| Class Fee: |
$4,990 |
| Time: |
72 hrs |
| Learning Level: |
Entry |
| Contact Hours: |
72 hr Lecture No labs |
| Prerequisites: |
Understanding of TCP/IP Protocols |
| Credits: |
72 CPE / 3 CEU |
| Method of Delivery: |
Residential (100% face-to-face) or Hybrid |
| Instructor: |
TBD |
| Method of Evaluation: |
95 % attendance 2. 100 % completion of Lab |
| Grading: |
Pass = Attendance+ labs & quizzes Fail > 95% Attendance |
This 72 hour accelerated class is taught using face to face modality or hybrid modality. Class includes 72 hours of contact studies, labs, reading assignments and final exam - passing the final exam is a requirement for graduation.
KU Outcomes
- Students will be able to analyze system components and determine how they will interact in a composed system.
- Students will be able to analyze a system design and determine if the design will meet the system security requirements
Learning Objectives:
- ISACA IS Auditing Standards, Guidelines and Procedures and Code of Professional Ethics
- Control objectives and controls related to IS
- CoBit controls
- Procedures used to store, retrieve, transport, and dispose of confidential information assets
- Control Self-Assessment (CSA)
- IS auditing practices and techniques
- IT governance frameworks
- Quality management strategies and policies
- Risk management methodologies and tools
- Use of control frameworks (e.g., CobiT, COSO, ISO 17799)
- Practices for monitoring and reporting of IT performance
- Benefits management practices for CISA Certification
- Processes for managing emergency changes to the production systems
- Use of maturity and process improvement models (e.g., CMM, CobiT)
- Contracting strategies, processes and contract management practices
- Control objectives and techniques that ensure the completeness, accuracy, validity, and authorization of transactions and
data within IT systems applications
- Enterprise architecture design related to data, applications, and technology
- Acquisition and contract management processes
- System development methodologies and tools and an understanding of their strengths and weaknesses
- Data conversion tools, techniques, and procedures
- Business Impact Analysis (BIA)
- CISA question and answer review
- CISA Training
- Capacity planning & monitoring techniques for CISA Certification Training
CLICK TO ROLL DOWN OUR CLASS SYLLABUS
Some of the content in our CISA training class includes: A Training Course
02/13 Ch. 1: The IS Audit Process
- IT Governance
- Systems and Infrastructure Life Cycle Management – Part I
- Systems and Infrastructure Life Cycle Management – Part II
- IT Service Delivery and Support
- Protection of Information Assets – Part I
- Protection of Information Assets – Part II
- Business Continuity
- Information Security Governance (Domain 1)
- Information Risk Management and Compliance (Domain 2)
- Information Security Program Development and Management – Managing and Directing (Domain 3-A)
- Information Security Program Development and Management – Services and Operations (Domain 3-B)
- Information Security Program Development and Management – Information Technology (Domain 3-C)
- Information Security Incident Management (Domain 4)
Module 1—The IS Audit Process 4 hrs -
Information Security Governance (Domain 1)
This module provides a review of the knowledge required of an information systems (IS) audit/assurance professional to ensure that an organization's information technology and business systems are protected and controlled. Also included is a review of IS audit standards, guidelines and best practices.
ISACA IS Auditing Standards and Guidelines
IS Auditing Practices and Techniques
Gathering Information and Preserving Evidence
Control Objectives and IS-Related Controls
Risk Assessment in an Audit Context
Audit Planning and Management Techniques
Reporting and Communication Techniques
Control Self-Assessment
Module 2—CISA's Role in IT Governance 4 hrs
Information Risk Management and Compliance (Domain 2)
This module provides a review of the development of sound control practices and mechanisms for management oversight and review required of an information systems (IS) audit/assurance professional who is responsible for providing assurance that an organization has the structure, policies, accountability mechanisms and monitoring practices in place to achieve the requirements of IT governance.
IT Governance Basics
IT Governance Frameworks
Information Security Policies
The IT Organization's Roles and Responsibilities
Enterprise Architecture
Risk Management
Process Improvement Models
IT Contracting Strategies
Monitoring and Reporting IT Performance
IT Human Resource Management
IT Resource Investment and Allocations Practices
Module 3—CISA's Role in Systems and Infrastructure Life Cycle Management 8 hrs
Information Security Program Development and Management – Managing and Directing (Domain 3-A)
This module provides a review of the methodologies and processes organizations employ when they develop and change application systems and infrastructure components. Also included is the role of an information systems (IS) audit/assurance professional in providing assurance that management practices meet the organization's objectives for the development/acquisition, testing, implementation, maintenance and disposal of systems and infrastructure.
Benefits Management Practices
Project Governance Mechanisms
Project Management Practices, Tools and Control Frameworks
Risk Management Practices
Project Success Criteria and Risks
Configuration, Change and Release Management
Application Controls
Enterprise Architecture
Requirements Analysis
Acquisition and Contract Management
System Development Methodologies and Tools
Quality Assurance Methods
Managing Testing Processes
Data Conversion Tools, Techniques and Procedures
System Disposal
Certification and Accreditation
Post implementation Reviews
System Migration and Deployment
Module 4—CISA's Role in IT Service Delivery and Support 8 hrs
Information Security Program Development and Management – Services and Operations (Domain 3-B)
This module provides a review of service level management practices, including incident and problem management, capacity planning and systems performance monitoring. In addition, the module outlines the role of the IS audit/assurance professional in auditing and reviewing the various aspects of service level management.
Service Level Management Practices
Operations Management Best Practices
Systems Performance Monitoring Processes, Tools and Techniques
Functionality of Hardware and Network Components
Database Administration Practices
System Software Functionality
Capacity Planning and Monitoring Techniques
Managing Scheduled and Emergency Changes
Incident and Problem Management Practices
Software Licensing and Inventory Practices
System Resiliency Tools and Techniques
Module 5—CISA's Role in Protection of Information Assets 8 hrs
Information Security Program Development and Management – Information Technology (Domain 3-C)This module provides a review of the key components an IS audit/assurance professional must be aware of to evaluate and ensure an organization's confidentiality, integrity, and availability of information assets including logical and physical access controls, network infrastructure security, environmental controls and other processes and procedures used to maintain security of confidential information assets.
Information Security Management
Logical Access Controls
Network Infrastructure Security
Attack Methods and Techniques
Responding to Security Incidents
Security Systems and Devices
Encryption and PKI Components
Virus Detection Tools and Techniques
Penetration Testing
Environmental Protection Practices and Devices
Physical Security Systems
Data Classification Schemes
Voice-Over IP
Transport and Disposal of Information Assets
Security of Portable and Wireless Devices
Module 6—CISA's Role in Business Continuity and Disaster Recovery 8 hrs
Information Security Incident Management (Domain 4)
This module provides a review of the practices and knowledge required of an information systems (IS) audit/assurance professional who is responsible for providing assurance that, in the event of a disruption, the business continuity and disaster recovery processes will ensure the timely resumption of information technology (IT) services, while minimizing the business impact.
Backup Basics
Legal Elements
Business Impact Analysis
Business Continuity and Disaster Recovery Plans Development and Maintenance
Business Continuity and Disaster Recovery Plan Testing
uman Resources Management
Invoking the Business Continuity Plan
Alternate Processing and Recovery Strategies
What's Included:
Access to 50+ online modules totaling 54 hours of training.
Over 1000 CISA Exam practice questions
Lecture and Text books.
Required Prerequisites:
Workstation running any Operating System with a web browser
High Speed Internet Connection
Grades - All students must ordinarily take all quizzes, labs, final exam and submit the class practical in order to be eligible for a Q/ISP, Q/IAP, Q/SSE, or Q/WP credential unless granted an exception in writing by the President. Know that Q/ISP classes draws quite the spectrum of students, including "those less comfortable," "those more comfortable," and those somewhere in between. However, what ultimately matters in this course is not so much where you end up relative to your classmates but where you end up relative to yourself in on Friday of class. The course is graded as a pass or fail solely on your attendance and participation. Those less comfortable and somewhere in between are not at a disadvantage vis-à-vis those more comfortable. Escalating labs help you prepare for real world scenarios. Each labs escalates upon itself, increasing in intensity, rising to the next level, while you’re mitigating the threat step by step
Books - No books are required for this course. However, you may want to supplement your preparation for or review of some lectures with self-assigned readings relevant to those lectures' content from either of the books below. The first is intended for those inexperienced in (or less comfortable with the idea of) hacking. The second is intended for those experienced in (or more comfortable with the idea of) hacking. Both are available at sites like Amazon.com. Both are avail at the SU Hacker Library. Realize that free, if not superior, resources can be found on the SU website.
