The CISA certification is for IS audit, control, assurance and/or security professionals who wish to set themselves apart from their peers. The CISA certification has been renowned as the globally recognized achievement for those who control, monitor and assess an organization’s information technology and business systems.

About this workshop

The CISA exam covers 6 major security domains essential for the protection of information systems, corporations and national infrastructure. These domains provide participants with an extensive understanding of the technological & managerial factors that must coordinate effectively to keep information and systems secure.

Benefits

There are many reasons to achieve CISA certification:

* Gives a better understanding of information security audit process
* Gives better awareness of how to protect information systems
* Confirms commitment to profession
* Offers a career differentiator, with enhanced credibility and marketability
* Provides access to valuable resources, such as peer networking and idea exchange

Who should attend

This workshop is meant for professionals responsible for controlling, monitoring and assessing an organization’s information technology and business systems.

* CEO / CFO / CIO / CTO / CISO
* IT Managers
* Finance Managers
* Process Consultants
* IS Managers
* Security Consultants
* Security Architects
* Security Specialists
* System Administrators
* IS Auditors

The CISA certification would immensely benefit those aspiring to make a career in Information Security Audit.

Course Outline

The IS Audit Process: IS Auditing Standards and Guidelines, Performing an IS Audit, Control Self Assessment, Emerging changes in IS Audit Process.

IT Governance: Policies and Procedures, Risk Management, Information Systems Management Practices (Personnel Management, Sourcing Practices, Organizational Change Management), Organizational Structure and Responsibilities (IS Roles and Responsibilities, Segregation of Duties, Auditing IT Governance Structure and Implementation.

Systems and Infrastructure Life Cycle Management: Project management structure and Practices, Business Application Development (Traditional SDLC phases, alternate Application Development Approaches), Infrastructure Development / Acquisition in Practices, Information Systems Maintenance Practices, System Development Tools and Productivity Aids, Application Controls, Auditing Application Controls, Auditing System Development, Acquisition and Maintenance, Business Application Systems: E-Commerce, EDI, POS, Electronic Systems, EFT, ATM, Image Processing etc.

IT Service Delivery and Support: IS Operations, IS Hardware, IS Architecture and Software, IS Network Infrastructure (OSI model, LAN-WAN, wireless, N/W Administration and Controls), Auditing Infrastructure and Operations.

Protection of Information Assets: Information Security Management, Logical Access Exposures and Controls, N/W Infrastructure Security, Auditing Information Security Framework, Environmental Exposures and Controls, Physical Access Exposures and Controls.

Business Continuity and Disaster Recovery: BC and DR Planning (BCP process, BCP incidence management, recovery strategies, developing a BCP, organization and assignment of responsibilities, components of BCP, Plan Testing, Backup and Restoration, Auditing DR and BC Plan.