You will evaluate organizational policies, procedures, and processes to ensure that an organization’s information systems align with its overall business goals and objectives.
Who Should Attend
The intended audience for this course is information systems security professionals, internal review auditors, and other individuals who have an interest in aspects of information systems audit, controls, and security.
Students taking this course should have a minimum of five years of professional information systems auditing, control, or security work experience as described in the CISA job practice domain areas:
- The Process of Auditing Information Systems
- Governance and Management of IT
- Information Systems Acquisition, Development, and Implementation
- Information Systems Operations, Maintenance and Support
- Protection of Information Assets
While this course will help prepare candidates for the CISA exam, it is not the only preparation that should be used. ISACA requires that the successful CISA candidate have at least five years of professional experience; because of this, the CISA exam will draw on material and experience that is beyond the scope of any single training course, most notably covering database administration, network components and theory, software and operating systems, and hardware devices. Candidates who wish to solidify their understanding of this material might choose to take additional training in these areas if they don’t feel their professional experience is sufficient.
At Course Completion
Upon successful completion of this course, students will be able to:
- Implement information systems audit services in accordance with information systems audit standards, guidelines, and best practices.
- Evaluate an organization’s structure, policies, accountability, mechanisms, and monitoring practices.
- Evaluate information systems acquisition, development, and implementation.
- Evaluate the information systems operations, maintenance, and support of an organization; and evaluate the business continuity and disaster recovery processes used to provide assurance that in the event of a disruption, IT services are maintained.
- Define the protection policies used to promote the confidentiality, integrity, and availability of information assets.