The course will begin with a review of the IS audit process based upon internationally accepted audit standards. The student will learn methods for conducting a risk assessment as well as techniques to successfully evaluate the effectiveness of Information Technology (IT) controls based upon the identified risks. Students will also become familiar with Governance, Risk Management and Compliance (GRC) from an IS auditor’s perspective. The course will also review the processes for ensuring the organizational strategies and objectives are met not only during the acquisition, development and testing phases of the systems life cycle but also during the operations and maintenances phases.
While designed to review the IS audit processes and procedures, this course has a focus on preparing candidates to sit for the CISA certification examination. This focus will include practice exams and question analysis to aid students in figuring out exactly what the questions are asking and how to answer them.
- Upcoming Dates and Locations
Guaranteed To Run
- Course Outline
Part 1: The Process of Auditing Information Systems
Provide audit services in accordance with IT audit standards to assist the organization in protecting and controlling information systems.
- Audit process / IT audit standards
- Audit & risk
- Control objectives and controls
- Audit planning
- Audit QA
Part 2: Governance and Management of IT
Provide assurance that the necessary leadership and organization structure and processes are in place to achieve objectives and to support the organization's strategy.
- Roles / responsibilities
- Policies / standards / guidelines
- Enterprise Risk management
- Information Security Strategy
- Quality management
- Resource management
- Human Resources
- Contract management
- Business Continuity Planning
Part 3: Information Systems Acquisition, Development, and Implementation
Provide assurance that the practices for the acquisition, development, testing, and implementation of information systems meet the organization’s strategies and objectives.
- Benefit realization
- Project/program management
- IT architectures
- Project risk analysis/management
- Development methodologies
- Configuration management / release management
Part 4: Information Systems Operations, Maintenance, and Support
Provide assurance that the processes for information systems operations, maintenance, and support meet the organization’s strategies and objectives.
- Third parties management
- Capacity planning
- System interfaces
- Incident management
- Configuration Management
- Disaster Recovery Planning
- Backup & restoration
Part 5: Protection of Information Assets
Provide assurance that the organization’s security policies, standards, procedures, and controls ensure the confidentiality, integrity, and availability of information assets.
- Confidentiality - Integrity - Availability
- Identification - Authentication - Authorization - Accounting
- Policies / Standards / Baselines / Guidelines
- Security awareness
- Access controls
- Public Key Infrastructure
- Mobile / wireless
- Data classification
- Environmental protection
- VOIP security
- Social media security
- Who should attend
- IT Auditors
- Security Auditors
- Information Systems Managers
- Internal Audit Directors
- Security Analysts
- Risk Analysts
- Compliance Managers
- IT Project Managers
- Security Managers and Directors
- Bonus Materials
Pass ISACA's CISM exam – guaranteed
If you take the CISA® exam within four weeks of taking this course and do not pass, send us the score report and you may attend another CISA Exam Boot Camp session within one year at no additional cost.