Certified Information Systems Auditor (CISA) Training & Certification

Enhance your career by earning CISA—world-renowned as the standard of achievement for those who audit, control, monitor and assess information technology and business systems. The CISA designation is a globally recognized certification for IS audit control, assurance and security professionals. Being CISA-certified showcases your audit experience, skills and knowledge, and demonstrates you are capable to manage vulnerabilities, ensure compliance and institute controls within the enterprise.

The Benefits of CISA:

Enterprises demand IS audit professionals that possess the knowledge and expertise to help them identify critical issues and customize practices to support trust in and value from information systems.

The skills and practices that CISA promotes and evaluates are the building blocks of success in the field. Possessing the CISA demonstrates proficiency and is the basis for measurement in the profession.

What you’ll learn
 

In depth coverage of the five domains required to pass the CISA exam.

Module 1—CISA: The Process of Auditing Information Systems

This module provides a review of the knowledge required to comply with the information systems (IS) audit standards, guidelines and best practices in the provision of IS audit services. These services help organizations protect and control their information and business systems.

Topics include:

• ISACA IT Audit and Assurance Standards, Guidelines and Tools and Techniques
• Risk assessment in an audit context
• Control Objectives related to information systems
• Audit planning and management techniques
• Gathering information and preserving evidence
• Reporting and communication techniques
• Control Objectives and IS-Related Controls
• Risk Assessment in an Audit Context
• Audit Planning and Management Techniques
• Reporting and Communication Techniques
• Control Self-Assessment

Module 2—CISA's Role in IT Governance

This module provides a review of the development of sound control practices and mechanisms for management oversight and review required of an information systems (IS) audit/assurance professional who is responsible for providing assurance that an organization has the structure, policies, accountability mechanisms and monitoring practices in place to achieve the requirements of IT governance.

Topics include:

• IT Governance Frameworks
• IT strategy, policies, standards and procedures
• Organizational structure roles and responsibilities related to IT
• Quality Management systems
• Maturity and business process re-engineering models
• IT contracting strategies
• Enterprise risk management
• Process Improvement Models
• IT Contracting Strategies
• Monitoring and Reporting IT Performance
• IT Human Resource Management
• Business impact analysis
• Business continuity planning

Module 3—CISA's Role in Systems and Infrastructure Life Cycle Management

This module provides a review of the methodologies and processes organizations employ when they develop and change application systems and infrastructure components.

Topics include:

• Benefits realization practices
• Project governance mechanisms
• Project management control frameworks, practices and tools
• Risk management practices
• Requirements analysis and management practices
• System development methodologies and tools
• Configuration and release management
• System migration and infrastructure deployment practices
• Post-implementation review objectives and practices

Module 4—CISA's Role in IT Service Delivery and Support

This module provides a review of some of the methodologies and processes organizations employ when they develop and change application systems and infrastructure components.  Also, this module will cover the practices and knowledge required of an information systems (IS) audit/assurance professional who is responsible for providing assurance that, in the event of a disruption, the business continuity and disaster recovery processes will ensure the timely resumption of IT services, while minimizing the business impact.

Topics include:

• Service level management practices
• Operations management
• Technology concepts related to networks, system software and database management systems
• System resiliency tools and techniques
• Database administration practices
• Capacity planning and monitoring techniques
• Problem and incident management practices
• Disaster recovery plans and testing methods

Module 5—CISA's Role in Protection of Information Assets

This module provides a review of the key components an auditor must be aware of to evaluate and ensure an organization's confidentiality, integrity, and availability (CIA) of information assets including logical and physical access controls, network infrastructure security, environmental controls and other processes and procedures used to maintain security of confidential information assets.

Topics include:

• Security controls
• Security incidents 
• Logical access controls
• Network security controls
• Network and Internet security 
• Attack methods and techniques
• Security testing techniques
• Encryption related technologies
• PKI components and digital signature techniques 
• Security of mobile and wireless devices
• Voice communications security
• Data classification schemes
• Physical access controls
• Environmental protection devices
• Process and procedures for information assets

Trainers