Certified Information Systems Auditor (CISA)

Duration of course

• 3 days of virtual live training (via Zoom).
• This includes 13.5 hours of instructors led training with 4 hour doubt-clearing sessions and 1 hour of exclusive “how to crack exam” session.

Requirements

•  No prerequisite knowledge required.
• Learning Outcomes
• Introduction to European Data Protection
• European Regulatory Institutions
• Legislative Framework
• Compliance with European Data Protection Law and Regulation
• Cross-border Data Transfers

Reasons why you should get certified

• A thorough understanding of knowledge and skills required for an IS Auditor
• Insights into the level of knowledge required to meet the complexities of a digital business landscape
• An in-depth understanding of auditing information systems
• Knowledge of management and governance of IT processes and systems
• Understanding of acquisition, development, test, and implementation of critical business information systems
• Thorough knowledge of managing, maintaining, and securing information assets
• Proper understanding of the CISA course material to clear your CISA exam on the first attempt

Who should attend

• IT Pros, Accountant and whoever interested in IT Auditing
• Risk managers and specialists
• IT Auditors
• Security People, Security Managers, System Analysts
• Legal / Compliance Officers

Objective Outcome

• Vulnerability assessment and identification
• Information Systems audit and assurance guidelines
• Auditing Information Systems
• Governance and IT management
• Information Systems acquisition development and implementation
• Information Systems operations maintenance and service management
• Information asset protection

1 Information System Auditing Process

• Planning
• Audit Standards, Guidelines, and Codes of Ethics
• Business Processes
• Types of Controls
• Risk-based Audit Planning
• Types of Audits and Assessments
• Execution
• Audit Project Management
• Sampling Methodology
• Audit Evidence Collection Techniques
• Data Analytics
• Reporting and Communication Techniques
• Quality Assurance and Improvement of the Audit Process

2 Governance and Management of IT

• IT Governance
• IT Governance and IT Strategy
• IT Related Frameworks
• IT Standards, Policies, and Procedures
• Organisational Structure
• Enterprise Architecture
• Enterprise Risk Management
• Maturity Models
• Laws, Regulations, and Industry Standards Affecting the Organisation
• IT Management
• IT Resource Management
• IT Service Provider Acquisition and Management
• IT Performance Monitoring and Reporting
• Quality Assurance and Quality Management of IT

3 Information Systems Acquisition, Development and Implementation

• Information Systems Acquisition and Development
• Project Governance and Management
• Business Case and Feasibility Analysis
• System Development Methodologies
• Control Identification and Design
• Information Systems Implementation
• Testing Methodologies
• Configuration and Release Management
• System Migration, Infrastructure Deployment, and Data Conversion
• Post-implementation Review

4 Information Systems Operations and Business Resilience

• Information Systems Operations
• Common Technology Components
• IT Asset Management
• Job Scheduling and Production Process Automation
• System Interfaces
• End User Computing
• Data Governance
• System Performance Management
• Problem and Incident Management
• Change, Configuration, Release and Patch Management
• IT Service Level Management
• Database Management
• Business Resilience
• Business Impact Analysis
• System Resiliency
• Data Backup, Storage, and Restoration
• Business Continuity Plan
• Disaster Recovery Plans

5 Protection of Information Assets

• Information Asset Security Frameworks, Standards, and Guidelines
• Auditing The Information Security Management Framework
• Privacy Principles
• Physical Access and Environmental Controls
• Identity and Access Management
• Network and End-point Security
• Data Classification
• Data Encryption and Encryption Related Techniques
• Public Key Infrastructure
• Web-based Communication Technologies
• Virtualised Environments
• Mobile, Wireless, and Internet of Things
• Security Event Management
• Security Awareness Training and Programs
• Information System Attack Methods and Techniques
• Security Testing Tools and Techniques
• Incident Response Management
• Evidence Collection and Forensics

6 Examination

• Passing Criteria 50%

Delivery Format

• Lecture style
• Teacher led classroom training
• Discussions with consultants
• Roleplay / Presentations

Trainers & Consultants

Tsaaro Academy is an Official Training Partner of the International Association of Privacy Professionals (IAPP). Our trainers have been actively engaged in doing actual PDPA audits of Singaporean companies for Tsaaro Academy, and are certified by IAPP to conduct the CIPP/E course. Together, the team has also trained thousands of participants in the Personal Data Protection Act.

Our trainers have been actively engaged in doing actual GDPR audits of Indian companies for Tsaaro Academy. Together, the team has also trained more than 100 participants in the GDPR, PDPB, CCPA and similar laws.

Cancellation Policy

• Request for withdrawal or postponement must be made in writing to Tsaaro Academy.
• Refunds arising from course withdrawal/deferment will be subjected to the following terms:
• More than 2 weeks before course commencement: Full refund.
• Less than 2 weeks before course commencement: 50% refund.
• On or after course commencement: No refund.

Confirmation & Reservation

When registration is confirmed, participants will receive our email confirmation along with information of the course programme.If no seats are available for the applied date, you will be notified immediately and given an alternative date.

Tsaaro Academy reserves the right to change the course schedules, programmes and content without prior notice. We also reserve the right to cancel course due to unforeseen circumstances.

• No. of questions: 90
• MCQ based questions
• Duration: 2.5 hrs.
• Pass percentage: 60%