Cyber Security Category

Certified Information Systems Auditor (CISA®) Online Review Course - Self-paced

  • Length 365 days access
Course overview
Book now

Why study this course

Certified Information Systems Auditor (CISA®) is designed for those who audit, control, monitor and assess an enterprise’s information technology and business systems. CISAs are recognised internationally as professionals with the assurance knowledge, skills, experience and credibility necessary to leverage standards, manage vulnerabilities, ensure compliance, offer solutions, validate controls and deliver value to the enterprise.

The CISA Online Review Course provides online, on-demand instruction and is ideal for preparing audit, assurance, control, security, and cyber security professionals for the CISA certification exam.

The course covers all five of the CISA domains, and each section corresponds directly to the CISA job practice. It uses proven instructional design techniques, incorporating an online pre-assessment, narrated interactive eLearning modules, downloadable job aids, and a practice exam.

You will be able to navigate the course at your own pace following a recommended structure or target preferred job practice areas. You may also start and stop the course based on your preferred study schedule, picking up exactly where you left off the next time you return.

This course has a seat time of approximately 16 hours and is accessed via the Learning Access tab of your MyISACA dashboard.

Please note: The exam is not included in the course fee but can be purchased separately. Please contact us for a quote.

Request Course Information


What you’ll learn

  • Providing audit services in accordance with standards to assist organisations in protecting and controlling information systems  

  • Identify critical issues and recommend enterprise-specific practices to support and safeguard the governance of information and related technologies. 

  • Information systems acquisition, development and implementation 

  • Information systems operations and business resilience protection of information assets 


ISACA Accredited Elite Partner Logo

ISACA at Lumify Work

ISACA provides practical guidance, benchmarks and other effective tools for all enterprises that use information systems. Through its comprehensive guidance and services, ISACA defines the roles of information systems governance, security, audit and assurance professionals worldwide.

Lumify Work is an Accredited Elite Partner of ISACA.


Who is the course for?

This course is designed for mid-career IS audit, control and assurance professionals looking to leverage career growth, including:

  • IT Audit Directors, Managers, and Consultants

  • IT Auditors

  • Compliance/Risk/Privacy Directors

  • IT Directors, Managers, and Consultants


Course subjects

Domain 1 - Information Systems Auditing Process

  • Plan an audit to determine whether information systems are protected, controlled, and provide value to the organisation.

  • Conduct an audit in accordance with IS audit standards and a risk-based IS audit strategy.

  • Communicate audit progress, findings, results and recommendations to stakeholders.

  • Conduct audit follow-up to evaluate whether risk has been sufficiently addressed.

  • Evaluate IT management and monitoring of controls.

  • Utilise data analytics tools to streamline audit processes.

  • Provide consulting services and guidance to the organisation in order to improve the quality and control of information systems.

Domain 2 - Governance and Management of IT

  • Evaluate the IT strategy for alignment with the organisation’s strategies and objectives.

  • Evaluate the effectiveness of IT governance structure and IT organisational structure.

  • Evaluate the organisation’s management of IT policies and practices.

  • Evaluate the organisation’s IT policies and practices for compliance with regulatory and legal requirements.

  • Evaluate IT resource and portfolio management for alignment with the organisation’s strategies and objectives.

  • Evaluate the organisation’s risk management policies and practices.

  • Evaluate IT management and monitoring of controls.

  • Evaluate the monitoring and reporting of IT key performance indicators (KPIs).

  • Evaluate whether IT supplier selection and contract management processes align with business requirements.

  • Evaluate whether IT service management practices align with business requirements.

  • Conduct periodic review of information systems and enterprise architecture.

  • Evaluate data governance policies and practices.

  • Evaluate the information security program to determine its effectiveness and alignment with the organisation’s strategies and objectives.

Domain 3 - Information Systems Acquisition, Development and Implementation

  • Evaluate whether the business case for proposed changes to information systems meet business objectives.

  • Evaluate the organisation’s project management policies and practices.

  • Evaluate controls at all stages of the information systems development life cycle.

  • Evaluate the readiness of information systems for implementation and migration into production.

  • Conduct post-implementation review of systems to determine whether project deliverables, controls and requirements are met.

  • Evaluate change, configuration, release, and patch management policies and practices.

Domain 4 - Information Systems Operations and Business Resilience

  • Evaluate the organisation’s ability to continue business operations.

  • Evaluate whether IT service management practices align with business requirements.

  • Conduct periodic review of information systems and enterprise architecture.

  • Evaluate IT operations to determine whether they are controlled effectively and continue to support the organisation’s objectives.

  • Evaluate IT maintenance practices to determine whether they are controlled effectively and continue to support the organisation’s objectives.

  • Evaluate database management practices.

  • Evaluate data governance policies and practices.

  • Evaluate problem and incident management policies and practices.

  • Evaluate change, configuration, release, and patch management policies and practices.

  • Evaluate end-user computing to determine whether the processes are effectively controlled

Domain 5 - Protection of Information Assets

  • Conduct audit in accordance with IS audit standards and a risk-based IS audit strategy.

  • Evaluate problem and incident management policies and practices.

  • Evaluate the organisation’s information security and privacy policies and practices.

  • Evaluate physical and environmental controls to determine whether information assets are adequately safeguarded.

  • Evaluate logical security controls to verify the confidentiality, integrity, and availability of information.

  • Evaluate data classification practices for alignment with the organisation’s policies and applicable external requirements.

  • Evaluate policies and practices related to asset life cycle management.

  • Evaluate the information security program to determine its effectiveness and alignment with the organisation’s strategies and objectives.

  • Perform technical security testing to identify potential threats and vulnerabilities.

  • Evaluate potential opportunities and threats associated with emerging technologies, regulations, and industry practices.


Prerequisites

It is recommended that you have familiarity with and experience in information systems auditing, control or security.

To earn the CISA certification, a candidate must pass the CISA Exam and also meet the additional criteria as determined by ISACA.


Terms & Conditions

The supply of this course by Lumify Work is governed by the booking terms and conditions. Please read the terms and conditions carefully before enrolling in this course, as enrolment in the course is conditional on acceptance of these terms and conditions.


Request Course Information

Select and book a course

Options

Can't find a date you like?

Contact sales