Казахстан, г. Алматы, ул. Шевченко 90, БЦ «Каратал», офис 53
Казахстан, г. Астана, ул. Иманова 19, БЦ Деловой Дом "Алма-Ата", офис 612

Даты проведения курса

Выберите удобное для вас число,
запишитесь на курс, заполнив простую форму

записаться на курс
направление: ISACA кол-во дней: 5
вендор: Информационная безопасность кол-во часов: 40
код курса: CISA

CISA© (Certified Information Systems Auditor) is an independent and most powerful certification offered for IT auditors.  CISA certification is ANSI accredited programme accepted and recognised at the country-wide level  globally.

The training programme encompasses theoretical and practical skills in IT audit:

  • a role of IT audit in internal control and IT security management systems;
  • an approach to audit engagement planning and performance;
  • skills of description of IT controls and response to IT risks.

Target Audience

The training programme is designed for IT managers and professionals, information and operation risk management professionals, and IT security, internal control and IT audit professionals.

Training Objectives

Upon completion of the training programme, the participants will gain insight into/be able to address:

  • IT audit goals and objectives and its role in the internal control system;
  • techniques applicable to audit planning and performance, and information and audit evidence collection;
  • audit and performance assessment of the internal control system in management, operating activities and IT support;
  • IT risk management audits;
  • IT security audits;
  • Preparation for CISA ©  certification

Training Methodology

  • Training is provided by accredited CISA © trainers and includes an analysis of case studies.
  • The training programme offers hands-on exercises.
  • Training id provided in Russian with English handouts
  • Upon completion of the training programme, the participants will pass CISA sample exam including a detailed discussion of questions.

Distinctive Benefits for Your Business
The training programme aims at improving alignment between your organisation’s IT and broader business needs and objectives, and at realigning IT audit value proposition.The training programme is based on the CISA©  formal certification programme*, approved an agreed by ISACA © .

 

Introduction

  • About the CISA Exam
  • Certification Steps

Domain 1

Information System Auditing Process

Planning

  • IS Audit Standards, Guidelines and Codes of Ethics
  • Business Processes
  • Types of Controls
  • Risk-Based Audit Planning
  • Types of Audits and Assessments

Execution

  • Audit Project Management
  • Sampling Methodology
  • Audit Evidence Collection Techniques
  • Data Analytics
  • Reporting and Communication Techniques
  • Quality Assurance and Improvement of the Audit Process

Domain 2

Governance and management of IT

IT Governance

  • IT Governance and IT Strategy
  • IT-Related Frameworks
  • IT Standards, Policies, and Procedures
  • Organizational Structure
  • Enterprise Architecture
  • Enterprise Risk Management
  • Maturity Models
  • Laws, Regulations, and Industry
  • Standards Affecting the Organization

IT Management

  • IT Resource Management
  • IT Service Provider Acquisition and

Management

  • IT Performance Monitoring and Reporting
  • Quality Assurance and Quality

Management of IT

Domain 3

Information systems acquisition, development, and implementation

Information Systems Acquisition and

Development

  • Project Governance and Management
  • Business Case and Feasibility Analysis
  • System Development Methodologies
  • Control Identification and Design

Information System Implementation

  • Testing Methodologies
  • Configuration and Release Management
  • System Migration, Infrastructure

Deployment, and Data Conversion

  • Post-Implementation Review

Domain 4

Information systems operations, maintenance and support

Information System Operations:

  • Computer Hardware Components and

Architectures

  • IT Asset Management
  • System Interfaces
  • End-User Computing
  • Data Governance
  • Systems Performance Management
  • Problem and Incident Management
  • Change, Configuration, Release, and Patch

Management

  • IT Service Level Management
  • Database Management

Business Resilience

  • Business Impact Analysis (BIA)
  • System Resiliency
  • Data Backup, Storage, and Restoration
  • Business Continuity Plan (BCP)
  • Disaster Recovery Plans (DRPs)

Domain 5

Protection of information assets

Information Asset Security and Control

  • Introduction
  • Information Asset Security Frameworks, Standards, and Guidelines
  • Privacy Principles
  • Physical Access and Environmental Controls
  • Identity and Access Management
  • Network and End-point Security
  • Data Classification
  • Data Encryption and Encryption-related Techniques
  • Public Key Infrastructure (PKI)
  • Web-based Communication Technologies
  • Virtualized Environments
  • Mobile, Wireless, and Internet-of-Things (IOT)

Devices

Security Event Management

  • Security Awareness Training and Programs
  • Information System Attack Methods and Techniques
  • Security Testing Tools and Techniques
  • Security Monitoring Tools and Techniques
  • Incident Response Management
  • Evidence Collection and Forensics

Sample CISA exam

  • exam structure;
  • detailed answers to exam questions.

CPE information:

Upon successful completion of the training, students will be awarded Course Completion Certificates (40 CPD) from ISACA Kyiv.