Target Audience
Executives and professionals in IT, experts in information and operational risk management, specialists in IT infrastructure security, internal control and IT audit.
Training Objectives
Upon completion of the training programme, the participants will gain insight into/be able to address:
- IT audit goals and objectives and its role in the internal control system;
- techniques applicable to audit planning and performance, and information and audit evidence collection;
- audit and performance assessment of the internal control system in management, operating activities and IT support;
- IT risk management audits;
- IT security audits;
- Preparation for CISA certification
Training uniqueness
The training programme aims at improving alignment between your organisation’s IT and broader business needs and objectives, and at realigning IT audit value proposition.
The training programme is based on the CISA© formal certification programme*, approved an agreed by ISACA © .
Participants will be able to purchase Exam preparation bundle from ISACA © (ePub CISA Review manual and subscription to the exams' questions database) at a discount of 48.8% of the retail price.
Training Methodology
• Training is provided by accredited CISA trainers and includes an analysis of case studies.
• The training programme offers hands-on exercises.
• Training id provided in Ukrainian/Russian with English handouts.
• Upon completion of the training programme, the participants will sit the CISA sample exam including a detailed discussion of questions.
Duration
- Time: 9.30 am - 5.00 pm
- 5 days (40 academic / CPD hours)
Course structure and curriculum
Introduction
• About the CISA Exam
• Certification Steps
Domain 1
Information System Auditing Process
• IT audit: definition, key principles, goals and objectives;
• standards, techniques and approaches used in IT audits;
• risk assessment in the audit context;
• audit planning and delivery techniques;
• gathering information and audit evidence;
• presenting findings and recommendations, follow-up audits.
Domain 2
Governance and management of IT
• IT strategy, policies, standards and procedures
• enterprise risk management;
• IT governance practices, organisation and segregation of duties;
• managing IT resources and project portfolios;
• maturity and process improvement models;
• IT performance monitoring;
Domain 3
Information systems acquisition, development, and implementation
• evaluating IT investment business cases;
• selecting vendors and managing contracts;
• project management;
• software methodologies and development tools;
• information system implementation;
• implementation quality assessment objectives and practices.
Domain 4
Information systems operations, maintenance and support
• supporting the organisation's IT architecture;
• managing IT services under ITIL;
• IT service level management practices and operational management;
• data management and data quality;
• business continuity management.
Domain 5
Protection of information assets
• information security policies, standards and procedures;
• information security controls and activities;
• access management;
• personnel security;
• network infrastructure security;
• physical security;
• cyber threats and pentesting.
Sample CISA exam
• exam structure;
• detailed answers to exam questions.
Certificates
Upon successful completion of the training, participants will be awarded Course Completion Certificates 40 CPE by ISACA Kyiv Chapter.