Course fee:
Usual Price: S$3500 (excluding GST)
Overview
Certified Information Systems Auditor or CISA is a globally recognized certification for IS (Information Security) audit control, assurance and security professionals. Being a CISA-certified, you will get to showcase your audit experience, skills and knowledge; and prove that you are capable to assess vulnerabilities, report on compliance and institute controls within the enterprise.
In this 4-day instructor-led course, participants will equip with the effective skills necessary to defend against unauthorized admittance to information.
Prerequisites
Participants who wish to take up this course should have a minimum of 5 years of Information Security (IS) experience OR ANY of the following requirements that can substitute to a maximum of 3 years of experience:
- 1 year of non-IS auditing experience
- 60 to 120 completed university semester credit hours (equivalent to 2-year or 4-year degree); not limited by the 10-year preceding restriction
- Bachelor’s or master’s degree from a university that enforces the ISACA-sponsored Model Curricula. To view a list of these schools, please visit HERE. (This option cannot be used if 3 years of experience substitution and educational waiver have already been claimed.)
- Master’s degree in IS or IT from an accredited university
Who Should Attend?
This course is ideal for IS (Information Security) and IT (Information Technology) Professionals who have prior knowledge and experience in auditing, control and security; IS/IT Auditors; IS/IT Consultants; Governance Professionals; Enterprise Leaders; and those who are interested to explore beyond the basic knowledge of audit, control and security in the information systems.
Course Outline
- ISACA IS Auditing Standards, Guidelines
- Fundamental Business Processes
- Systems Audit Strategy
- Plan an Audit
- Conduct an Audit
- The Evidence Life Cycle
- Communicate Issues, Risks, and Audit Results
- Support the Implementation of Risk
- Management and Control Practices
- Evaluate the Effectiveness of IT Governance
- Evaluate the IT Organization Structure and HR Management
- Evaluate the IT Strategy and Direction
- Evaluate the Effectiveness of Quality Management Systems
- Evaluate IT Management and Monitoring Controls
- IT Resource Investment, Use and Allocation Practices
- Evaluate IT Contracting Strategies and Policies
- Evaluate Risk Management Practices
- Performance Monitoring and Assurance Practices
- Evaluate the Organizations Business Continuity Plan
- Evaluate the Business Case for Change
- Evaluate Project Management Framework and Governance Practices
- Development Life Cycle Management
- Perform Periodic Project Reviews
- Evaluate Control Mechanisms for Systems
- Evaluate Development and Testing Processes
- Evaluate Implementation Readiness
- Evaluate a System Migration
- Perform a Post-Implementation System Review
- Perform Periodic System Reviews
- Evaluate Service Level Management Practices
- Evaluate Third-Party Management Practices
- Evaluate Operations and End User Management Practices
- Evaluate the Maintenance Process
- Evaluate Data Administration Practices
- Evaluate the Use of Capacity and Performance Monitoring Methods
- Evaluate Change, Configuration, and Release Management Practices
- Evaluate Problem and Incident Management Practices
- Evaluate the Adequacy of Backup and Restore Provisions
- Information Security Design
- Encryption Basics
- Evaluate the Functionality of the IT Infrastructure
- Evaluate Network Infrastructure Security
- Evaluate the Design, Implementation, and Monitoring of Logical Access Controls
- Risks and Controls of Virtualization
- Evaluate the Design, Implementation, and Monitoring of Physical Access Controls
- Evaluate the Design, Implementation, and Monitoring of Environmental Controls
