maintenance, and Support

• Conduct periodic reviews of information systems

• Evaluate service level management practices

• Evaluate third-party management practices

• Evaluate data administration practices

• Evaluate the use of capacity and performance monitoring tools and techniques

• Evaluate change, configuration, and release management practices

Module 5: Protection of Information Assets

• Evaluate the information security policies, standards and procedures

• Evaluate the design, implementation, and monitoring of system and logical security

• Evaluate the design, implementation, and monitoring of physical access and environmental controls

• Evaluate the processes and procedures used to store, retrieve, transport, and dispose of information assets