FB Twitter Linkedin Instagram cisa certified information system auditor industrial training Mohali | ITRONIX SOLUTION

CISA – Certified Information System Auditor

Course Overview

Certified Information Systems Auditor (CISA) Certification is a highly sought after certification designed for IT security, IT Risk and IT Auditors. This credential is an audit professional certification sponsored by the reputed Information Systems Audit and Control Association (ISACA). Professionals need to successfully clear the CISA Exam in order to attain CISA Certification.

Course Content

The course content surrounds the pivotal Five Domains. The information imparted within each domain is as follows:

Domain 1: Information Systems Audit Process:

  • Developing a risk-based IT audit strategy
  • Planning specific audits
  • Conducting audits to IS audit standards
  • Implementation of risk management and control practices

Domain 2: IT Governance and Management:

  • Effectiveness of IT Governance structure
  • IT organisational structure and human resources (personnel) management
  • Organisation’s IT policies, standards, and procedures
  • Adequacy of the Quality Management System
  • IT management and monitoring controls
  • IT resource investment
  • IT contracting strategies and policies
  • Management of organisations IT-related risks
  • Monitoring and assurance practices
  • Organisation business continuity plan

Domain 3: Information Systems Acquisition, Development, and Implementation:

  • Business case development for IS acquisition, development, maintenance, and retirement
  • Project management practices and controls
  • Conducting reviews of project management practices
  • Controls for requirements, acquisition, development, and testing phases
  • Readiness for Information Systems
  • Project Plan Reviewing
  • Post Implementation System Reviews

Domain 4: Information Systems Operations, Maintenance, and Support:

  • Conduct periodic reviews of organisations objectives
  • Service level management
  • Third party management practices
  • Operations and end-user procedures
  • Process of information systems maintenance
  • Data administration practices determine the integrity and optimisation of databases
  • Use of capacity and performance monitoring tools and techniques
  • Problem and incident management practices
  • Change, configuration, and release management practices
  • Adequacy of backup and restore provisions
  • Organisation’s disaster recovery plan in the event of a disaster

Domain 5: Protection of Information Assets:

  • Information security policies, standards and procedures
  • Design, implementing, monitoring of system and logical security controls
  • Design, implementing, monitoring of data classification processes and procedures
  • Design, implementing, monitoring of physical access and environmental controls
  • Processes and procedures to store, retrieve, transport and dispose of information assets