HomeInternational CertificationsCertified Information Systems Auditor® (CISA)

Certified Information Systems Auditor® (CISA)

Certified Information Systems Auditor® (CISA)

$799

GOALS & OBJECTIVES

Whether you are seeking a new career
opportunity or striving to grow within your
current organization, a CISA certification
proves your expertise in these work-related
domains:

  • INFORMATION SYSTEMS AUDITING PROCESS
  • GOVERNANCE AND MANAGEMENT OF IT
  • INFORMATION SYSTEMS ACQUISITION, DEVELOPMENT AND IMPLEMENTATION
  • PROTECTION OF INFORMATION ASSETS

Description

Duration: 5 Consecutive Days

Domain 1 — Information System Auditing Process
  • Plan an audit to determine whether information systems are protected,
    controlled, and provide value to the organization.
  • Conduct an audit in accordance with IS audit standards and a risk-
    based IS audit strategy.
  • Communicate audit progress, findings, results and recommendations to
    stakeholders.
  • Conduct audit follow-up to evaluate whether risk has been sufficiently
    addressed.
  • Evaluate IT management and monitoring of controls.
  • Utilize data analytics tools to streamline audit processes.
  • Provide consulting services and guidance to the organization in order to
    improve the quality and control of information systems.
  • Identify opportunities for process improvement in the organization’s IT
    policies and practices.
Domain 2 – Governance & Management of IT
  • Evaluate the IT strategy for alignment with the organization’s strategies
    and objectives.
  • Evaluate the effectiveness of IT governance structure and IT
    organizational structure.
  • Evaluate the organization’s management of IT policies and practices.
  • Evaluate the organization’s IT policies and practices for compliance
    with regulatory and legal requirements.
  • Evaluate IT resource and portfolio management for alignment with the
    organization’s strategies and objectives.
  • Evaluate the organization’s risk management policies and practices.
  • Evaluate IT management and monitoring of controls.
  • Evaluate the monitoring and reporting of IT key performance indicators
    (KPIs).
  • Evaluate whether IT supplier selection and contract management
    processes align with business requirements.
  • Evaluate whether IT service management practices align with business
    requirements.
Domain 3 – Information Systems Acquisition, Development, &
Implementation
  • Evaluate whether the business case for proposed changes to
    information systems meet business objectives.
  • Evaluate the organization’s project management policies and
    practices.
  • Evaluate controls at all stages of the information systems development
    life cycle.
  • Evaluate the readiness of information systems for implementation and
    migration into production.
  • Conduct post-implementation review of systems to determine whether
    project deliverable, controls and requirements are met.
  • Evaluate change, configuration, release, and patch management
    policies and practices.
Domain 4 – Information Systems Operations and Business Resilience
  • Evaluate the organization’s ability to continue business operations.
  • Evaluate whether IT service management practices align with business
    requirements.
  • Conduct periodic review of information systems and enterprise
    architecture.
  • Evaluate IT operations to determine whether they are controlled effectively
    and continue to support the organization’s objectives.
  • Evaluate IT maintenance practices to determine whether they are
    controlled effectively and continue to support the organization’s objectives.
  • Evaluate database management practices.
  • Evaluate data governance policies and practices.
  • Evaluate problem and incident management policies and practices.
  • Evaluate change, configuration, release, and patch management policies
    and practices.
  • Evaluate end-user computing to determine whether the processes are
    effectively controlled.
Domain 5 – Protection of Information Assets
  • Conduct audit in accordance with IS audit standards and a risk-based IS
    audit strategy.
  • Evaluate problem and incident management policies and practices.
  • Evaluate the organization’s information security and privacy policies and
    practices.
  • Evaluate physical and environmental controls to determine whether
    information assets are adequately safeguarded.
  • Evaluate logical security controls to verify the confidentiality, integrity, and
    availability of information.
  • Evaluate data classification practices for alignment with the organization’s
    policies and applicable external requirements.
  • Evaluate policies and practices related to asset life cycle management.
  • Evaluate the information security program to determine its effectiveness
    and alignment with the organization’s strategies and objectives.
  • Perform technical security testing to identify potential threats and
    vulnerabilities.
  • Evaluate potential opportunities and threats associated with emerging
    technologies, regulations, and industry practices.

 

Reviews

There are no reviews yet.

Only logged in customers who have purchased this product may leave a review.