CISA Bootcamp (Certified Information Systems Auditor)

This 5-day course prepares for the CISA® Certified Information Systems Auditor exam, covering the entire Common Body of Knowledge (CBK) as defined by the ISACA® (Information Systems Audit and Control Association).

Overview:
This training provides a comprehensive review of information security auditing concepts and industry best practices, covering the entire CISA CBK, aligned with the 28th Edition of the CBK, updated for 2024 Job Practice.

The CISA certification is recognized worldwide.

Outline:
Information Systems Auditing Process
Planning: IS Audit Standards and Types, Functions, Ethics, Risk-based Approach, Types of Controls and Considerations
Execution: Project Management, Testing and Sampling, Evidence Collection, Data Analytics, Reporting, QA, Process Improvement
Governance and Management of IT
IT Governance: Laws, Regulations and Industry Standards, Organisational Structures, IT Governance, Strategy, Policies, Procedures, Enterprise Architecture and Risk Management, Data Privacy, Governance and Classification
IT Management: IT Resource and Vendor Management, Performance Monitoring and Reporting, Quality Assurance
Information Systems Acquisition, Development and Implementation
Information Systems Acquisition and Development: Project Governance and Management, Business Case, Feasibility Analysis, System Development Methodologies, Control Identification and Design
Information System Implementation: System Readiness and Implementation Testing, Configuration and Release Management, System Migration, Infrastructure Deployment and Data Conversion, Post-Implementation Review
Information Systems Operation and Business Resilience
Information Systems Operations: Asset, Capacity, Incident, Problem, Change, Configuration, Log and Patch Management, Job Scheduling, End-User Computing and Shadow IT, Databases etc.
Business Resilience: BIA, Backup, Storage, Restoration and Recovery, Business Continuity and Disaster Recovery Plan
Protection of Information Assets
Information Asset Security and Control: Physical Controls, IAM, DLP, Network, Endpoint, Mobile, Wireless, Virtualization, Cloud and IoT Security, Encryption, PKI
Security Event Management: Security Awareness, Attacks, Testing, Monitoring, Incident Response, Evidence Collection and Forensics

Objectives:
Completion of this course will enable students to:
Know the 5 major areas covered by the CISA® certification
Understand the concepts of IT audit and IT governance
Preparing for the CISA Certification Exam, e.g. by using multiple choices questions from previous CISA sessions (or comparable exams).

Audience:
This course is aimed at students with (future) roles like:

Information system directors, CISOs
Auditors moving into the information security domain
Staff responsible for business continuity
People for which the control of information security is fundamental in achieving their goals

Prerequisites:
Basic knowledge of Information Systems is recommended.

Minimum of two students are required to run this course.

Examination and Certification:
This course has been designed and is delivered by Nitroxis and their trainers.

Note: this course does not include the CISA exam. This has to be taken at the dedicated test facilities as defined by ISACA. ISACA‘s certification requirements apply.