Certified Information Systems Auditor (CISA)

 

In this 5 day class, students will learn the best industry security practices for; The Process of Auditing Information Systems, IT Governance and Management, Information Systems Acquisition, Development, and Implementation,Information Systems Operations, Maintenance, and Support, Protection of Information Assets.

Outline:

Lesson 1: The Process of Auditing Information Systems

  • ISACA Information Systems Auditing Standards and
    Guidelines
  • Fundamental Business Processes
  • Develop and Implement an Information Systems
    Audit Strategy
  • Plan an Audit
  • Conduct an Audit
  • The Evidence Life Cycle
  • Communicate Issues, Risks, and Audit Results
  • Support the Implementation of Risk Management
    and Control Practices

Lesson 2: IT Governance and Management

  • Evaluate the Effectiveness of IT Governance
  • Evaluate the IT Organizational Structure and HR
    Management
  • Evaluate the IT Strategy and Direction
  • Evaluate IT Policies, Standards, and Procedures
  • Evaluate the Effectiveness of Quality Management
    Systems
  • Evaluate IT Management and Monitoring of
    Controls
  • IT Resource Investment, Use, and Allocation
    Practices
  • Evaluate IT Contracting Strategies and Policies
  • Evaluate Risk Management Practices
  • Performance Monitoring and Assurance Practices
  • Evaluate the Organizations Business Continuity
    Plan

Lesson 3: Information Systems Acquisition, Development,
and Implementation

  • Evaluate the Business Case for Change
  • Evaluate Project Management Frameworks and
    Governance Practices
  • Development Life Cycle Management
  • Perform Periodic Project Reviews
  • Evaluate Control Mechanisms for Systems
  • Evaluate Development and Testing Processes
  • Evaluate Implementation Readiness
  • Evaluate a System Migration
  • Perform a Post-Implementation System Review

Lesson 4: Information Systems Operations, Maintenance,
and Support

  • Perform Periodic System Reviews
  • Evaluate Service Level Management Practices
  • Evaluate Third-Party Management Practices
  • Evaluate Operations and End User Management
    Practices
  • Evaluate the Maintenance Process
  • Evaluate Data Administration Practices
  • Evaluate the Use of Capacity and Performance
    Monitoring Methods
  • Evaluate Change, Configuration, and Release
    Management Practices
  • Evaluate Problem and Incident Management
    Practices
  • Evaluate the Adequacy of Backup and Restore
    Provisions

Lesson 5: Protection of Information Assets

  • Information Security Design
  • Encryption Basics
  • Evaluate the Functionality of the IT
    Infrastructure
  • Evaluate Network Infrastructure Security
  • Evaluate the Design, Implementation, and
    Monitoring of Logical Access Controls
  • Risks and Controls of Virtualization
  • Evaluate the Design, Implementation, and
    Monitoring of Data Classification Process
  • Evaluate the Design, Implementation, and Monitoring
    of Physical Access Controls
  • Evaluate the Design, Implementation, and
    Monitoring of Environmental Controls

To Hire an AMS Certified Information Security Auditor Subject Matter Expert and Instructor who also teaches this class, call us today at 800-798-3901!

Leave a Reply