CISA® (Certified Information Systems Auditor®)

Paths

CISA® (Certified Information Systems Auditor®)

Author: Kevin Henry

These courses will help prepare you for the ISACA® CISA® (Certified Information Systems Auditor®) examination, covering the 2019 CISA® Job Practice Areas.

What you will learn

  • Fundamental audit, control, and security skills
  • How to plan, conduct, and report on information systems audits
  • How to evaluate organizational structures, policies, practices, and processes
  • How to evaluate and conduct reviews of the acquisition, development, and implementation of information systems
  • The principle and practices of information systems operations, maintenance, and service management
  • How to evaluate organizations' policies, standards, procedures, and controls in order to protect information assets

Pre-requisites

CISA® candidates are required to have a minimum of five years of professional information systems auditing, control or security work experience, with certain exceptions. This series does not require any prior experience or knowledge, but a familiarity with IT equipment and controls, as well as IT audit procedures is helpful.

CISA® (Certified Information Systems Auditor®)

In this series, through exposure to the 2019 CISA® Job Practice Areas, you will learn how to plan and conduct audit services that conform to your enterprise’s standards and gain an understanding of how to identify and recommend practices that actively address cyber risk. This series can be used to prepare for the ISACA® CISA® (Certified Information Systems Auditor®) examination.

Preparing for an ISACA® Certification Examination

by Kevin Henry

Mar 31, 2018 / 16m

16m

Start Course
Description

Preparing for an ISACA® examination can be difficult and stressful. In this course, Preparing for an ISACA® Certification Examination, you will learn how to set yourself up for success, prior to taking the exam. First, you will delve into the test taking process. Next, you will discover some helpful tips and tricks to pass the exam. Last, you will learn how to develop a study plan. When you're finished with this course, you will have the skills and knowledge needed to be prepared for an ISACA® exam.

Table of contents
  1. Course Overview
  2. The ISACA® Exam Format
  3. Preparing for an ISACA® Examination

The Information Systems Auditing Process: Audit Planning

by Kevin Henry

Sep 11, 2019 / 2h 30m

2h 30m

Start Course
Description

Information Systems auditors are in high demand but short supply. In this course, The Information Systems Auditing Process: Audit Planning, you will learn the latest standards and requirements to be recognized as a professional information systems Auditor. First, you will gain an understanding of the ethical, professional, and character-traits of an auditor. Then, you will discover how to plan and schedule audit engagements. Finally, you will become familiar with the standards that an auditor is required to follow when conducting an audit. By the end of this course, you will gain the essential knowledge needed to develop your skills as an Information Systems Auditor.

Table of contents
  1. Course Overview
  2. The Principles of Information Systems Auditing
  3. Setting an Audit Strategy
  4. Auditing Standards

The Information Systems Auditing Process: Conducting an Audit

by Kevin Henry

Sep 11, 2019 / 1h 42m

1h 42m

Start Course
Description

Auditing examines information systems in order to provide valuable information about the operations and security of information and information systems. This course, The Information Systems Auditing Process: Conducting an Audit, teaches you essential information in order to conduct information systems audits. First, you will learn about the audit planning process. Next, you will discover how to conduct audit procedures. Finally, you will explore the process of audit reporting. By the end of this course, you will understand the techniques of auditing in order to provide audit efficiently and effectively.

Table of contents
  1. Course Overview
  2. Creating an Audit Plan
  3. Selecting the Audit Process
  4. Reporting and Communicating the Audit Results

The Information Systems Auditing Process: IT Governance

by Kevin Henry

Nov 4, 2019 / 2h 16m

2h 16m

Start Course
Description

Effective IT auditing is essential in this day and age. In this course, The Information Systems Auditing Process: IT Governance, you will gain an understanding of the principles and responsibilities to conduct governance audits of the IT function in an organization. First, you will learn the role of governance and the effect of laws on IT services. Then, you will become familiar with applicable standards and frameworks. Finally, you will take a look at information systems controls and finish with a review of enterprise risk management. When you are finished with this course, you will have the knowledge necessary to provide effective audit of the IT governance function.

Table of contents
  1. Course Overview
  2. Assessing IT Governance, Strategy, and Laws
  3. Comparing IT Control Frameworks
  4. Assessment of Information Systems Controls and Implementation
  5. Understanding Enterprise Risk Management

The Information Systems Auditing Process: IT Management

by Kevin Henry

Nov 4, 2019 / 1h 37m

1h 37m

Start Course
Description

Looking to provide insight and analysis for the effective management of IT investment and operations? This course, The Information Systems Auditing Process: IT Management, will teach you the knowledge you require to audit and review the IT management function of an organization. First, you will learn how to assess IT resource management. Next, you will explore how to review supply chain. Finally, you will discover how to measure IT performance and quality. By the end of this course, you will be equipped with the essential skills required to be an effective IT auditor and to provide meaningful assessment and recommendations to improve the IT management function.

Table of contents
  1. Course Overview
  2. Assessing IT Resource Management
  3. Assessment of IT Supply Chain
  4. Measuring IT Performance and Quality

Information Systems Auditing: Information Systems Acquisition and Development

by Kevin Henry

Dec 10, 2019 / 2h 27m

2h 27m

Start Course
Description

Auditing the acquisition and development of information systems is a difficult area for most IT auditors. In this course, Information Systems Auditing: Information Systems Acquisition and Development, you will gain the ability to assess the value of IT investment. First, you will learn how to audit IT programs and projects. Then, you will discover how to evaluate a business case and feasibility study. Finally, you will develop the skills to review the maturity and use of various software development methodologies. By the end of this course, you will be able to examine the process of selecting and evaluating the design is suitable controls to mitigate IT risk.

Table of contents
  1. Course Overview
  2. Project Governance and Management
  3. Business Case and Feasibility
  4. Systems Development Methodologies
  5. Control Identification and Design

Information Systems Auditing: Implementation

by Kevin Henry

Dec 17, 2019 / 1h 44m

1h 44m

Start Course
Description

Many IT systems are designed to be secure but are not implemented correctly. This course, Information Systems Auditing: Implementation, will teach you the techniques of auditing the implementation of information systems. First, you will learn how to audit the process of testing and implementation. Then, you will discover how to ensure a secure deployment of the system. Finally, you will understand value of post-implementation review and feedback. By the end of this course, you will have a solid foundation of auditing the implementation of information systems.

Table of contents
  1. Course Overview
  2. Implementation and Testing
  3. Deployment and Configuration
  4. Post-implementation Review

Information Systems Operations: Monitoring

by Kevin Henry

Dec 25, 2019 / 1h 49m

1h 49m

Start Course
Description

There is a plethora of knowledge that is essential for you as an information systems auditor. In this course, Information Systems Operations: Monitoring, you will learn the skills needed to monitor and evaluate information systems and to provide insightful information regarding the operation and performance of those systems. First, you will gain an understanding of the various types of systems. Next, you will discover the operational procedures needed to operate those systems reliably. Finally, you will explore databases and their role in supporting business operations. By the end of this course, you will have the skills you need to assess, evaluate, and report on information systems.

Table of contents
  1. Course Overview
  2. Auditing IT Systems Configurations
  3. Change Control
  4. Database Management

Information Systems Operations: Resilience

by Kevin Henry

Feb 28, 2020 / 1h 56m

1h 56m

Start Course
Description

Assessing the ability of an organization to manage incidents and recover from crisis is crucial for an auditor. In this course, Information Systems Operations: Resilience, you will learn the foundational knowledge needed to audit an organization's business continuity management system. First, you will learn the process of incident management. Next, you will discover how to review a business impact analysis and to assess business continuity plans. Finally, you will explore how to provide oversight for Disaster Recovery Plans and provide management with valued feedback on the resilience and preparedness of the organization to handle any crisis. By the end of this course, you'll be knowledgeable in the methods of auditing, resilience, and capabilities of an organization.

Table of contents
  1. Course Overview
  2. Assessing System Resilience
  3. Auditing Incident Management
  4. Assessing Business Resilience and Business Impact Analysis (BIA)
  5. Business Continuity Plans (BCP)
  6. Disaster Recovery Plans (DRP)

Information Systems Asset Protection: Asset Security

by Kevin Henry

Apr 13, 2020 / 56m

56m

Start Course
Description

Adequately protecting the assets of an organization is a must in the role of an information systems' auditor. In this course, Information Systems Asset Protection: Asset Security, you will learn the essential skills required by information systems' auditors to evaluate the protection of the many assets of the organization. First, you will explore a review of asset security frameworks. Next, you will discover how to protect data through privacy and data classification. Finally, you will take a look at the review of encryption algorithms and implementation to ensure that data is protected in storage and transit. When you are finished with this course, you will have a solid knowledge of how to review the protection of assets and security frameworks.

Table of contents
  1. Course Overview
  2. Asset Security Frameworks
  3. Privacy and Data Classification
  4. Data Encryption Assessment

Information Systems Asset Protection: Securing System Components

by Kevin Henry

Apr 25, 2020 / 2h 59m

2h 59m

Start Course
Description

The IT auditor needs a diverse range of skills and expertise as addressed in this course to evaluate systems' security. In this course, Information Systems Asset Protection: Securing System Components, you will learn how to audit the security functionality of the many different components of information systems - ranging from networks and storage to end point devices and applications. This knowledge is essential for the auditor to be able to evaluate and report on the effective and secure operation of information systems. First, you will learn about identity and access management. Then, you will address network security. Finally, you will explore physical and environmental security and examining applications and virtual environments. When you are finished with this course, you will have the knowledge necessary to provide skilled audits of information systems' security.

Table of contents
  1. Course Overview
  2. Identity and Access Management
  3. Network and End-point Security
  4. Physical and Environmental Security
  5. Auditing Web and Virtual Environments

Information Systems Asset Protection: Monitoring

by Kevin Henry

May 1, 2020 / 1h 30m

1h 30m

Start Course
Description

Learning about the techniques and methodologies used to gain insight into control effectiveness is essential for an auditor to instigate IT risk. In this course, Information Systems Asset Protection: Monitoring, you will learn how to develop the skills necessary to observe and analyze information systems' controls. First, you will discover how to measure compliance and audit IT system configurations. Then, you will examine the maturity of the change control process. Finally, you will learn how to assess the security and reliability of databases. When you are finished with this course, you will have essential skills necessary to provide technical audits of Information systems and their implementation.

Table of contents
  1. Course Overview
  2. System Attacks
  3. Security Testing and Monitoring
  4. Investigating Incidents