Lifetime
An ITU Online Training exclusive. The only Buy Once, Never Pay for IT training again program available. Plus, get all new and updated content for life.
- +1 855.488.5327
- customerservice@ituonline.com
- Mon - Fri: 9:00am - 5:00pm ET
Certified Information Systems Auditor (CISA)
CISAs are comparable to what CPAs and CAs are to the accounting industry. They uphold high standards, manage risks, promote compliance, offer solutions, Governance & Management, institute controls and deliver enterprise value. Due to their audit experience skillset and credibility CISAs are recognized internationally as professionals in this field.
Included In This Course
Included In This Course
12 Hrs 37 Min
74 On-demand Videos
Closed Captions
7 Topics
55 Prep Questions
Certificate of Completion
Course Description
Why do I need the CISA certification exam?
Elevate your professional experience and catapult yourself to the next level in your career with ISACA’s Certified Information Systems Auditor (CISA). It is globally acknowledged as the benchmark of accomplishment for those who audit, monitor, control and assess a business or organization’s IT systems. Professionals in this career will make recommendations to management based on findings. CISA holds an unparalleled reputation that will guarantee you success as you advance on your professional journey
Who should take the CISA Exam
If you are a beginner to mid-career IT expert, CISA certification can help boost your tactical skills and credibility and demonstrate that you are capable of implementing a risk-based audit process. Achieve recognition in both internal and external interactions such as with regulators, auditors, customers and more when you obtain your CISA credentials! This is an important stepping stone for certification holders to furthering your career within the industry.
Being a Certified Information Systems Auditor is to Audit what CPA and CA are to Accounting. As one of the most sought-after credentials in the industry, CISAs possess a wide range of abilities, qualifications and technical knowledge – from upholding standards to managing vulnerabilities – that make them essential for any company looking to maximize profitability. They are considered experts at compliance management, providing innovative solutions and implementing effective controls which ultimately yield tremendous value for businesses across sectors on an international scale.
CISA job practice analysis has been completed by ISACA. This analysis resulted in a new CISA job practice that reflects the vital and evolving responsibilities of IT auditors. The new CISA job practice was effective beginning with the CISA exam administration in June 2011. For purposes of these statements, the terms “enterprise” and “organization” or “organizational” are considered synonymous.
Comprehensive exam overview
This certification test consists of 150 questions that assess five distinct domains related to real-world work experience. By successfully completing this assessment, you’ll be able to display substantial proof of proficiency in all these areas!
The CISA job practice offers a wide range of domains, subtopics and supporting tasks related to the field of information systems audit, assurance and control. Developed through robust research with input from international subject matter experts and prominent industry leaders alike, it is designed to reflect practical knowledge and real-world work performed in this sector.
Job Practice Domains
- 21% of the exam covers information systems auditing process
- 17% of the exam covers governance and management of IT
- 12 % is on information systems acquisition, development and implementation
- 23% of the test covers information systems operations and business resilience
- 27% covers protection of information assets
Various jobs and roles within the information security field as a Information Systems Auditor (CISA) certificate holders.
- Technology Auditor
- Certified Internal Auditor
- Systems Auditor and Audit Managers (or Internal Audit Manager)
- Compliance Analyst
- Security Officer
- Chief Technology Officer
- Privacy Officers
Key Term Knowledge Base: Key Terms Related to Certified Information Systems Auditor (CISA)
Understanding the key terms related to the Certified Information Systems Auditor (CISA) certification is essential for professionals aiming to establish or advance their careers in IT and information systems auditing. Familiarity with these terms not only aids in grasping the complex concepts involved in systems auditing but also in effectively preparing for the CISA certification exam. This knowledge base serves as a foundational guide to the terminologies used in the field of information systems auditing.
| Term | Definition |
|---|---|
| CISA (Certified Information Systems Auditor) | A globally recognized certification for Information Systems Auditing professionals, focusing on information systems control, assurance, and security. |
| ISACA (Information Systems Audit and Control Association) | An international professional association focused on IT governance, responsible for the CISA certification. |
| IT Governance | The framework for managing and controlling an organization’s information technology strategies and resources. |
| Information Systems Audit | The examination and evaluation of an organization’s information technology infrastructure, policies, and operations. |
| Risk Management | The process of identifying, assessing, and controlling threats to an organization’s capital and earnings. |
| Control Objectives | Statements describing the desired result or purpose to be achieved by implementing control procedures in a particular IT activity. |
| Compliance | Adherence to laws, regulations, guidelines, and specifications relevant to an organization’s business. |
| Information Security Management | The process of protecting information assets from threats to ensure business continuity, minimize risks, and maximize return on investments. |
| Business Continuity Planning | The process of creating systems of prevention and recovery to deal with potential threats to a company. |
| Disaster Recovery | Strategies and plans for recovering from significant disruptions to a business’s IT systems. |
| Internal Control | A process, affected by an organization’s structure, that helps to assure objectives related to operations, reporting, and compliance are achieved. |
| Audit Risk | The risk that an auditor expresses an inappropriate opinion on financial statements due to an error or omission. |
| IT Infrastructure | The set of hardware, software, networks, facilities, etc., required to develop, test, deliver, monitor, control, or support IT services. |
| Data Analytics | The process of examining data sets to draw conclusions about the information they contain. |
| Cybersecurity | The practice of protecting systems, networks, and programs from digital attacks. |
| Encryption | The process of converting information or data into a code to prevent unauthorized access. |
| Vulnerability Assessment | The process of identifying, quantifying, and prioritizing vulnerabilities in a system. |
| Incident Management | The process of managing the lifecycle of all incidents to ensure timely resolution and minimal impact. |
| IT Service Management (ITSM) | The activities involved in designing, creating, delivering, supporting, and managing the lifecycle of IT services. |
| Regulatory Compliance | Ensuring that an organization adheres to relevant laws, regulations, standards, and ethical practices. |
| Network Security | The practice of preventing and protecting against unauthorized intrusion into corporate networks. |
| IT Asset Management | The set of business practices that join financial, contractual, and inventory functions to support lifecycle management and strategic decision-making for IT environments. |
| Change Management | A systematic approach to dealing with the transition or transformation of an organization’s goals, processes, or technologies. |
| Data Integrity | The accuracy and consistency of stored data over its entire lifecycle. |
| Segregation of Duties (SoD) | A key concept of internal controls that prevents conflict of interest and fraud by dividing responsibilities among different people. |
This list covers fundamental concepts in information systems auditing and is crucial for anyone preparing for the CISA certification or working in related fields.
Frequently Asked Questions About Certified Information Systems Auditor (CISA)
What is the CISA Certification?
The CISA (Certified Information Systems Auditor) is a globally recognized certification for IS auditing professionals, focusing on information systems control, assurance, and security.
Who should pursue the CISA certification?
Professionals in IT audit, control, assurance, and information security are ideal candidates for the CISA certification. It’s especially beneficial for IT auditors and consultants.
What are the prerequisites for taking the CISA exam?
There are no formal prerequisites for taking the exam, but to obtain the certification, candidates must have five years of professional information systems auditing, control, or security work experience.
What topics are covered in the CISA exam?
The CISA exam covers five domains: Information Systems Auditing Process; Governance and Management of IT; Information Systems Acquisition, Development, and Implementation; Information Systems Operations and Business Resilience; Protection of Information Assets.
How can one prepare for the CISA exam?
Preparation typically involves a mix of formal training courses, self-study, and review of the CISA Review Manual and other ISACA resources. Practice exams are also crucial for understanding the exam format and question style.
Proudly DisplayYour Achievement
Upon completion of your training, you’ll receive a personalized certificate of completion to help validate to others your new skills.
Course Outline
Certified Information Systems Auditor (CISA) Course Content
Module 1 - The Audit Process
Introduction
Audit Process
Auditing Standards
Auditing Guidelines
Cobit Model
Audit Management
Internal Control Classifications
Planning
Program
Evidence
Audit Control Evaluation
CSA Control Self-Assessment
Module 2 - Audit Governance and Compliance
IT Governance
Governance & Security Policies
Outsourcing & Governance
Outsourcing & Globalization
Organizational Compliance
IT Strategy
IT Performance
Module 3 - System Infrastructure, Project Management, and Testing
System & Infrastructure
Requirements
Project Management Tools - Part 1
Project Management Tools - Part 2
Applications
Agile Development
Monitoring & Controlling
Acquisition Process
Testing Process
Information Systems Maintenance Practices
Data Conversion Tools
Module 4 - Media Disposal, Reviews, and System Maintenance
Media Disposal Process
Post Implementation Review
Periodic Review
System Maintenance
Module 5 - IT Service Level Management
IT Service Delivery and Support
How to Evalutate Service Level Management Practices
Operations Management
Databases
Structured Query Language (SQL)
Monitoring Performance
Source Code and Perfomance Monitoring
Patch Management
Incident Management
Hardware Component Types
Network Component Types
Module 6 - Auditor Technical Overview
IS Auditor Technical Overview
Security Design
Monitoring Systems
Types of Attacks
Cryptography
Encryption
Asymmetric Encryption
Digital Certificate
Different Kinds of Attacks
Access Controls
Identification and Authenication
Physical Access Exposure
Environmental Security
Network Security Devices and Network Components
Network Address Translation
Virtual Private Networks (VPNs)
Voice System Risks
Intrusion Detection
Firewalls
Firewall Implementation
Network Access Protection
HoneyPot
Risks to Portable and Wireless Devices
Bluetooth
OSI Networking
Managing Data
Module 7 - Business Continuity and Disaster Recovery
Business Continuity and Disaster Recovery
Fault Tolerance
Business Continuity and Disaster Recovery Regulations
ITU OnlineYour Training Instructor
Chrys Thorsen is an education and technology expert who specializes in enterprise-level IT infrastructure consulting and certified training-of-trainers. In her career, she has garnered over 50 IT Certifications including CISSP, CISA, CEHv12, PenTest+, CompTIA CNVP, Cisco CCSI/CCNP, Microsoft Cloud and on-premises technologies, VMware vSphere, and many more. She has also authored 40 published certification textbooks, and over 35 full-length IT certification video courses.
When not working in the United States, Chrys spends her time abroad capacity-building IT literacy in developing nations in Sub-Saharan Africa. Her client list has included: the US Federal Government, the Republic of Zambia Ministry of Health, Cavendish University Zambia, Accenture, JP Morgan Chase, the US Centers for Disease Control and Prevention, the Elizabeth Glaser Pediatric AIDS Foundation (EGPAF), Hughes Aircraft, Microsoft, and many more.
Chrys lives by, and is fond of repeating, her professional creed:
“The only true measure of success for any project or training is results on the ground. Everything else is just noise.” “I teach what I deploy; I deploy what I teach.”
Subscribe To All-Access
Lock In $14.99 / Month Forever
Start this course for free with our 10-day trial of the all-access subscription providing access to over 2,600 hours of training.
$49.00 $14.99 Monthly
OR
$49.00
Certified Information Systems Auditor (CISA)
Certified Information Systems Auditor (CISA)
Additional Options to Access This Training
This training is also part of our extensive training library containing over 225 courses, 12,000+ videos and over 19,000 practice test questions.
Monthly All-Access Subscription
7 Days Free - $39.00 / month
A great option at an affordable monthly price.
Annual All-Access Subscription
$229 / year
A discounted price when paying for your All Access library on an annual basis.
Lifetime All-Access Library
$379 One time payment
Exceptional Value. Pay once, never have to buy IT training again.
Related Courses
ON SALE 40% OFF
ON SALE 40% OFF
$53.40
Learn the essential skills needed to succeed in a cyber security career with our comprehensive online training course. Enroll now at ITU Online.
Take advantage of this great online cybersecurity training package that covers everything from ethical hacking to penetration testing to securing networks…and more! This online cybersecurity training series contains over 275 hours of cybersecurity on-demand videos and is available at an exceptional price.
$49.00
Be a skilled penetration tester with CompTIA PenTest+ PT0-001! Get certified today and enhance your job prospects in the field of cybersecurity.
In this comprehensive IT course, you’ll acquire in-depth knowledge and practical skills in penetration testing, also known as pentesting, which are crucial for obtaining your pentest certification. The curriculum is designed to cover a wide range of topics, including client engagement, documentation procedures, and both passive and active reconnaissance techniques. You’ll gain expertise in system hacking across various platforms like Windows, Linux, and mobile devices. The course also includes modules on physical security testing and social engineering tactics to assess the resilience of your organization’s human element.
$49.00
Master the skills to effectively manage SQL Server with our Microsoft 70-764 training course. Get started today!
The Microsoft 70-764 SQL Server 2016 Administration course is designed to equip students with all the skills and knowledge necessary for them to confidently pass the Microsoft Certification Exam 70-764. By mastering this program, learners will be fully capable of administering a complete Microsoft SQL 2016 server solution – from installation through maintenance tasks.
