CISA Exam Boot Camp
About this Course
The course will begin with a review of the IS audit process based upon internationally accepted audit standards. The student will learn methods for conducting a risk assessment as well as techniques to successfully evaluate the effectiveness of Information Technology (IT) controls based upon the identified risks. Students will also become familiar with Governance, Risk Management and Compliance (GRC) from an IS auditor’s perspective. The course will also review the processes for ensuring the organizational strategies and objectives are met not only during the acquisition, development and testing phases of the systems life cycle but also during the operations and maintenances phases.
Audience Profile
Primary audience for this course are:
- IT Auditors
- Security Auditors
- Information Systems Managers
- Internal Audit Directors
- Security Analysts
- Risk Analysts
- Compliance Managers
- IT Project Managers
- Security Managers and Directors
At Course Completion
Upon course completion, students will be able to:
- Understand the fundamentals audit and risk analysis techniques
- Become familiar with audit planning
- Understand the criticality of Enterprise Risk Management (ERM) and Quality Management
- Recognize the contributions an auditor can make to basic business functions such as human resource management and contract management
- Discover how IS audit can play an important role in improving the System Development Life Cycle (SDLC) and acquisitions processes
- Understand how to identify and mitigate problems during the operations and maintenance of IT systems
- Develop processes and procedure for conducting incident management, business continuity and disaster recovery
- Understand the major tenants of IS security including confidentiality, integrity and availability
- Explore basic IT security controls including encryption, mobile security and data classification
- Discover the challenges organizations face when implementing cloud based solutions and techniques for auditing the cloud
Course Outline
1) The Process of Auditing Information Systems
Provide audit services in accordance with IT audit standards to assist the organization in protecting and controlling information systems.
- Audit process / IT audit standards
- Audit & risk
- Control objectives and controls
- Audit planning
- Audit QA
2) Governance and Management of IT
Provide assurance that the necessary leadership and organization structure and processes are in place to achieve objectives and to support the organization's strategy.
- Governance
- Roles / responsibilities
- Policies / standards / guidelines
- Enterprise Risk management
- Information Security Strategy
- Quality management
- Resource management
- Human Resources
- Contract management
- Business Continuity Planning
3) Information Systems Acquisition, Development and Implementation
Provide assurance that the practices for the acquisition, development, testing, and implementation of information systems meet the organization’s strategies and objectives.
- Benefit realization
- Project / program management
- IT architectures
- Acquisition
- Project risk analysis / management
- SDLC
- Development methodologies
- Configuration management / release management
- Migration
- Post implementation
4) Information Systems Operations, Maintenance and Support
Provide assurance that the processes for information systems operations, maintenance and support meet the organization’s strategies and objectives.
- Third parties management
- Operations
- Databases
- Capacity planning
- System interfaces
- Software
- Incident management
- Configuration Management
- Disaster Recovery Planning
- Backup & restoration
5) Protection of Information Assets
Provide assurance that the organization’s security policies, standards, procedures and controls ensure the confidentiality, integrity and availability of information assets.
- Confidentiality - Integrity - Availability
- Identification - Authentication - Authorization - Accounting
- Policies / Standards / Baselines / Guidelines
- Security awareness
- Access controls
- Controls
- Encryption
- Public Key Infrastructure
- Mobile / wireless
- Data classification
- Environmental protection
- Forensics
- VOIP security
- Social media security
Sorry! It looks like we haven’t updated our dates for the class you selected yet. There’s a quick way to find out. Contact us at 502.265.3057 or email info@training4it.com
Request a Date