Module 01 Understanding Processes of Auditing Information Systems
1.1 Management of IS Audit Function; 1.2 ISACA IS Audit and Assurance Standards and Guidelines; 1.3 Risk Analysis; 1.4 Internal Controls; 1.5 Performing an IS Audit; 1.6 Control Self-assessment; 1.7 The Evolving IS Audit Process
Module 02 Commencing Governance and the Management of Information Technology
2.1 Corporate Governance; 2.2 Governance of Enterprise IT; 2.3 Information Systems Strategy; 2.4 Maturity and Process Improvement Models; 2.5 IT Investment and Allocation Practices; 2.6 Policies and Procedures; 2.7 Risk Management; 2.8 Information Systems Management Practice; 2.9 IS Organisational Structure and Responsibilities; 2.10 Auditing IT Governance Structure and Implementation; 2.11 Business Continuity Planning; 2.12 Auditing Business Continuity
Module 03 Valuing IS Acquisition, Development and Maintenance
3.1 Benefits Realisation; 3.2 Project Management Structure; 3.3 Project Management Practice; 3.4 Business Application Development; 3.5 Business Application Systems; 3.6 Development Methods; 3.7 Infrastructure Development/Acquisition Practices; 3.8 Information Systems Maintenance Practices; 3.9 System Development Tools and Productivity Aids; 3.10 Process Improvement Practices; 3.11 Application Controls; 3.12 Auditing Application Controls; 3.13 Auditing System Development, Acquisition and Maintenance
Module 04 Comprehending IS Operations, Maintenance and Support
4.1 Information System Operations; 4.2 Information Systems Hardware; 4.3 IS Architecture and Software; 4.4 IS Network Infrastructure; 4.5 Auditing Infrastructure and Operations; 4.6 Disaster Recovery Planning
Module 05 Valuing Protection of Information Assets
5.1 Importance of Information Security Management; 5.2 Logical Access; 5.3 Network Infrastructure Security; 5.4 Auditing Information Security Management Framework; 5.5 Auditing Network Infrastructure Security; 5.6 Environmental Exposure and Controls; 5.7 Physical Access Exposures and Controls
25 – 29 Mar | Bangkok, Thailand
1. ISACA provides an Exam Candidate Information Guide. ISACA also provides a CISA Self Assessment Test to help you assess your knowledge.
2. 200 multiple choice question exam; test time of 4 hours. Passing score is 450. A retake is permitted.
3.The exam is paper-based and may be taken at selected test centres around the world.
Passing the exam does not grant the CISA designation – you must also earn the required job experience and submit a CISA application.
The exam fees are not included in the registration fees quoted and are to be purchased separately at ISACA. All information pertaining to registering for the exam, exam dates, test centres and maintaining your CISA is on the ISACA website.
Certification by :ISACA
ISACA is an independent, non profit, global association which engages in the development, adoption and global use of accepted, industry-leading knowledge and practices for information systems. With more than 100,000 members worldwide, ISACA provides practical guidance, benchmarks and other tools for the enterprise that uses information systems.
1. New or experienced IT/Info Security/Information Systems executives,managers or consultants;
2. Risk and Security managers, leaders and consultants;
3. Internal or External Auditors;
4. Those who are involved in or who manage Information Security, IT or auditing functions within their organisations or deliver such services to their clients.
At the end of the course, you will be able to :
i) provide audit services according to ISACA standards; ii) assist your organisation in protecting and controlling their IS; iii) ensure the practices of acquisition, development, testing and implementation of IS meet your organisational strategies and objectives; iv) provide assurances that the leadership, organisational structure and processes are in place to achieve objectives and support your organisation’s strategies; v) provide assurance as to the processes of information systems operations, maintenance and support; and vi) be assured that policies, standards, procedures and controls attain organisational information assets’ confidentiality, integrity and availability.
Job Practice Areas
1. A job practice serves the basis for the exam and experience requirements to earm the CISA. Each job practice comprises tasks and knowledge statements.
2. The five domains are :
i) Domain 1 – The Process of Auditing Information Systems (14%);
ii) Domain 2 – Governance and Management of IT (14%);
iii) Domain 3 – Information Systems Acquisition, Development and Implementation (19%);
iv) Domain 4 – Information Systems Operations, Maintenance and Support (23%); and
iv) Domain 5 – Protection of Information Assets (30%)
30 percent of the time will be devoted to important concepts and theory.70 percent will be allocated for discussion, presentation and case studies. Active participation through individual work and collaborative effort is encouraged.
You should have an educational background or working experience in Information Technology, Information Systems or Audit.
This course is brought to you in partnership with Goutama Bachtiar.
Training Grants – applicable to courses in Malaysia
Vertical Distinct Sdn Bhd is a PSMB (Pembangunan Sumber Manusia Berhad) Approved Training Provider and the courses offered in Malaysia are HRDF (Human Resource Development Fund) claimable. For guidelines and details on how to submit your application or claims to the HRDF, please visit HRDF.