Certified Information Systems Auditor (CISA)
The CISA program certifies individuals in the IS audit, control and security profession. The CISA qualification is offered by ISACA and is conducted at over 140 locations in 45 countries.
The course cover 5 domains that IS auditor need to be aware of:
-
Domain 1: The process of auditing information systems
-
Domain 2: Governance and management of IT
-
Domain 3: Information systems acquisition, development, and implementation
-
Domain 4: Information systems operations, maintenance and support
-
Domain 5: Protection of information
Course Curriculum
Introduction
1.Introduction
2. Students Feedback
3. Your Instructor
4. Student Portal
5. Real Projects
6. CISA Certification
7. CISA Exam
8. CISA Course Outline
Introduction to IT Audit
Case Study
ISO 27001
Important Defination
IS Auditor
ITAF Standard
Types of External Audits
Compensating Controls
Background
Background needed
GRC- Governance, Risk, Compliance
Senior Management and GRC
Senior Management and Risk
Organization Structure
Domain 1: The Process of Auditing Information Systems
The process of Audit IS
IS Audit Report and Presentation samples
Information Asset Register
Audit Risk Assessment
Audit Planning and management
Document Control
Scenario 1
Business process
Law and regulation
Evidence
Sampling
Reporting and communication
Domain 2: Governance and Management of IT
Governance and Management of IT
IT Governance
Information System Strategy
IT Organization
Maintenance of Policies and Procedures
Policy and Procedures Resources
Legal Compliance
Quality Management system
Maturity Models
CMMI - Capability Maturity Model Integrated
Process optimization
IT Investment Practices
IT Supplier Selection
Make or Buy decision
Risk Management
Business Continuity Plan
Business Impact Analysis
Domain 3: Information Systems Acquisition, Development and Implementation
Information Systems Acquisition, Development and Implementation
Project Governance
Important PM Definition
Types of Organization
Project Management
Architecture
Procurement Management
Plan Procurement Management
Requirement Management
Configuration and Change Management
Domain 4: Information Systems Operations, Maintenance and Support
Information Systems Operations, Maintenance and Support
Service Level Management
Hardware, Software and Network
Software Licensing
Capacity Management
Incident Management
Incident Report Form
Backup
Disaster Recovery Plans
Alternative Sites
Domain 5: Protection of Information Assets
Protection of Information Assets
Access Control
Network Security
Cryptography
Physical security
Operations Security