This 5-day course prepares the CISA® Certified Information Systems Auditor exam by covering the entire Common Body of Knowledge (CBK) course, a common core of knowledge in security defined by the ISACA® Information Systems Audit and Control Association. CISA certification is recognized around the world. It is aligned with the 27th Edition of the CBK, updated for 2019 Job Practice
(CISA) Certified Information Systems Auditor
Voor wie is deze cursus?
- Information System Directors
- Auditors,
- Responsible for Business Continuity
- CISO
- people for which the control of Information Security is fundamental in achieving their goals
Vereisten
Basic Knowledge in the Information System
- Know the five major areas covered by CISA® certification
- Understand the concepts of IT audit and IT governance
- Preparing the CISA Certification Exam, ISACA Certified Security Auditor
A 5-Year experience is required to obtain CISA certification after passing the exam. You can still take the exam first, and must register on the ISACA website.
CHAPTER 1: INFORMATION SYSTEM AUDITING PROCESS
Part A: Planning
- IS Audit Standards, Guidelines and Code of Ethics
- Business Processes
- Type of controls
- Risk-Based Audit Planning
- Types of audits and Assessments
Part B: Execution
- Audit Project Management
- Sampling Methodology
- Audit Evidence Collection Techniques
- Data Analytics
- Reporting and communication Techniques
- Quality Assurance and Improvement of the Audit Process
Exercises: Multiple Choices Questions from previous CISA sessions (or comparable exams)
CHAPTER 2: GOVERNANCE AND MANAGEMENT OF IT
Part A: IT Governance
- IT governance and IT Strategy
- IT-related frameworks
- IT Standards, Policies and Procedure
- Organizational Structure
- Enterprise Architecture
- Enterprise Risk Management
- Maturity Models
- Laws, Regulations and Industry Standards Affecting the organization
Part B: IT Management
- IT Resource Management
- IT Service Provider Acquisition and Management
- IT Performance Monitoring and Reporting
- Quality Assurance and Quality Management of IT
Exercises: Multiple Choices Questions from previous CISA sessions (or comparable exams)
CHAPTER 3: INFORMATION SYSTEMS ACQUISITION, DEVELOPMENT AND IMPLEMENTATION
Part A: Information Systems Acquisition and Development
- Project Governance and Management
- Business Case and Feasibility Analysis
- System Development Methodologies
- Control Identification and Design
Part B: Information System Implementation
- Testing Methodologies
- System Migration, Infrastructure Deployment and Data Conversion
- Post-implementation Review
Exercises: Multiple Choices Questions from previous CISA sessions (or comparable exams)
CHAPTER 4: INFORMATION SYSTEMS OPERATIONS AND BUSINESS RESILIENCE
Part A: Information Systems Operations
Common Technology Components
IT Asset Management
- Job Scheduling and Production Process Automation
- System interfaces
- End-User Computing
- Data Governance
- System Performance Management
- Problem and Incident Management
- Change, Configuration, Release and Patch Management
- IT Service Level Management
- Database Management
Part B: Business Resilience
- Business Impact Analysis
- System resiliency
- Data Backup, Storage and Restoration
- Business Continuity Plan
- Disaster Recovery Plan
Exercise: Multiple Choices Questions from previous CISA sessions (or comparable exams)
CHAPTER 5: PROTECTION OF INFORMATION ASSETS
Part A: Information Asset Security and Control
- Information Asset Security Frameworks, Standard and Guidelines
- Privacy Principles
- Physical Access and Environmental Controls
- Identity and Access Management
- Network and Endpoint Security
- Data Classification
- Data Encryption and Encryption-related Techniques
- Public Key Infrastructure
- Web-based Communication Technologies
- Virtualized environment
- Mobile, Wireless and Internet-of-things Devices
Part B: Security Event Management
- Security Awareness Training and Programs
- Information System Attack Methods and Techniques
- Security Testing Tools and Techniques
- Security Monitoring Tools and Techniques
- Incident Response Management
- Evidence Collection and Forensics
Exercises: Multiple Choices Questions from previous CISA sessions (or comparable exams)
PREPARATION TO THE EXAM
- Blank Exam – Partial simulation of the examination carried out at the end of the training.
- Registration to be made on the site www.isaca.org, the closing of the registrations is done 2 months before the date of the examination.
- Presentation of the event: 4 hours of multiples choice questions with 150 questions to be chosen beforehand in French or in English.