YoVDO

CISA Cert Prep: 1 Auditing Information Systems for IS Auditors

Offered By: LinkedIn Learning

Tags

CISA Certification Courses Cybersecurity Courses Risk Analysis Courses Internal Control Courses Information Systems Auditing Courses

Course Description

Overview

Get the knowledge you need to prepare for the Certified Information Systems Auditor (CISA) certification exam.

Syllabus

Module 1: Information Systems Auditing Process
  • CISA welcome and intro
  • Introduction to IS audit
  • Information Technology Assurance Framework (ITAF)
  • Audit strategy
  • Laws and regulations
  • Business processes
  • Types of controls
  • Risk-based audit, part 1
  • Risk-based audit, part 2
  • Audit execution
  • Audit evidence collection
  • Sampling
  • Communication of results
  • Additional types of audit
Module 2: Governance and Management of IT
  • Enterprise risk management
  • Introduction to IT governance
  • IT frameworks
  • Frameworks continued
  • Enterprise architecture
  • Evaluation of controls
  • Evaluation criteria
  • Information security strategy
  • Information security program
  • Quality control and security management
  • Roles and responsibilities
Module 3: Information Systems Acquisition, Development, and Implementations
  • Introduction To project management
  • Project management lifecycle
  • Project management documents throughout the lifecycle
  • Software development methodologies
  • Hardware and software acquisitions
  • Control identification and design
  • Testing
  • System migration and changeover
Module 4: Information Systems Operations and Business Resilience
  • Introduction
  • Data governance
  • The data lifecycle
  • Software and systems and APIs
  • Cloud deployment
  • Problem and incident management
  • IS operations
  • Database management
  • Redundancy
  • Business continuity, part 1
  • Components of the plan
  • Business continuity, part 2
Module 5: Information Asset Security and Control
  • Introduction and privacy principles
  • Physical and environmental controls
  • Identity and access management
  • SOCs and SLAs
  • Networking basics
  • The OSI and TCP reference models
  • OSI Layers 1 and 2
  • OSI Layers 3–7 and TCP model
  • Network devices
  • NAT and PAT
  • Firewalls
  • Additional security devices, part 1
  • Additional security devices, part 2
  • Cryptography basics
  • Symmetric cryptography
  • Asymmetric cryptography
  • Hybrid cryptography
  • Integrity
  • PKI and wrap-up
  • Wireless security
  • Indicators of attacks, part 1
  • Indicators of attacks, part 2
  • Indicators for application attacks
  • Cross-site attacks
  • Timing attacks
  • Memory issues
  • Network-based attacks
  • Threat actors and vectors

Taught by

Michael Lester and Human Element LLC

Related Courses

Information Systems Auditing and Governance
Packt via Coursera Information Systems Operations and Business Resiliency
Packt via Coursera Protection of Information Assets
Packt via Coursera Systems Acquisition, Development and Implementation
Packt via Coursera Certified Information Systems Auditor (CISA)
Cybrary