SPD logo

0800 298 2460

Newsletter Online Training Login
  • Courses
    Health & Social Care
    Media & Digital
    Leadership & Management
    • Executive Education
  • Conferences
  • In-House
  • Virtual Learning
  • About

    Venues and Facilities

    SPD

    News

    Sponsorship

Certified Information Systems Auditor (CISA) Course

Home > Courses > Certified Information Systems Auditor (CISA) Course

The Certified Information Systems Auditor course is a globally recognised gold standard certification for IS audit control, assurance and security professionals. This course is designed for professionals aspiring to work in senior managerial positions working in IT systems auditing, consultancy or management.

NOTE: This is part of a series of related courses which also include:

CISM

CISSP

CISMP

Cyber Security Leadership Programme

Course dates coming soon...

Please register interest below and we will keep you updated

All dates & locations
Other courses that may interest you
Overview Agenda All Dates/Locations Learning Outcomes

Overview

Tutor – Kamal Khan

Kamal has an MSc in Analysis, Design and Management of Information Systems, a Postgraduate Diploma in Management Science, and B/TEC in Computer Studies.  He is a Certified Information System Security Professional, a Certified Information Systems Auditor and a Chartered IT Professional.  He is also certified in ITIL, Prince 2 He has experience of a range of industries, and has an excellent grasp of the risks and challenges of managing and controlling highly complex information systems in oil and gas processing plants, refineries, financial institutions, utilities, hospitals, transport and Oil and Gas distribution systems.  He has been teaching and lecturing in ICT, coding, cybersecurity and risk management among other subjects.

Agenda

This course will cover the following five domains:

Domain 1- Information Systems Audit Process:

  • Developing a risk-based IT audit strategy
  • Planning specific audits
  • Conducting audits to IS audit standards
  • Implementation of risk management and control practices

Domain 2- IT Governance and Management:

  • Effectiveness of IT Governance structure
  • IT organisational structure and human resources (personnel) management
  • Organisation’s IT policies, standards, and procedures
  • Adequacy of the Quality Management System
  • IT management and monitoring controls
  • IT resource investment
  • IT contracting strategies and policies
  • Management of organisations IT-related risks
  • Monitoring and assurance practices
  • Organisation business continuity plan

Domain 3- Information Systems Acquisition, Development, and Implementation:

  • Business case development for IS acquisition, development, maintenance, and retirement
  • Project management practices and controls
  • Conducting reviews of project management practices
  • Controls for requirements, acquisition, development, and testing phases
  • Readiness for Information Systems
  • Project Plan Reviewing
  • Post Implementation System Reviews

Domain 4- Information Systems Operations, Maintenance, and Support:

  • Conduct periodic reviews of organisations objectives
  • Service level management
  • Third party management practices
  • Operations and end-user procedures
  • Process of information systems maintenance
  • Data administration practices determine the integrity and optimisation of databases
  • Use of capacity and performance monitoring tools and techniques
  • Problem and incident management practices
  • Change, configuration, and release management practices
  • Adequacy of backup and restore provisions
  • Organisation’s disaster recovery plan in the event of a disaster

Domain 5- Protection of Information Assets:

  • Information security policies, standards and procedures
  • Design, implementing, monitoring of system and logical security controls
  • Design, implementing, monitoring of data classification processes and procedures
  • Design, implementing, monitoring of physical access and environmental controls
  • Processes and procedures to store, retrieve, transport and dispose of information assets

All Dates & Locations

Date Venue Price from: Status Spaces Book Now Enquire

No dates are available.

Learning Outcomes

Learning Outcomes:

  • The Process of Auditing Information Systems
  • Governance & Management of IT
  • Information Systems Acquisition, Development, and Implementation
  • Information Systems Operations, Maintenance, and Support
  • Protection of Information Assets

Overview

Tutor – Kamal Khan

Kamal has an MSc in Analysis, Design and Management of Information Systems, a Postgraduate Diploma in Management Science, and B/TEC in Computer Studies.  He is a Certified Information System Security Professional, a Certified Information Systems Auditor and a Chartered IT Professional.  He is also certified in ITIL, Prince 2 He has experience of a range of industries, and has an excellent grasp of the risks and challenges of managing and controlling highly complex information systems in oil and gas processing plants, refineries, financial institutions, utilities, hospitals, transport and Oil and Gas distribution systems.  He has been teaching and lecturing in ICT, coding, cybersecurity and risk management among other subjects.

Agenda

This course will cover the following five domains:

Domain 1- Information Systems Audit Process:

  • Developing a risk-based IT audit strategy
  • Planning specific audits
  • Conducting audits to IS audit standards
  • Implementation of risk management and control practices

Domain 2- IT Governance and Management:

  • Effectiveness of IT Governance structure
  • IT organisational structure and human resources (personnel) management
  • Organisation’s IT policies, standards, and procedures
  • Adequacy of the Quality Management System
  • IT management and monitoring controls
  • IT resource investment
  • IT contracting strategies and policies
  • Management of organisations IT-related risks
  • Monitoring and assurance practices
  • Organisation business continuity plan

Domain 3- Information Systems Acquisition, Development, and Implementation:

  • Business case development for IS acquisition, development, maintenance, and retirement
  • Project management practices and controls
  • Conducting reviews of project management practices
  • Controls for requirements, acquisition, development, and testing phases
  • Readiness for Information Systems
  • Project Plan Reviewing
  • Post Implementation System Reviews

Domain 4- Information Systems Operations, Maintenance, and Support:

  • Conduct periodic reviews of organisations objectives
  • Service level management
  • Third party management practices
  • Operations and end-user procedures
  • Process of information systems maintenance
  • Data administration practices determine the integrity and optimisation of databases
  • Use of capacity and performance monitoring tools and techniques
  • Problem and incident management practices
  • Change, configuration, and release management practices
  • Adequacy of backup and restore provisions
  • Organisation’s disaster recovery plan in the event of a disaster

Domain 5- Protection of Information Assets:

  • Information security policies, standards and procedures
  • Design, implementing, monitoring of system and logical security controls
  • Design, implementing, monitoring of data classification processes and procedures
  • Design, implementing, monitoring of physical access and environmental controls
  • Processes and procedures to store, retrieve, transport and dispose of information assets

All dates & locations

Date Venue Price from: Status Spaces Book Now Enquire

No dates are available.

Learning outcomes

Learning Outcomes:

  • The Process of Auditing Information Systems
  • Governance & Management of IT
  • Information Systems Acquisition, Development, and Implementation
  • Information Systems Operations, Maintenance, and Support
  • Protection of Information Assets

Related Courses & Events

Not quite found what you were looking for? Why not have a look at these other courses and events that may be of interest.

01

A Preparation Bootcamp for the Certified Information Systems Security Professional Certification (CISSP)

02

Certified Information Security Manager (CISM) Course

03

ILM level 5 Diploma in Leadership and Management

Follow us and Connect

SCROLL UP

Make an Enquiry/
Register Interest

Thinking about attending one of our training programmes? Or do you need more information about continuing professional development? Simply contact our helpful team using the form on the right.

  • FOI Request & Privacy Policy |
  • Terms & Conditions |
  • Careers |
  • Partners |
  • About |
  • Find Us |
  • Contact Us

Copyright University of Salford
Registered Address: c/o Legal Services, 6th Floor, Maxwell Building, The Crescent, Salford, M5 4WT Company Number: 08127329