CISА Exam review course 2021

CISA^© Review Course 2021

4-8 Octobеr 2021, 9:30-17:30,Kyiv, Grushevskogo, 30/1

The training programme is based on the CISA^©  formal certification programme*, approved an agreed by ISACA ^©

 

CISA^© (Certified Information Systems Auditor) is an independent and most powerful certification offered for IT auditors.  CISA certification is ANSI accredited programme accepted and recognised at the country-wide level globally.

Training Objectives
Upon completion of the training programme, the participants will gain insight into/be able to address:

• IT audit goals and objectives and its role in the internal control system;
• techniques applicable to audit planning and performance, and information and audit evidence collection;
• audit and performance assessment of the internal control system in management, operating activities and IT support;
• IT risk management audits;
• IT security audits;
• Preparation for CISA ^© certification

Training Methodology

• Training is provided by accredited CISA ^© trainers and includes an analysis of case studies.
• The training programme offers hands-on exercises.
• Training is provided in Ukrainian/Russian with English handouts
• Upon completion of the training programme, the participants will pass CISA sample exam including a detailed discussion of questions.

The training programme encompasses theoretical and practical skills in IT audit:

• a role of IT audit in internal control and IT security management systems;
• an approach to audit engagement planning and performance;
• skills of description of IT controls and response to IT risks.

Target Audience
The training programme is designed for IT managers and professionals, information and operation risk management professionals, and IT security, internal control and IT audit professionals.

Distinctive Benefits for Your Business
The training programme aims at improving alignment between your organisation’s IT and broader business needs and objectives, and at realigning IT audit value proposition.

Deliverables for trainees

• 40 CPE from ISACA Kyiv Chapter
• Access to course recording
• Personal overview of sample exam results
• Ongoing support of individual preparation and certification process till being certified
• Voucher for certification exam within 12 month
• Questions database subscription for 12 month
• Application fee

CISA ^© COURSE STRUCTURE

Introduction

• About the CISA Exam
• Certification Steps

Domain 1. Information System Auditing Process

1. Planning
   • IS Audit Standards, Guidelines and Codes of Ethics
   • Business Processes
   • Types of Controls
   • Risk-Based Audit Planning
   • Types of Audits and Assessments
2. Execution
   • Audit Project Management
   • Sampling Methodology
   • Audit Evidence Collection Techniques
   • Data Analytics
   • Reporting and Communication Techniques
   • Quality Assurance and Improvement of the Audit Process

Domain 2. Governance and management of IT

1. IT Governance
   • IT Governance and IT Strategy
   • IT-Related Frameworks
   • IT Standards, Policies, and Procedures
   • Organizational Structure
   • Enterprise Architecture
   • Enterprise Risk Management
   • Maturity Models
   • Laws, Regulations, and Industry Standards Affecting the Organization
2. IT Management
   • IT Resource Management
   • IT Service Provider Acquisition and Management
   • IT Performance Monitoring and Reporting
   • Quality Assurance and Quality Management of IT

Domain 3. Information systems acquisition, development, and implementation

1. Information Systems Acquisition and Development
   • Project Governance and Management
   • Business Case and Feasibility Analysis
   • System Development Methodologies
   • Control Identification and Design
2. Information System Implementation
   • Testing Methodologies
   • Configuration and Release Management
   • System Migration, Infrastructure Deployment, and Data Conversion
3. Post-Implementation Review

Domain 4. Information systems operations, maintenance and support

1. Information System Operations:
   • Computer Hardware Components and Architectures
   • IT Asset Management
   • System Interfaces
   • End-User Computing
   • Data Governance
   • Systems Performance Management
   • Problem and Incident Management
   • Change, Configuration, Release, and Patch Management
   • IT Service Level Management
   • Database Management
2. Business Resilience
   • Business Impact Analysis (BIA)
   • System Resiliency
   • Data Backup, Storage, and Restoration
   • Business Continuity Plan (BCP)
   • Disaster Recovery Plans (DRPs)

Domain 5. Protection of information assets

1. Information Asset Security and Control
   • Introduction
   • Information Asset Security Frameworks, Standards, and Guidelines
   • Privacy Principles
   • Physical Access and Environmental Controls
   • Identity and Access Management
   • Network and End-point Security
   • Data Classification
   • Data Encryption and Encryption-related Techniques
   • Public Key Infrastructure (PKI)
   • Web-based Communication Technologies
   • Virtualized Environments
   • Mobile, Wireless, and Internet-of-Things (IOT) Devices
2. Security Event Management
   • Security Awareness Training and Programs
   • Information System Attack Methods and Techniques
   • Security Testing Tools and Techniques
   • Security Monitoring Tools and Techniques
   • Incident Response Management
   • Evidence Collection and Forensics

Sample CISA exam

1. Exam structure
2. Detailed answers to exam questions.

Trainer
Anastasiia Konoplova, CISA, CRISK, CDPSE, CISA Trainer, owner &CEO of LLC UAG (continuity since 1999), ISACA Kyiv Chapter President 2018-2020, master of economics (economic cybernetics), experience in assurance and consulting in risk, information technology management and information security management systems since 2005.

 

Timing:

• Time: 9.30 am - 5.30 pm
• 5 days (40 academic / CPD hours)

CPE information:

Upon successful completion of the training, students will be awarded Course Completion Certificates (40 CPE) from ISACA Kyiv.