This CISA Certified System Auditor training course is not suitable for beginners. It is required that delegates possess at least five years of exposure in the field of Information Systems Auditing. With this information in mind, it is expected that CISA qualified candidates have an outstanding level of professional experience, commitment, and extensive knowledge of IS Auditing. Thus, a CISA qualification is likely to open many doors and propel certified individuals into a high ranking position within the enterprise.

The five domains within the course are as follows:

• The Process of Auditing Information Systems
• Governance & Management of IT
• Information Systems Acquisition, Development, and Implementation
• Information Systems Operations, Maintenance, and Support
• Protection of Information Assets

The course content surrounds the pivotal Five Domains. The information imparted within each domain is as follows:

Domain 1: Information Systems Audit Process:

• Developing a risk-based IT audit strategy
• Planning specific audits
• Conducting audits to IS audit standards
• Implementation of risk management and control practices

Domain 2: IT Governance and Management:

• Effectiveness of IT Governance structure
• IT organizational structure and human resources (personnel) management
• Organisations IT policies, standards, and procedures
• Adequacy of the Quality Management System
• IT management and monitoring controls
• IT resource investment
• IT contracting strategies and policies
• Management of organizations IT-related risks
• Monitoring and assurance practices
• Organization business continuity plan

Domain 3: Information Systems Acquisition, Development, and Implementation:

• Business case development for IS acquisition, development, maintenance, and retirement
• Project management practices and controls
• Conducting reviews of project management practices
• Controls for requirements, acquisition, development, and testing phases
• Readiness for Information Systems
• Project Plan Reviewing
• Post Implementation System Reviews

Domain 4: Information Systems Operations, Maintenance, and Support:

• Conduct periodic reviews of organizations objectives
• Service level management
• Third-party management practices
• Operations and end-user procedures
• Process of information systems maintenance
• Data administration practices determine the integrity and optimization of databases
• Use of capacity and performance monitoring tools and techniques
• Problem and incident management practices
• Change, configuration, and release management practices
• Adequacy of backup and restore provisions
• Organizations disaster recovery plan in the event of a disaster

Domain 5: Protection of Information Assets:

• Information security policies, standards and procedures
• Design, implementing, monitoring of system and logical security controls
• Design, implementing, monitoring of data classification processes and procedures
• Design, implementing, monitoring of physical access and environmental controls
• Processes and procedures to store, retrieve, transport and dispose of information assets

The CISA essential for professionals dealing with controlling, monitoring, and assessing an organizations information technology and business systems. This includes:

• IS/IT auditors/consultants
• IT compliance managers
• Chief Compliance Officers
• Chief risk & privacy officers
• Security heads/directors
• Security managers/architects

The above list is a suggestion only; individuals may wish to attend based on their own career aspirations, personal goals, or objectives. Delegates may take as few or as many Intermediate qualifications as they require, and to suit their needs.

There are no prerequisites to learn CISA from this tutorial. However, to get the CISA certification you need to:

• Pass the CISA examination
• Submit an application for CISA certification
• Adhere to the Code of Professional Ethics
• Dedicate to the Continuing Professional Education Program
• Compliance with the Information Systems Auditing Standards

The examination is open to all individuals who have an interest in information systems audit, control, and security. A minimum of 5 years of professional information systems auditing, control or security work experience is required for the CISA certification.