This 5-day course prepares the CISA® Certified Information Systems Auditor exam by covering the entire Common Body of Knowledge (CBK) course, a common core of knowledge in security defined by the ISACA® Information Systems Audit and Control Association.
CISA certification is recognized around the world. It is aligned with the 28th Edition of the CBK, updated for 2024 Job Practice.
-Know the five major areas covered by CISA® certification
-Understand the concepts of IT audit and IT governance
-Preparing the CISA Certification Exam, ISACA Certified Security Auditor
A 5-Year experience is required to obtain CISA certification after passing the exam. You can still take the exam first, and must register on the ISACA website.
- Information System Directors
- Auditors,
- Responsible for Business Continuity
- CISO
- people for which the control of Information Security is fundamental in achieving their goals
Basic Knowledge in the Information System
Chapter 1: Information System Auditing Process
Part A: Planning
-IS Audit Standards, Guidelines, Functions and Code of Ethics
-Types of Audits, Assessments and Reviews
-Risk-Based Audit Planning
-Type of Controls and Considerations
Part B: Execution
-Audit Project Management
-Audit Testing and Sampling Methodology
-Audit Evidence Collection Techniques
-Audit Data Analytics
-Reporting and Communication Techniques
-Quality Assurance and Improvement of the Audit Process
Exercises: Multiple Choices Questions from previous CISA sessions (or comparable exams)
Chapter 2: Governance and Management of IT
Part A: IT Governance
-Laws, Regulations and Industry Standards
-Organizational Structure, IT governance and IT Strategy
-IT Policies, Standards, Procedures and Guidelines
-Enterprise Architecture Consideration
-Enterprise Risk Management
-Data Privacy Program and Principles
-Data Governance and Classification
Part B: IT Management
-IT Resource Management
-IT Vendor Management
-IT Performance Monitoring and Reporting
-Quality Assurance and Quality Management of IT
Exercises: Multiple Choices Questions from previous CISA sessions (or comparable exams)
Chapter 3: Information Systems Acquisition, Development and Implementation
Part A: Information Systems Acquisition and Development
-Project Governance and Management
-Business Case and Feasibility Analysis
-System Development Methodologies
-Control Identification and Design
Part B: Information System Implementation
-System Readiness and Implementation Testing
-Implementation Configuration and Release Management
-System Migration, Infrastructure Deployment and Data Conversion
-Post-implementation Review
Exercises: Multiple Choices Questions from previous CISA sessions (or comparable exams)
Chapter 4: Information Systems Operations and Business Resilience
Part A: Information Systems Operations
-IT Components
-IT Asset Management
-Job Scheduling and Production Process Automation
-System interfaces
-End-User Computing and Shadow IT
-Systems Availability and Capacity Management
-Problem and Incident Management
-IT Change, Configuration, and Patch Management
-Operational Log Management
-IT Service Level Management
-Database Management
Part B: Business Resilience
-Business Impact Analysis
-System and Operational Resilience
-Data Backup, Storage and Restoration
-Business Continuity Plan
-Disaster Recovery Plan
Exercise: Multiple Choices Questions from previous CISA sessions (or comparable exams)
Chapter 5: Protection of Information Assets
Part A: Information Asset Security and Control
-Information Asset Security Policies, Frameworks, Standard and Guideline
-Physical and Environmental Controls
-Identity and Access Management
-Network and Endpoint Security
-Data Loss Prevention
-Data Encryption
-Public Key Infrastructure
-Cloud and Virtualized Environment
-Mobile, Wireless and Internet-of-things
Part B: Security Event Management
-Security Awareness Training and Programs
-Information System Attack Methods and Techniques
-Security Testing Tools and Techniques
-Security Monitoring Logs, Tools and Techniques
-Security Incident Response Management
-Evidence Collection and Forensics
Exercices Multiple Choices Questions from previous CISA sessions (or comparable exams)
Preparation to the Exam
Blank Exam - Partial simulation of the examination carried out at the end of the training.
Registration to be made on the site www.isaca.org.
Presentation of the event: 3 hours of multiple choices questions with 150 questions to be chosen beforehand in French or in English.
Back Registration