• Online, Self-Paced
Course Description

Discover keys to conducting a successful audit, its driving processes, and its underlying IT solutions in this 15-video course. Examine controls and audit reporting while preparing for the ISACA Certified Information Systems Auditor (CISA) exam. Key concepts covered here include: how information systems (IS) auditing shows whether IT solutions meet business objectives efficiently and effectively; the expectations of conduct for CISA-certified individuals; and how auditing standards provide guidance for conducting efficient audits. Learn about various types of documentation when preparing an IS audit; how to identify client needs that map to business objectives; and different categories of security controls, including internal business process controls, IT controls, and sampling types. You will learn about control objectives required to secure organizational assets along with the controls themselves; planning for audit funding, personnel, and related items; scheduling audit phases; and how to report serious discoveries, including fraud or serious IT vulnerabilities. Finally, see how to generate audit reports, including existing controls which have passed or failed communication with stakeholders after audit recommendations are reported; and how IS auditing identifies weak security controls.

Learning Objectives

Discover keys to conducting a successful audit, its driving processes, and its underlying IT solutions in this 15-video course. Examine controls and audit reporting while preparing for the ISACA Certified Information Systems Auditor (CISA) exam. Key concepts covered here include: how information systems (IS) auditing shows whether IT solutions meet business objectives efficiently and effectively; the expectations of conduct for CISA-certified individuals; and how auditing standards provide guidance for conducting efficient audits. Learn about various types of documentation when preparing an IS audit; how to identify client needs that map to business objectives; and different categories of security controls, including internal business process controls, IT controls, and sampling types. You will learn about control objectives required to secure organizational assets along with the controls themselves; planning for audit funding, personnel, and related items; scheduling audit phases; and how to report serious discoveries, including fraud or serious IT vulnerabilities. Finally, see how to generate audit reports, including existing controls which have passed or failed communication with stakeholders after audit recommendations are reported; and how IS auditing identifies weak security controls.

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Cyber Defense Infrastructure Support
  • Cybersecurity Management
  • Executive Cyber Leadership
  • Systems Analysis