CISA Prep Course

CISA is the globally recognized gold standard for IS audit, control, and assurance, in demand and valued by leading global brands. It s often a mandatory qualification for employment as an IT auditor. CISA holders have validated ability to apply a risk-based approach to planning, executing and reporting on audit engagements. This CISA training course provides you with in-depth coverage of the five CISA domains that are covered on the CISA exam. These domains include auditing information systems; IT governance and management of IT; information systems acquisition, development, and implementation; information systems operations and business resilience; and protection of information assets.

Domain 1 - Information System Auditing Process

Topics:

• IS Audit Standards, Guidelines, Functions, and Codes of Ethics
• Types of Audits, Assessments, and Reviews
• Risk-based Audit Planning
• Types of Controls and Considerations
• Audit Project Management
• Audit Testing and Sampling Methodology
• Audit Evidence Collection Techniques
• Audit Data Analytics
• Reporting and Communication Techniques
• Quality Assurance and Improvement of Audit Process

Domain 2 Governance and Management of IT

Topics

• Laws, Regulations, and Industry Standards
• Organizational Structure, IT Governance, and IT Strategy
• IT Policies, Standards, Procedures, and Guidelines
• Enterprise Architecture and Considerations
• Enterprise Risk Management (ERM)
• Privacy Program and Principles
• Data Governance and Classification
• IT Resource Management
• IT Vendor Management
• IT Performance Monitoring and Reporting
• Quality Assurance and Quality Management of IT

Domain 3 Information Systems Acquisition, Development, and Implementation

Topics:

• Project Governance and Management
• Business Case and Feasibility Analysis
• System Development Methodologies
• Control Identification and Design
• System Readiness and Implementation Testing
• Implementation Configuration and Release Management
• System Migration, Infrastructure Deployment, and Data Conversion
• Postimplementation Review

Domain 4 Information Systems Operations and Business Resilience

Topics:

• IT Components
• IT Asset Management
• Job Scheduling and Production Process Automation
• System Interfaces End-user Computing and Shadow IT
• Systems Availability and Capacity Management
• Problem and Incident Management
• IT Change, Configuration, and Patch Management
• Operational Log Management
• IT Service Level Management
• Database Management
• Business Impact Analysis
• System and Operational Resilience
• Data Backup, Storage, and Restoration
• Business Continuity Plan
• Disaster Recovery Plans

Domain 5 Protection of Information Assets

Topics:

• Information Asset Security Policies, Frameworks, Standards, and Guidelines
• Physical and Environmental Controls
• Identity and Access Management
• Network and End-Point Security
• Data Loss Prevention
• Data Encryption
• Public Key Infrastructure (PKI)
• Cloud and Virtualized Environments
• Mobile, Wireless, and Internet-of-Things Devices
• Security Awareness Training and Programs
• Information System Attack Methods and Techniques
• Security Testing Tools and Techniques
• Security Monitoring Logs, Tools, and Techniques
• Security Incident Response Management Evidence Collection and Forensics

IT professionals must have 2+ years or more of IS audit, control, assurance and security experience.

Early to mid-career professionals looking to gain recognition and enhanced credibility in interactions with internal and external stakeholders, regulators, and customers.

Job roles include:

• IT Audit Directors/Managers/Consultants
• IT and Internal Auditors
• Compliance/Risk/Privacy Directors
• IT Directors/Managers/Consultants