Apr 10 - Apr 14
09:30 AM to 12:30PM EST
- 5 Days training program
- Live Virtual Training
- Learn on any PC/Mobile/Tablet
- Unlimited Doubt Sessions
- Online Labs (if applicable)
- Official Courseware & Kits
- Get Recording after session
- Get Certificate of Completion
- Mock Tests & Exam Preps
- Classroom Training (Optional)
Training 2 or more people?
Get a custom quote for group training, Onsite & classroom options.Request a Quote
Live Learnfly with CISA - The Certified Information Systems Auditor training course aims to bestow the much-desired skillsets that largely assist in governing and managing enterprise IT while performing an effective security audit on any organization. The training course will assist you in gaining proficiency in the acquisition, development, testing, and implementation of information systems. It further lets you get familiar with the guidelines standards and best practices for protecting these information systems.
Individuals who pursue the course get well versed in evaluating, securing and controlling complex business and IT systems in an enterprise. This training course will also enlighten individuals with government regulations which further helps in developing policies with some robust internal control measures and disclosures.
Who Should Attend?
The target audience comprises:
- Individuals who are willing to learn and expand their knowledge in Information Systems Auditing.
- Professionals who are Auditors or working in an Audit environment like Audit Managers, IS/IT auditors etc.
- Individuals looking for a career in Information Systems Auditing.
- IT managers
- Security Managers
- System Analysts
A minimum of 5 years of work experience in professional information systems auditing, control or security is required for certification.
Domain 1—The Process of Auditing Information Systems
Provide audit services in accordance with IT audit standards to assist the organization in protecting and controlling information systems.
- ISACA IT Audit and Assurance Standards, Guidelines and Tools and Techniques, Code of
- Professional ethics and other applicable standards.
- Risk assessment concepts, tools and techniques in an audit context.
- Control objectives and controls related to information systems.
- Audit planning and audit project management techniques, including follow-up.
- Fundamental business processes (e.g., purchasing, payroll, accounts payable, accounts receivable) including relevant IT.
- Applicable laws and regulations which affect the scope, evidence collection and preservation, and frequency of audits.
- Evidence collection techniques (e.g., observation, inquiry, inspection, interview, data analysis, fraud, investigation) used to gather, protect and preserve audit evidence different sampling methodologies.
- Reporting and communication techniques (e.g., facilitation, negotiation, conflict resolution, audit report structure).
- Audit quality assurance systems and frameworks.
Domain 2—Governance and Management of IT
Provide assurance that the necessary leadership and organization structure and processes are in place to achieve objectives and to support the organization's strategy.
- IT governance, management, security and control frameworks, and related standards, guidelines, and practices
- The purpose of IT strategy, policies, standards and procedures for an organization and the essential elements of each organizational structure, roles and responsibilities related to IT.
- The processes for the development, implementation and maintenance of IT strategy, policies, standards and procedures
- The organization’s technology direction and IT architecture and their implications for setting long term strategic directions
- Relevant laws, regulations and industry standards affecting the organization
- Quality management systems
- The use of maturity models
- Process optimization techniques
- IT resource investment and allocation practices, including prioritization criteria (e.g., portfolio management, value management, project management)
- IT supplier selection, contract management, relationship management and performance monitoring
- Processes including third party outsourcing relationships
- Enterprise risk management
- Practices for monitoring and reporting of IT performance (e.g., balanced scorecards, key performance indicators [KPI])
- IT human resources (personnel) management practices used to invoke the business continuity plan
- Business impact analysis (BIA) related to business continuity planning
- The standards and procedures for the development and maintenance of the business continuity plan and testing methods
Domain 3—Information Systems Acquisition, Development, and Implementation
Provide assurance that the practices for the acquisition, development, testing, and implementation of information systems meet the organization’s strategies and objectives.
- Benefits realization practices, (e.g., feasibility studies, business cases, total cost of ownership [TCO], ROI) project governance mechanisms (e.g., steering committee, project oversight board, project management office)
- Project management control frameworks, practices and tools
- Risk management practices applied to projects
- IT architecture related to data, applications and technology (e.g., distributed applications, web based applications, web services, n-tier applications)
- Acquisition practices (e.g., evaluation of vendors, vendor management, escrow)
- Requirements analysis and management practices (e.g., requirements verification, traceability, gap analysis, vulnerability management, security requirements)
- Project success criteria and risks
- Objectives and techniques that ensure the completeness, accuracy, validity and authorization of transactions and data
- System development methodologies and tools including their strengths and weaknesses (e.g., agile development practices, prototyping, rapid application development [RAD], object-oriented design techniques)
- Testing methodologies and practices related to information systems development
- Configuration and release management relating to the development of information systems
- System migration and infrastructure deployment practices and data conversion tools, techniques and procedures.
- Post-implementation review objectives and practices (e.g., project closure, control implementation, benefits realization, performance measurement)
Domain 4—Information Systems Operations, Maintenance and Support
Provide assurance that the processes for information systems operations, maintenance and support meet the organization’s strategies and objectives.
- Service level management practices and the components within a service level agreement
- Techniques for monitoring third party compliance with the organization’s internal controls
- Operations and end-user procedures for managing scheduled and non-scheduled processes
- The technology concepts related to hardware and network components, system software and database management systems
- Control techniques that ensure the integrity of system interfaces
- Software licensing and inventory practices
- System resiliency tools and techniques (e.g., fault tolerant hardware, elimination of single point of failure, clustering)
- Database administration practices
- Capacity planning and related monitoring tools and techniques
- Systems performance monitoring processes, tools and techniques (e.g., network analyzers, system utilization reports, load balancing)
- Problem and incident management practices (e.g., help desk, escalation procedures, tracking)
- Processes, for managing scheduled and non-scheduled changes to the production systems and/or infrastructure including change, configuration, release and patch management practices
- Data backup, storage, maintenance, retention and restoration practices
- Regulatory, legal, contractual and insurance issues related to disaster recovery
- Business impact analysis (BIA) related to disaster recovery planning
- The development and maintenance of disaster recovery plans
- Types of alternate processing sites and methods used to monitor the contractual agreements (e.g., hot sites, warm sites, cold sites)
- Processes used to invoke the disaster recovery plans
- Disaster recovery testing methods
Domain 5—Protection of Information Assets
Provide assurance that the organization’s security policies, standards, procedures and controls ensure the confidentiality, integrity and availability of information assets.
- Techniques for the design, implementation, and monitoring of security controls, including security awareness programs
- Processes related to monitoring and responding to security incidents (e.g., escalation procedures, emergency incident response team)
- Logical access controls for the identification, authentication and restriction of users to authorized functions and data
- The security controls related to hardware, system software (e.g., applications, operating systems), and database management systems.
- Risks and controls associated with virtualization of systems
- The configuration, implementation, operation and maintenance of network security controls
- Network and Internet security devices, protocols, and techniques
- Information system attack methods and techniques
- Detection tools and control techniques (e.g., malware, virus detection, spyware)
- Security testing techniques (e.g., intrusion testing, social engineering testing, vulnerability scanning)
- Risks and controls associated with data leakage
- Encryption-related techniques
- Public key infrastructure (PKI) components and digital signature techniques
- Risks and controls associated with peer-to-peer computing, instant messaging, and web-based technologies (e.g., social networking, message boards, blogs)
- Controls and risks associated with the use of mobile & wireless devices
- Voice communications security (e.g., PBX, VoIP)
- The evidence preservation techniques and processes followed in forensics investigations (e.g., IT, process, chain of custody, fraud evidence collection)
- Data classification standards and supporting procedures
- Physical access controls for the identification, authentication and restriction of users to authorized facilities environmental protection devices and supporting practices
- The processes and procedures used to store, retrieve, transport and dispose of confidential information assets
ISACA is an independent, nonprofit, global association that engages in the development, adoption and use of globally accepted information system (IS) knowledge and practices. Previously known as the Information Systems Audit and Control Association, ISACA only goes by its acronym.
ISACA provides guidance, benchmarks and governance tools for enterprises that use information systems. ISACA also hosts a series of international conferences that focus on both technical and managerial topics relating to IS assurance, control, security and IT governance
Frequently Asked Questions
What is the CISA certification cost?The CISA Certification cost varies between $450 - $760 based on the mode of registration and if you are a registered member or not. Please click on the below link for further details : http://www.isaca.org/Certification/CISA-Certified-Information-Systems-Auditor/June-Exam-Information/Pages/register-for-the-CISA-June-exam.aspx
What all will I get as part of the training?You get access to our e-learning content along with the practice simulation tests that help you tackle the toughest of the exam questions. You will also get an online participant handbook with cross references to the e-learning for reinforcement of your learning.
How many questions are there in the CISA certification exam?ISACA uses and reports scores on a common scale from 200 to 800. For example, the scaled score of 800 represents a perfect score with all questions answered correctly; a scaled score of 200 is the lowest score possible and signifies that only a small number of questions were answered correctly. You need to achieve a score of 450 or higher to pass the CISA® Exam.
What tools do I need to attend the training sessions?The system requirements are quite basic: OS: Windows any version above XP SP3 & Mac any version above OS X 10.6 Internet Speed: Preferably above 512 KBPS Headset and microphone which can be used to talk and hear clearly.
How does Live Training works?Live training, also known as online training, is a method of delivering training in real-time over the internet. The trainer and the trainees are connected through video conferencing software, allowing for interactive communication and collaboration. During live training, the trainer can present materials, lead discussions, answer questions, and engage with the trainees in real-time.
Does Learnfly offer Classroom & Onsite training as well?Yes. We Do! We do offer classroom, onsite, group sessions & 1 on 1 training for selective courses. Contact our support team and our team will assist you with the process.
Do you provide certification and exam assistance?Yes! We provide assistance in scheduling & preparing for your exam after a successful training completion. Once you successfully pass your exam, you will be awarded with a certification.
What if I miss my scheduled class or want to reschedule?No worries. You can simply request for the next date as per your availability.
Can I change the trainer if not satisfied?We only provide highly qualified and certified trainers with 100% satisfaction rate. However, if you are not satisfied with the trainer, you can request for a free replacement.
Do I get a lab access with the course?Yes! If your training require a lab access, then it will be included in the price.
Is Learnfly accredited?Yes! Learnfly is accredited with many renowned vendors like Microsoft, ISACA, VMWare, PECB, EC Council. Cisco and many more.
Are Learnfly Instructor's Certified?Yes. We only provide training via Certified Instructors.
Where is Learnfly Located?Learnfly is a global training provider with locations in India, United States, United Kingdom, UAE, Australia & Africa.
Does Learnfly offer after training support?Yes. We offer 1 month free support after your training completion for any queries related to your course, examination etc.
What is Learnfly Platform?Learnfly Platform is an omnnichannel Learning Management System that allows you to access thousands of self paced courses, attend live classes, track certifications, access interactive quizzes & assignments, Online labs, connect with Instructors & do much more. Join the platform to know more.
Do you offer a demo live session with an instructor?Yes! If you need a demo session to get a feel of live training or to evaluate an instructor, then you can request for a 15 minutes free live session. Connect with our training team for more info.
Can I get a refund if not satisfied?All of our training comes with 30 days money back guarantee. Refunds are only applicable on instructor training. Exam, labs are non-refundable.
How can I make a payment for my training?We accept all major payment methods like debit/credit card, PayPal and Bank Wire transfer. For bank transfer, please contact us at email@example.com
How can i get started?Super! Simply click on "Book Now" button on this page to reserve your seat and make a payment. You can choose from available schedules or provide your own. For anything else like quotation, purchase order, bank wire details etc, please contact our training team at firstname.lastname@example.org. See you learning with us soon!
Meet our official certification partners. Get Certified with internationally recognised names.
Earn International recognition and certification
Earn International recognition and certification
Get Certified : Get Ahead
Get your own personalized Certificate of Completion, once you successfully complete the training with Learnfly. Showcase your certifcation on Linkedin & more.
250k+ Students and growing.
Listen what they say about Learnfly Courses
I enrolled in ECIH course from Learnfly. This platform enabled me to learn difficult concepts with ease and that too at my own pace. I completed the course in a comfortable environment and would surely recommend Learnfly for this IT course that is well in demand.
- Student -
I enrolled in Machine Learning course from Learnfly. It was a good learning experience and I learnt the concepts well through the video lectures. The videos were well designed and helped me follow a step-by-step approach to complete my course. I recommend Learnfly for this course.
- Student -
I was thrilled to pursue Artificial Intelligence course. It is in high demand. I started searching for a good online platform and luckily found Learnfly. I was initially skeptical about it but later found that it was good. My course was completed in a hassle-free manner. Kudos to Learnfly!
- Student -
I pursued CEH from Learnfly. I easily understood the stuff as it was imparted in a fresh manner through well-structured video lectures. All the topics were covered in the videos and I could access them as per my requirements at different points of time. I recommend Learnfly platform to save both your time and money.
- Student -
There is high demand for Artificial Intelligence course in the job market these days. I chose Learnfly to pursue this course. The video lectures were designed in a learner-friendly way and it was really convenient for me to understand the concepts well in a short span of time invested.
- Student -
Machine Learning is a course that is in demand these days. I was not interested to pursue it through classroom lecture mode. I searched for few platforms offering this course online but finally opted for Learnfly. It trained me for the technology and I am now able to gain a better position in my company after learning at my own and attaining the certificate.
- Student -
More in Tech & IT
Enabling and Managing Office ...
8178Duration : 5 Days
Active DirectoryTraining & Cer...
79273Duration : 5 Days
SharePoint Online for Administ...
4.3Duration : 12 Days
SharePoint 2016 Training & Ce...
73422Duration : 12 Days
PowerShell Training & Certific...
9257Duration : 5 Days
Office 365 Training & Certific...
19367Duration : 5 Days