Certified Information Security Auditor (CISA)

Certified Information Security Auditor (CISA) is a globally acknowledged certification, which builds upon the previous experience of IS professionals, to produce valuable employees who possess exceptional knowledge of Information Systems Auditing, Control, and Security. During this CISA training course, delegates will be exposed to the Five Domains of Information Security Auditing.

Interested in attending? Have a suggestion about running this event near you?
Register your interest now

Description

Module 1: Information Systems Audit Process

Lessons:

  • Developing a risk-based IT audit strategy
  • Planning specific audits
  • Conducting audits to IS audit standards
  • Implementation of risk management and control practices

Module 2:  IT Governance and Management

Lessons:

  • Effectiveness of IT Governance structure
  • IT organisational structure and human resources (personnel) management
  • Organisation’s IT policies, standards, and procedures
  • Adequacy of the Quality Management System
  • IT management and monitoring controls
  • IT resource investment
  • IT contracting strategies and policies
  • Management of organisations IT-related risks
  • Monitoring and assurance practices
  • Organisation business continuity plan

Module 3:  Information Systems Acquisition, Development, and Implementation

Lessons:

  • Business case development for IS acquisition, development, maintenance, and retirement
  • Project management practices and controls
  • Conducting reviews of project management practices
  • Controls for requirements, acquisition, development, and testing phases
  • Readiness for Information Systems
  • Project Plan Reviewing
  • Post Implementation System Reviews

Module 4: Information Systems Operations, Maintenance, and Support

Lessons:

  • Conduct periodic reviews of organisations objectives
  • Service level management
  • Third party management practices
  • Operations and end-user procedures
  • Process of information systems maintenance
  • Data administration practices determine the integrity and optimisation of databases
  • Use of capacity and performance monitoring tools and techniques
  • Problem and incident management practices
  • Change, configuration, and release management practices
  • Adequacy of backup and restore provisions
  • Organisation’s disaster recovery plan in the event of a disaster

Module 5: Protection of Information Assets

Lessons:

  • Information security policies, standards and procedures
  • Design, implementing, monitoring of system and logical security controls
  • Design, implementing, monitoring of data classification processes and procedures
  • Design, implementing, monitoring of physical access and environmental controls
  • Processes and procedures to store, retrieve, transport and dispose of information assets

Audience Profile

  • IS/IT auditors/consultants
  • IT compliance managers
  • Chief Compliance Officers
  • Chief risk & privacy officers
  • Security heads/directors
  • Security managers/architects

Prerequisites

There are no prerequisites to learn CISA from this tutorial. However, to get the CISA certification you need to:

  • Pass the CISA examination
  • Submit an application for CISA certification
  • Adhere to the Code of Professional Ethics
  • Dedicate to the Continuing Professional Education Program
  • Compliance with the Information Systems Auditing Standards

Subscribe to Newsletter

Enter your email address to register to our newsletter subscription delivered on regular basis! 

CONTACT US     ABOUT     PRIVACY   BLOG

© Copyright ICSI, Limited
(International CyberSecurity Institute) 2023