CISA -Certified Information Systems Auditor
-
COURSE DATES AND LOCATIONS
DATE
Duration
LOCATION
FEES
Book Now
-
INTRODUCTION
Certified Information Systems Auditor (CISA) is one of the world’s most popular information security/information technology auditing certifications for professionals worldwide.
This 5-day Certified Information Systems Auditor (CISA) certification course validates your auditing, control, and security skills among the best in the industry.
-
COURSE OBJECTIVES
By the end of the course, you‘ll be able to:
- The required understanding and importance of continual education and training in this sphere of work
- Necessary insight into best practices to become a successful auditor
- The required knowledge, skill and confidence to successfully undertake information systems’ auditing for the organisation, thus increasing the scope for promotions and career progression
- The required standard and level of expertise required globally, thus increasing avenues for lateral growth and progression outside the organisation
-
COURSE AUDIENCE
This course is made for :
- IT Auditor
- Risk Manager
- Information Security Professional
- Systems Auditors
- Information Technology Auditors
- Information Systems Managers
-
COURSE OUTLINE
Day One
Information Systems Operations And Business Resilience:
- Information Systems Operations
- Common Technology Components
- IT Asset Management
- IT Service Level Management
- Database Management
- Data Governance
- Systems Performance Management
- Problem and Incident Management
- Change, Configuration, Release, and Patch Management
- Business Resilience
- Business Impact Analysis (BIA)
- System Resiliency
- Data Backup, Storage, and Restoration
- Business Continuity Plan (BCP)
- Disaster Recovery Plans (DRP)
- Job Scheduling and Production Process Automation
- System Interfaces
- End-User Computing
Day Two
Information Systems Auditing Process:
- Planning
- Types of Audits and Assessments
- Execution
- Audit Project Management
- Sampling Methodology
- IS Audit Standards, Guidelines, and Codes of Ethics
- Business Processes
- Types of Controls
- Risk-Based Audit Planning
- Audit Evidence Collection Techniques
- Data Analytics
- Reporting and Communication Techniques
Day Three
Protection of Information Assets:
- Information System Attack Methods and Techniques
- Security Testing Tools and Techniques
- Security Monitoring Tools and Techniques
- Privacy Principles
- Physical Access and Environmental Controls
- Identity and Access Management
- Network and End-Point Security
- Data Classification
- Data Encryption and Encryption-Related Techniques
- Public Key Infrastructure (PKI)
- Web-Based Communication Techniques
- Information Asset Security and Control
- Information Asset Security Frameworks, Standards, and Guidelines
- Virtualized Environments
- Mobile, Wireless, and Internet-of-Things (IoT) Devices
- Security Event Management
- Security Awareness Training and Programs
- Incident Response Management
- Evidence Collection and Forensics
- Supporting Tasks
Day Four
Governance and Management of IT:
- IT Performance Monitoring and Reporting
- Quality Assurance and Quality Management of IT
- IT Governance and IT Strategy
- IT-Related Frameworks
- IT Governance
- Enterprise Risk Management
- Maturity Models
- Laws, Regulations, and Industry Standards affecting the Organization
- IT Standards, Policies, and Procedures
- Organizational Structure
- Enterprise Architecture
- IT Management
- IT Resource Management
- IT Service Provider Acquisition and Management
Day Five
Information Systems Acquisition Development and Implementation:
- Information Systems Acquisition and Development
- Testing Methodologies
- Configuration and Release Management
- System Migration, Infrastructure
- Information Systems Implementation
- Deployment, and Data Conversion
- Post-implementation Review
- Project Governance and Management
- Business Case and Feasibility Analysis
- System Development Methodologies
- Control Identification and Design
Keyword
Training Subject
Training Location