Certified Information Security Auditor (CISA)

DOWNLOAD PDF

Prepare to obtain the Certified Information Systems Auditor® (CISA) certification and be recognized among the world’s most-qualified information systems professionals. The CISA Online Review Course provides online, on-demand instruction and is ideal for preparing you and fellow audit, assurance, control, security and cyber security professionals for the CISA certification exam. The course covers all five of the CISA domains, and each section corresponds directly to the CISA job practice.

Course Objectives

  • Gain a better understanding of IS audit and assurance guidelines and standards.
  • Develop a working knowledge of the five domains of CISA.
Enquiry
Fee15000/=
TypeOnline/Offline
Module5
Duration40 Hours
Session20
Per Class2 Hours

Details Course Outlines

Domain 1—INFORMATION SYSTEMS AUDITING PROCESS - (21%)

Module-01

A. Planning

  • IS Audit Standards, Guidelines, and Codes of Ethics
  • Business Processes
  • Types of Controls
  • Risk-Based Audit Planning
  • Types of Audits and Assessments

Module-02

B. Execution

  • Audit Project Management
  • Sampling Methodology
  • Audit Evidence Collection Techniques
  • Data Analytics
  • Reporting and Communication Techniques
  • Quality Assurance and Improvement of the Audit Process

Domain 2—Governance and Management of IT - (17%)

Module-03

A. IT Governance

  • IT Governance and IT Strategy
  • IT-Related Frameworks
  • IT Standards, Policies, and Procedures
  • Organizational Structure
  • Enterprise Architecture
  • Enterprise Risk Management
  • Maturity Models
  • Laws, Regulations, and Industry Standards affecting the Organization

Module-04

B. IT Management

  • IT Resource Management
  • IT Service Provider Acquisition and Management
  • IT Performance Monitoring and Reporting
  • Quality Assurance and Quality Management of IT

Domain 3—Information Systems Acquisition, Development and Implementation - (12%)

Module-05

Identity and Access Management (IAM)

  • Control physical and logical access to assets
  • Manage identification and authentication of people, devices, and services
  • Integrate identity as a third-party service
  • Implement and manage authorization mechanisms
  • Manage the identity and access provisioning lifecycle

Module-06

Security Assessment and Testing

  • Design and validate assessment, test, and audit strategies
  • Conduct security control testing
  • Collect security process data (e.g., technical and administrative)
  • Analyze test output and generate report
  • Conduct or facilitate security audits

Module-07

Security Operations

  • Understand and support investigations
  • Understand requirements for investigation types
  • Conduct logging and monitoring activities
  • Securely provisioning resources
  • Understand and apply foundational security operations concepts
  • Apply resource protection techniques
  • Conduct incident management
  • Operate and maintain detective and preventative measures
  • Implement and support patch and vulnerability management
  • Understand and participate in change management processes
  • Implement recovery strategies
  • Implement Disaster Recovery (DR) processes
  • Test Disaster Recovery Plans (DRP)
  • Participate in Business Continuity (BC) planning and exercises
  • Implement and manage physical security
  • Address personnel safety and security concerns

Module-08

Software Development Security

  • Understand and integrate security in the Software Development Life Cycle (SDLC)
  • Identify and apply security controls in development environments
  • Assess the effectiveness of software security
  • Assess security impact of acquired software
  • Define and apply secure coding guidelines and standards