Certified Information Systems Auditor (CISA) - ITU Online

Certified Information Systems Auditor (CISA)

CISAs are comparable to what CPAs and CAs are to the accounting industry. They uphold high standards, manage risks, promote compliance, offer solutions, Governance & Management, institute controls and deliver enterprise value. Due to their audit experience skillset and credibility CISAs are recognized internationally as professionals in this field.

Included In This Course

Included In This Course

Total Hours
12 Training Hours
Certified Information Systems Auditor (CISA)
74 On-demand Videos
Closed Caption

Closed Captions

Course Topics
7  Topics
Prep Questions
55 Prep Questions
Certified Information Systems Auditor (CISA)

Certificate of Completion

Course Description

Why do I need the CISA certification exam?

Elevate your professional experience and catapult yourself to the next level in your career with ISACA’s Certified Information Systems Auditor (CISA). It is globally acknowledged as the benchmark of accomplishment for those who audit, monitor, control and assess a business or organization’s IT systems. Professionals in this career will make recommendations to management based on findings. CISA holds an unparalleled reputation that will guarantee you success as you advance on your professional journey

Who should take the CISA Exam

If you are a beginner to mid-career IT expert, CISA certification can help boost your tactical skills and credibility and demonstrate that you are capable of implementing a risk-based audit process. Achieve recognition in both internal and external interactions such as with regulators, auditors, customers and more when you obtain your CISA credentials! This is an important stepping stone for certification holders to furthering your career within the industry.

Being a Certified Information Systems Auditor is to Audit what CPA and CA are to Accounting. As one of the most sought-after credentials in the industry, CISAs possess a wide range of abilities, qualifications and technical knowledge – from upholding standards to managing vulnerabilities – that make them essential for any company looking to maximize profitability. They are considered experts at compliance management, providing innovative solutions and implementing effective controls which ultimately yield tremendous value for businesses across sectors on an international scale.

CISA job practice analysis has been completed by ISACA. This analysis resulted in a new CISA job practice that reflects the vital and evolving responsibilities of IT auditors. The new CISA job practice was effective beginning with the CISA exam administration in June 2011. For purposes of these statements, the terms “enterprise” and “organization” or “organizational” are considered synonymous.

Comprehensive exam overview

This certification test consists of 150 questions that assess five distinct domains related to real-world work experience. By successfully completing this assessment, you’ll be able to display substantial proof of proficiency in all these areas!

The CISA job practice offers a wide range of domains, subtopics and supporting tasks related to the field of information systems audit, assurance and control. Developed through robust research with input from international subject matter experts and prominent industry leaders alike, it is designed to reflect practical knowledge and real-world work performed in this sector.

Job Practice Domains

  • 21% of the exam covers information systems auditing process 
  • 17% of the exam covers governance and management of IT 
  • 12 % is on information systems acquisition, development and implementation 
  • 23% of the test covers information systems operations and business resilience 
  • 27% covers protection of information assets 

Various jobs and roles within the information security field as a Information Systems Auditor (CISA) certificate holders.

  • Technology Auditor
  • Certified Internal Auditor
  • Systems Auditor and Audit Managers (or Internal Audit Manager)
  • Compliance Analyst
  • Security Officer
  • Chief Technology Officer
  • Privacy Officers

Key Term Knowledge Base: Key Terms Related to Certified Information Systems Auditor (CISA)

Understanding the key terms related to the Certified Information Systems Auditor (CISA) certification is essential for professionals aiming to establish or advance their careers in IT and information systems auditing. Familiarity with these terms not only aids in grasping the complex concepts involved in systems auditing but also in effectively preparing for the CISA certification exam. This knowledge base serves as a foundational guide to the terminologies used in the field of information systems auditing.

TermDefinition
CISA (Certified Information Systems Auditor)A globally recognized certification for Information Systems Auditing professionals, focusing on information systems control, assurance, and security.
ISACA (Information Systems Audit and Control Association)An international professional association focused on IT governance, responsible for the CISA certification.
IT GovernanceThe framework for managing and controlling an organization’s information technology strategies and resources.
Information Systems AuditThe examination and evaluation of an organization’s information technology infrastructure, policies, and operations.
Risk ManagementThe process of identifying, assessing, and controlling threats to an organization’s capital and earnings.
Control ObjectivesStatements describing the desired result or purpose to be achieved by implementing control procedures in a particular IT activity.
ComplianceAdherence to laws, regulations, guidelines, and specifications relevant to an organization’s business.
Information Security ManagementThe process of protecting information assets from threats to ensure business continuity, minimize risks, and maximize return on investments.
Business Continuity PlanningThe process of creating systems of prevention and recovery to deal with potential threats to a company.
Disaster RecoveryStrategies and plans for recovering from significant disruptions to a business’s IT systems.
Internal ControlA process, affected by an organization’s structure, that helps to assure objectives related to operations, reporting, and compliance are achieved.
Audit RiskThe risk that an auditor expresses an inappropriate opinion on financial statements due to an error or omission.
IT InfrastructureThe set of hardware, software, networks, facilities, etc., required to develop, test, deliver, monitor, control, or support IT services.
Data AnalyticsThe process of examining data sets to draw conclusions about the information they contain.
CybersecurityThe practice of protecting systems, networks, and programs from digital attacks.
EncryptionThe process of converting information or data into a code to prevent unauthorized access.
Vulnerability AssessmentThe process of identifying, quantifying, and prioritizing vulnerabilities in a system.
Incident ManagementThe process of managing the lifecycle of all incidents to ensure timely resolution and minimal impact.
IT Service Management (ITSM)The activities involved in designing, creating, delivering, supporting, and managing the lifecycle of IT services.
Regulatory ComplianceEnsuring that an organization adheres to relevant laws, regulations, standards, and ethical practices.
Network SecurityThe practice of preventing and protecting against unauthorized intrusion into corporate networks.
IT Asset ManagementThe set of business practices that join financial, contractual, and inventory functions to support lifecycle management and strategic decision-making for IT environments.
Change ManagementA systematic approach to dealing with the transition or transformation of an organization’s goals, processes, or technologies.
Data IntegrityThe accuracy and consistency of stored data over its entire lifecycle.
Segregation of Duties (SoD)A key concept of internal controls that prevents conflict of interest and fraud by dividing responsibilities among different people.

This list covers fundamental concepts in information systems auditing and is crucial for anyone preparing for the CISA certification or working in related fields.

Frequently Asked Questions About Certified Information Systems Auditor (CISA)

What is the CISA Certification?

The CISA (Certified Information Systems Auditor) is a globally recognized certification for IS auditing professionals, focusing on information systems control, assurance, and security.

Who should pursue the CISA certification?

Professionals in IT audit, control, assurance, and information security are ideal candidates for the CISA certification. It’s especially beneficial for IT auditors and consultants.

What are the prerequisites for taking the CISA exam?

There are no formal prerequisites for taking the exam, but to obtain the certification, candidates must have five years of professional information systems auditing, control, or security work experience.

What topics are covered in the CISA exam?

The CISA exam covers five domains: Information Systems Auditing Process; Governance and Management of IT; Information Systems Acquisition, Development, and Implementation; Information Systems Operations and Business Resilience; Protection of Information Assets.

How can one prepare for the CISA exam?

Preparation typically involves a mix of formal training courses, self-study, and review of the CISA Review Manual and other ISACA resources. Practice exams are also crucial for understanding the exam format and question style.

Proudly Display
Your Achievement

Upon completion of your training, you’ll receive a personalized certificate of completion to help validate to others your new skills.
Example Certificate

Course Outline

Certified Information Systems Auditor (CISA) Course Content

Module 1 - The Audit Process

  •    Introduction

  •    Audit Process

  •    Auditing Standards

  •    Auditing Guidelines

  •    Cobit Model

  •    Audit Management

  •    Internal Control Classifications

  •    Planning

  •    Program

  •    Evidence

  •    Audit Control Evaluation

  •    CSA Control Self-Assessment

Module 2 - Audit Governance and Compliance

  •    IT Governance

  •    Governance & Security Policies

  •    Outsourcing & Governance

  •    Outsourcing & Globalization

  •    Organizational Compliance

  •    IT Strategy

  •    IT Performance

Module 3 - System Infrastructure, Project Management, and Testing

  •    System & Infrastructure

  •    Requirements

  •    Project Management Tools - Part 1

  •    Project Management Tools - Part 2

  •    Applications

  •    Agile Development

  •    Monitoring & Controlling

  •    Acquisition Process

  •    Testing Process

  •    Information Systems Maintenance Practices

  •    Data Conversion Tools

Module 4 - Media Disposal, Reviews, and System Maintenance

  •    Media Disposal Process

  •    Post Implementation Review

  •    Periodic Review

  •    System Maintenance

Module 5 - IT Service Level Management

  •    IT Service Delivery and Support

  •    How to Evalutate Service Level Management Practices

  •    Operations Management

  •    Databases

  •    Structured Query Language (SQL)

  •    Monitoring Performance

  •    Source Code and Perfomance Monitoring

  •    Patch Management

  •    Incident Management

  •    Hardware Component Types

  •    Network Component Types

Module 6 - Auditor Technical Overview

  •    IS Auditor Technical Overview

  •    Security Design

  •    Monitoring Systems

  •    Types of Attacks

  •    Cryptography

  •    Encryption

  •    Asymmetric Encryption

  •    Digital Certificate

  •    Different Kinds of Attacks

  •    Access Controls

  •    Identification and Authenication

  •    Physical Access Exposure

  •    Environmental Security

  •    Network Security Devices and Network Components

  •    Network Address Translation

  •    Virtual Private Networks (VPNs)

  •    Voice System Risks

  •    Intrusion Detection

  •    Firewalls

  •    Firewall Implementation

  •    Network Access Protection

  •    HoneyPot

  •    Risks to Portable and Wireless Devices

  •    Bluetooth

  •    OSI Networking

  •    Managing Data

Module 7 - Business Continuity and Disaster Recovery

  •    Business Continuity and Disaster Recovery

  •    Fault Tolerance

  •    Business Continuity and Disaster Recovery Regulations

Add a review
Currently, we are not accepting new reviews
4.8
Based on 78 reviews
1-5 of 78 reviews
  1. Smooth delivery and easy access to LMS. Good to see that the LMS offers progress tracking. Would be great if badges were offered on completion of courses to share via Credly to future employers.

Your Training Instructor

Chrys Thorsen

Chrys Thorsen

Education and Technology Expert

Chrys Thorsen is an education and technology expert who specializes in enterprise-level IT infrastructure consulting and certified training-of-trainers. In her career, she has garnered over 50 IT Certifications including CISSP, CISA, CEHv12, PenTest+, CompTIA CNVP, Cisco CCSI/CCNP, Microsoft Cloud and on-premises technologies, VMware vSphere, and many more. She has also authored 40 published certification textbooks, and over 35 full-length IT certification video courses.

When not working in the United States, Chrys spends her time abroad capacity-building IT literacy in developing nations in Sub-Saharan Africa. Her client list has included: the US Federal Government, the Republic of Zambia Ministry of Health, Cavendish University Zambia, Accenture, JP Morgan Chase, the US Centers for Disease Control and Prevention, the Elizabeth Glaser Pediatric AIDS Foundation (EGPAF), Hughes Aircraft, Microsoft, and many more.

Chrys lives by, and is fond of repeating, her professional creed:

“The only true measure of success for any project or training is results on the ground. Everything else is just noise.” “I teach what I deploy; I deploy what I teach.”

Certified Information Systems Auditor (CISA)
 

$49.00

OR

Subscribe To All-Access
Lock In $14.99 / Month Forever

Gain access to this training and all our other courses, offering over 2,500 hours of content, with our cost-effective monthly subscription. No obligations. Cancel anytime.

$49.00 $14.99 Monthly

Certified Information Systems Auditor (CISA)

Certified Information Security Analyst (CISA)
Certified Information Systems Auditor (CISA)
Additional Options to Access This Training
This training is also part of our extensive training library containing over 225 courses, 12,000+ videos and over 19,000 practice test questions.

Monthly All-Access Subscription
7 Days Free - $39.00 / month

A great option at an affordable monthly price.

Annual All-Access Subscription
$229 / year

A discounted price when paying for your All Access library on an annual basis.

Lifetime All-Access Library
$379 One time payment

Exceptional Value. Pay once, never have to buy IT training again.

Related Courses

ON SALE 40% OFF
ON SALE 40% OFF
Cybersecurity Ultimate Training Series

$53.40

Learn the essential skills needed to succeed in a cyber security career with our comprehensive online training course. Enroll now at ITU Online.

Take advantage of this great online cybersecurity training package that covers everything from ethical hacking to penetration testing to securing networks…and more! This online cybersecurity training series contains over 275 hours of cybersecurity on-demand videos and is available at an exceptional price.

Add To Cart
ON SALE 40% OFF
ON SALE 40% OFF
Certified Ethical Hacker V11

$47.40

Become a certified ethical hacker with our affordable online course. Learn the skills needed to detect and prevent cyber attacks at ITU Online.

This 3 Course online cyber security ethical hacking program is the first step in becoming an ethical hacker. You will learn advanced hacking concepts how to select the appropriate tools for a cybersecurity penetration test and understand why they work. This class features real-world examples, walkthroughs of scenarios, and hands-on learning opportunities.

Add To Cart

$49.00

Become a Microsoft-certified expert in Lync Server with ITU’s 70-336 course. Get the skills you need to build and manage a unified communications solution.

In this Microsoft 70-336: MCSE Core Solutions Lync Server course you will learn how to design, plan, deploy, and maintain solutions for unified communications (UC). You will learn how to be proficient in deploying Lync Server solutions for end users, endpoint devices, telephony, audio/video and web conferences, security, and high availability. This course will also teach you how to monitor and troubleshoot Lync Server using Microsoft tools.

Add To Cart