This 4-day course provides you the knowledge you need to pass the Certified Information Systems Auditor exam and achieve professional CISA certification.
CISA is a valuable and much sought-after certification in the marketplace, demonstrating evidence of knowledge and expertise in Information Systems auditing, control and security.
Anybody looking to achieve CISA certification can attend this course and undertake the CISA exam.
To apply for CISA certification, you must have a minimum of five years of professional information systems auditing, control or security work experience. If you do not have this experience, not to worry – you can do the course, pass the exam and gain the experience later, as long as it is achieved within a period of ten years. See ISACA for details.
The course is intended for anybody with an interest in information systems auditing, control and security.
The course consists of four days of classroom-based training
Information Systems Audit Process:
Developing a risk-based IT audit strategy
Planning specific audits
Conducting audits to IS audit standards
Implementation of risk management and control practices
IT Governance and Management:
Effectiveness of IT Governance structure
IT organisational structure and human resources (personnel) management
Organisation’s IT policies, standards and procedures
Adequacy of the Quality Management System
IT management and monitoring of controls
IT resource investment
IT contracting strategies and policies
Management of organisations IT related risks
Monitoring and assurance practices
Organisation business continuity plan
Information Systems Acquisition, Development and Implementation:
Business case development for IS acquisition, development, maintenance and retirement
Project management practices and controls
Conducting reviews of project management practices
Controls for requirements, acquisition, development and testing phases
Readiness for information systems
Project Plan Reviewing
Post Implementation System Reviews
Information Systems Operations, Maintenance and Support:
Conduct periodic reviews of organisations objectives
Service level management
Third party management practices
Operations and end-user procedures
Process of information systems maintenance
Data administration practices to determine the integrity & optimisation of databases
Use of capacity and performance monitoring tools & techniques
Problem and incident management practices
Change, configuration and release management practices
Adequacy of backup and restore provisions
Organisation’s disaster recovery plan in the event of a disaster
Protection of Information Assets:
Information security policies, standards and procedures
Design, implementing, monitoring of system and logical security controls
Design, implementing, monitoring of data classification processes and procedures
Design, implementing, monitoring of physical access and environmental controls
Processes and procedures to store, retrieve, transport and dispose of information assets
The CISA exam is booked separately through ISACA
It is carried out three times a year during the months of June, September & December
The exam consists of 200 multiple-choice questions within a 4-hour time limit
Exam scores are scaled to 800
The pass mark is 450/800
What is CISA?
CISA (Certified Information Systems Auditor) is a globally recognised certification for Information Systems Auditing and Security professionals. As the requirements for certification include at least five years’ work in the field, CISA is a proof of both knowledge and experience in IS/IT auditing.
CISA is provided by ISACA, a non-profit independent association for IT governance professionals which provides knowledge and best practices for the industry, as well as a range of professional, globally recognised certifications.
Duration: 4 Days
CISA Certified Information Systems Auditor Training Scotland.