CISA Training

About Course

CISA (Certified Information Systems Auditor) Training is a comprehensive program designed to prepare professionals for careers in information systems auditing, control, and assurance. It covers essential topics such as auditing, governance, risk management, and information security, emphasizing industry best practices and standards. This training equips individuals with the knowledge and skills needed to assess, control, and secure information systems within organizations, making it a vital credential for IT auditors, risk managers, and security professionals. CISA Training typically culminates in the CISA certification, recognized globally as a mark of excellence in information systems auditing and cybersecurity.

Course Content

Module 1: The Process of Auditing Information Systems

Develop and implement a risk-based IT audit strategy
Plan specific audits
Conduct audits in accordance with IT audit standards
Report audit findings and make recommendations to key stakeholders
Conduct follow-ups or prepare status reports

Module 2: IT Governance and Management of IT

Evaluate the effectiveness of the IT governance structure
Evaluate IT organizational structure and human resources (personnel) management
Evaluate the organization’s IT policies, standards, and procedures
Evaluate the adequacy of the quality management system
Evaluate IT management and monitoring of controls
Evaluate IT contracting strategies and policies, and contract management practices
Evaluate risk management practices
Evaluate the organization’s business continuity plan

CISA Training

About Course

What Will You Learn?

Course Content

Module 1: The Process of Auditing Information Systems

Develop and implement a risk-based IT audit strategy

Plan specific audits

Conduct audits in accordance with IT audit standards

Report audit findings and make recommendations to key stakeholders

Conduct follow-ups or prepare status reports

Module 2: IT Governance and Management of IT

Evaluate the effectiveness of the IT governance structure

Evaluate IT organizational structure and human resources (personnel) management

Evaluate the organization’s IT policies, standards, and procedures

Evaluate the adequacy of the quality management system

Evaluate IT management and monitoring of controls

Evaluate IT contracting strategies and policies, and contract management practices

Evaluate risk management practices

Evaluate the organization’s business continuity plan

Module 3: Information Systems Acquisition, Development, and Implementation

Evaluate the business case for proposed investments in information

Evaluate the project management practices and controls

Conduct reviews to determine whether a project is progressing in accordance with project plans

Evaluate controls for information systems

Evaluate the readiness of information systems for implementation and migration into production

Conduct post-implementation reviews of systems

Module 4: Information Systems Operations, Maintenance, and Support

Conduct periodic reviews of information systems

Evaluate service-level management practices

Evaluate third-party management practices

Evaluate data administration practices

Evaluate the use of capacity and performance monitoring tools and techniques

Evaluate change, configuration, and release management practices

Module 5: Protection of Information Assets

Evaluate the information security policies, standards, and procedures

Evaluate the design, implementation, and monitoring of system and logical security

Evaluate the design, implementation, and monitoring of physical access and environmental controls

Evaluate the processes and procedures used to store, retrieve, transport, and dispose of information assets