CISA Certified Information Systems Auditor

CISA is an independent and the most prestige IT auditor’s certification. CISA course provides an in-depth knowledge to delegates about how to audit, control, monitor and assess the business systems and organisation’s information technology. The training provides knowledge to the delegates related to the security techniques as well as prepare the delegates for the CISA exam and build their skill sets to move forward in real-world computing careers. The training provides theoretic knowledge as well as practical skills in an IT audit.

The CISA training will enhance understanding of IS audit processes and also help the delegates to understand how to protect information systems. The delegates will understand about the fundamentals of audit of information security and information risk management.

Throughout the training, the delegates will understand the five domains of Information Security Auditing. The training provides a complete understanding to the delegates about these aspects to pass the CISA exam and use their certification in the workplace. The five domains are as follows:

• The Process of Auditing Information Systems
• Governance & Management of IT
• Information Systems Acquisition, Development, and Implementation
• Information Systems Operations, Maintenance, and Support
• Protection of Information Assets

Exam

After completing the training, the delegates will have to pass the exam to get CISA certified. At the end of the training, our trainer will provide all the details related to the exam.

Exam pattern

• 200 multiple choice questions
• Duration of Exam: 4 Hours
• A pass mark of 450/800

Overview of Information Systems Audit Process

• Developing a Risk-Based IT Audit Strategy
• Planning Specific Audits
• Conducting Audits to IS Audit Standards
• Implementation of Risk Management and Control Practices

IT Governance and Management

• Effectiveness of IT Governance Structure
• IT Organisational Structure and Human Resources (Personnel) Management
• Organisation’s IT Policies, Standards, and Procedures
• Adequacy of the Quality Management System
• IT Management and Monitoring Controls
• IT Resource Investment
• IT Contracting Strategies and Policies
• Management of Organisations IT-Related Risks
• Monitoring and Assurance Practices
• Organisation Business Continuity Plan

Information Systems Operations, Maintenance and Support

• Conduct Periodic Reviews of Organisations Objectives
• Service Level Management
• Third Party Management Practices
• Operations and End-User Procedures
• Process of Information Systems Maintenance
• Data Administration Practices Determine the Integrity and Optimisation of Databases
• Performance Monitoring Tools and Techniques
• Problem and Incident Management Practices
• Change, Configuration, and Release Management Practices
• Adequacy of Backup and Restore Provisions
• Organisation’s Disaster Recovery Plan in the Event of a Disaster

Information Systems Acquisition, Development, and Implementation

• Business Case Development for IS Acquisition, Development, Maintenance, and Retirement
• Project Management Practices and Controls
• Conducting Reviews of Project Management Practices
• Controls for Requirements, Acquisition, Development, and Testing Phases
• Readiness for Information Systems
• Project Plan Reviewing
• Post Implementation System Reviews

Protection of Information Assets

• Information Security Policies, Standards and Procedures
• Design, Implementing, Monitoring of System and Logical Security Controls
• Design, Implementing, Monitoring of Data Classification Processes and Procedures
• Design, Implementing, Monitoring of Physical Access and Environmental Controls
• Processes and Procedures to Store, Retrieve, Transport and Dispose of Information Assets