About
The Certified Information Security Auditor (CISA) Certificate is globally recognized and designed to enhance the expertise of Information Systems (IS) professionals. This comprehensive certificate program equips individuals with in-depth knowledge of Information Systems Auditing, Control, and Security. It validates expertise in assessing vulnerabilities, reporting on compliance, and implementing controls within an enterprise IT environment.
Learning Objectives
- Develop a thorough understanding of information systems auditing processes.
- Learn IT governance and management principles.
- Gain expertise in systems acquisition, development, and implementation.
- Understand information systems operations, maintenance, and support.
- Master techniques for the protection of information assets.
Exam Information
- Format: Multiple-choice questions
- Total Questions: 100
- Duration: 3 hours
Eligibility
- No prerequisites are required
Target Audience
This certificate is ideal for:
- Information Security Professionals
- IT Auditors and Consultants
- IT Risk and Compliance Managers
- Cybersecurity Professionals
- IT Governance and Control Practitioners
- Professionals seeking to advance their career in IS auditing and security
Curriculum
Information Systems Auditing Process
- Information Systems Auditing Standards and Guidelines
- Business Process Evaluation
- Audit Strategy Development and Implementation
- Audit Planning and Execution
- Risk Management and Control Practices
IT Governance & Management
- IT Governance Frameworks and Effectiveness Evaluation
- IT Strategy and Policy Development
- Risk Management and Compliance Practices
- Business Continuity and Disaster Recovery Planning
Information Systems Development, Acquisition & Implementation
- IT Project Management Frameworks
- Software Development Lifecycle and Change Management
- System Migration and Implementation Readiness
- Post-Implementation System Review
Information Systems Operations, Maintenance & Support
- IT Service and Third-Party Management
- IT Operations and End-User Support
- Performance Monitoring and Incident Management
- Backup, Restore, and Disaster Recovery Procedures
Protection of Information Assets
- Information Security Design and Encryption
- Network Security and Access Controls
- Virtualization and Cloud Security Risks
- Data Classification and Environmental Security Controls
