CISA – Certified Information Systems Auditor

Teacher

Overview

The Certified Information Systems Auditor (CISA) Training from bdtask Corporate aims to make working professionals adept at evaluating, securing and controlling complex business and IT systems in an enterprise. This CISA course will also highlight government regulations and helps devise policies with stronger internal control measures and disclosures.

CISA Certification acts as a career differentiator for security professionals or IT managers who wish to enhance their marketability and credibility. This is an ideal path for those looking at a long term career in Information Systems Auditing. This CISA course is highly recommended for IS/IT auditors, IT managers, Audit Managers, Security Managers, System Analysts, Consultants, and even CIOs and CTOs.

Target Audience

The course is suited specifically for all experienced individuals working in Information security areas which may include:

Information Security Auditors
All those aspiring to become Information Security Auditors
Information Technology or Information Systems Consultants
CIO’s
Security Consultants
Enterprise Leadership roles
Risk Management professionals

Benefits of CISA Certification

Gives an individual a competitive advantage over others non-certified but experienced professionals.
It is an easy way quantify and provides credibility to market your expertise.
Demonstrates that you have gained and maintained the level of knowledge and skills required to meet the challenges of a modern organization
Is globally recognized as the centre of excellence for the Information Security audit professional
Increases your value to your enterprise
Gives a competitive advantage over others when seeking job growth

Certified Information Systems Auditor (CISA) Course Outline:

The course content surrounds the pivotal Five Domains. The information imparted within each domain is as follows:

Domain 1: Information Systems Audit Process:

Developing a risk-based IT audit strategy
Planning specific audits
Conducting audits to IS audit standards
Implementation of risk management and control practices

Domain 2: IT Governance and Management:

Effectiveness of IT Governance structure
IT organisational structure and human resources (personnel) management
Organisation’s IT policies, standards, and procedures
Adequacy of the Quality Management System
IT management and monitoring controls
IT resource investment
IT contracting strategies and policies
Management of organisations IT-related risks
Monitoring and assurance practices
Organisation business continuity plan

Domain 3: Information Systems Acquisition, Development, and Implementation:

Business case development for IS acquisition, development, maintenance, and retirement
Project management practices and controls
Conducting reviews of project management practices
Controls for requirements, acquisition, development, and testing phases
Readiness for Information Systems
Project Plan Reviewing
Post Implementation System Reviews

Domain 4: Information Systems Operations, Maintenance, and Support:

Conduct periodic reviews of organisations objectives
Service level management
Third party management practices
Operations and end-user procedures
Process of information systems maintenance
Data administration practices determine the integrity and optimisation of databases
Use of capacity and performance monitoring tools and techniques
Problem and incident management practices
Change, configuration, and release management practices
Adequacy of backup and restore provisions
Organisation’s disaster recovery plan in the event of a disaster

Domain 5: Protection of Information Assets:

Information security policies, standards and procedures
Design, implementing, monitoring of system and logical security controls
Design, implementing, monitoring of data classification processes and procedures
Design, implementing, monitoring of physical access and environmental controls
Processes and procedures to store, retrieve, transport and dispose of information assets