1 - The Process of Auditing Information Systems Domain
Some Organizations, Laws, Standards, and Frameworks ISAAS From Governance to ProceduresKGI, CSF, KPI, and KRIALE, RTO, RPO, SDO, MTO, MTD, and AIWRisk Appetite, Tolerance, and CapacityFrom Threats to ControlsRisk ManagementSamplingIS Auditor Duties for the Process of Auditing Information Systems Domain
2 - The Governance and Management of IT Domain
Security Concepts Roles, Responsibilities, and a RACI Matrix Human Resources (HR)OutsourcingCloud ComputingCapital Expenditures and Operational ExpendituresBCP, DRP, and BIAPlan TestingEnterprise ArchitectureGovernanceInformation Security PolicyInformation Technology Management PracticesIT Organizational Structure Roles and ResponsibilitiesIS Auditor Duties for the Governance and Management of IT Domain
3 - The Information Systems Acquisition, Development, and Implementation Domain
Project Management Benefits RealizationThe Software Development Lifecycle (SDLC)Software DevelopmentE-CommerceEDIEmailElectronic MoneyIntegrated Manufacturing System (IMS)Industrial Control Systems (ICS)Artificial Intelligence and Expert SystemsBusiness Intelligence (BI)Decision Support System (DSS)Re-EngineeringOther Business ApplicationsInfrastructureManaging Change, Configuration, Patches, and ReleasesApplication ControlsIS Auditor Duties for the Information Systems Acquisition, Development, and Implementation Domain
4 - The Information Systems Operations, Maintenance, and Service Management Domain
Information Systems OperationsHardware ArchitectureOperating SystemsDatabase ManagementThird-Party SoftwareNetwork InfrastructureInternet ConceptsTelecommunicationsIS Auditor Duties for the Information Systems Operations, Maintenance, and Service Management Domain
5 - The Protection of Information Assets Domain
Asset ClassificationSecurity Awareness and TrainingExternal PartiesComputer CrimeLogical AccessRemote ConnectivityMedia HandlingNetwork SecurityFirewallsIntrusion DetectionEncryptionPenetration TestingEnvironmental IssuesData Leakage Prevention (DLP)Physical AccessIS Auditor Duties for the Protection of Information Assets Domain
Actual course outline may vary depending on offering center. Contact your sales representative for more information.
Who is it For?
The intended audience for this course is information security and IT professionals, particularly internal auditors, who are interested in earning the CISA certification. The course is also applicable to individuals who are interested in learning about information security audits, controls, and security.
To ensure your success, you should have at least five years of professional experience in information systems auditing, control, or security. You are also required to prove this level of experience to ISACA in order to obtain certification. The major areas of work experience are described in the CISA job practice domains:
- The process of auditing information systems
- Governance and management of IT
- Information systems acquisition, development, and implementation
- Information systems operations, maintenance, and service management
- Protection of information assets