Overview
Embark on a transformative journey with our comprehensive CISA course, meticulously designed to equip you with the knowledge and skills needed to conquer the ISACA CRISC Exam. Our mission is clear: to ensure your readiness for CISA certification and empower you to effectively manage the risks faced by your organization. Enrol now to enhance your skills and advance your career through this comprehensive CISA course in Singapore.
The course is prepared and delivered based on content from the ISACA CISA (Certified Information Systems Auditor) Review Manual 27th edition, making it an excellent resource for anyone who is seeking CISA certification in Singapore. The course covers five (5) domains, including Information System Auditing Process; Management and Governance of IT; Information Systems Acquisition, Implementation, and Development; Information Systems Operation; and Business Resilience and Protection of Information Assets.
For more information, please click here.
Course Description & Learning Outcomes
Course Outline
The CISA course is conducted over four days, and the content is organised into five domains. Topics covered in each of the domains are as shown below:
Domain 1: Information System Auditing Process
Planning
- IS Audit Standards, Guidelines, and Codes of Ethics
- Types of Controls
- Types of Audits and Assessments
- Risk-Based Audit Planning
- Business Processes
Execution
- Data Analytics
- Quality Assurance and Improvement of the Audit Process
- Sampling Methodology
- Audit Evidence Collection Techniques
- Audit Project Management
- Reporting and Communication and Reporting Techniques
Domain 2: Governance and Management of IT
IT Governance
- IT Strategy and IT Governance
- IT-Related Frameworks
- IT Policies, Procedures and Standards
- Organisational Structure
- Enterprise Architecture
- Enterprise Risk Management
- Maturity Models
- Organisation Affecting Laws, Regulations, and Industry Standards
IT Management
- IT Resource Management
- IT Service Provider Management and Acquisition
- IT Performance Monitoring and Reporting
- Quality Assurance and Quality Management of IT
Domain 3: Information Systems Acquisition, Development and implementation
Quality Assurance and Quality Management of IT
- Project Management and Governance
- Feasibility Analysis and Business Case
- System Development Methodologies
- Control Identification and Design
Implementation of Information Systems
- Testing Methodologies
- Configuration and Release Management
- System Migration, Infrastructure Deployment, and Data Conversion
- Post-implementation Review
Domain 4: Business Resilience and Information Systems Operation
Information Systems Operations
- Common Technology Components
- IT Asset Management
- Production Process Automation and Job Scheduling
- System Interfaces
- End-User Computing
- Data Governance
- Systems Performance Management
- Problem and Incident Management
- Configuration, Change, Release, and Patch Management
- IT Service Level Management
- Database Management
Business Resilience
- Business Impact Analysis (BIA)
- System Resiliency
- Data Backup, Storage, and Restoration
- Business Continuity Plan (BCP)
- Disaster Recovery Plans (DRP)
Domain 5: Protection of Information Assets
Information Asset Security and Control
- Information Asset Security Frameworks, Standards, and Guidelines
- Privacy Principles
- Environmental Controls and Physical Access
- Identity and Access Management
- Network and End-Point Security
- Data Classification
- Data Encryption and Encryption-Related Techniques
- Public Key Infrastructure (PKI)
- Web-Based Communication Techniques
- Virtualised Environments
- Wireless, Mobile, and Internet-of-Things (IoT) Devices
Security Event Management
- Security Awareness Programs and Trainings
- Information System Attack Techniques and Methods
- Security Testing Techniques and Tools
- Security Monitoring Techniques and Tools
- Incident Response Management
- Forensics and Evidence Collection
At the end of this course you will:
- Understand the methodology, phases and activities required to plan, assess risk, conduct an audit and communicate the audit progress, findings and recommendations, including relevant considerations for CISA certification in Singapore.
- Understand the methodology and activities required for IT Strategy Alignment, IT Organisational structure, Implementation and Management of T policies and policies and Practices Compliance to regulatory and legislation requirements and knowledge to evaluate their effectiveness.
- Understand the definitions, methodology and activities required for systems development life cycle, systems implementation and knowledge required to evaluate their effectiveness.
- Understand the definitions, methodology and phases involved in Business continuity, IT Service Operations.
- Understand the components of Physical Security, Logical Access Security, data classification, data life cycle, Security Controls, Threat and Vulnerability Assessment, Security Testing, Security Operations, Security Incident Process, and evaluate their effectiveness, aligning with the principles covered in a CISA course.
Recommended Prerequisites
A minimum of 5 years of professional information systems auditing, control or security work experience (as described in the CISA job practice areas) is required for CISA certification.
Exemptions and replacements for equivalent experience, up to a maximum of 3 years, can be acquired as follows:
- One year of experience in information systems or one year of non-IS auditing experience can be replaced with a maximum of one year of information systems experience.
- Similarly, between 60 and 120 university semester credit hours, equivalent to a two-year or four-year degree, without being restricted by a ten-year timeframe, can be exchanged for one or two years of experience, respectively.
- A university master’s or bachelor’s degree following the Model Curricula sponsored by ISACA can be used to substitute one year of experience, with a list of eligible schools available at www.isaca.org/modeluniversities. However, this substitution is not applicable if a combination of three years of experience substitution and an educational waiver has already been claimed.
- For individuals who have spent two years as a full-time instructor in university in a related field, such as computer science, accounting, or information systems auditing, they are allowed an exemption as they can substitute this experience for one year of practical experience.
- One year of experience may alternatively be substituted with a master’s degree in information technology or security from a recognised university.
For instance, a candidate must have three years of real work experience at the very least (assuming a two-year exemption from experience through the substitution of 120 university credits). It is possible to complete this experience by:
- Three years of experience with IS audit, control, security, or assurance; or Two years with IS audit, control, assurance, or security; plus one full year without IS audit or security; or Two years working as a full-time instructor in a university.
Who should attend?
The CISA course in Singapore is aimed at working Information Systems Audit professionals with at least five years of on-the-ground experience. IT professionals who have similar duties as internal IT auditors will also find this course crucial to performing their roles well.
Schedule
End Date: 12 Sep 2024, Thursday
Duration: 4 Days, 32.5 hours Timing: 9am - 6pm
Location: OnlinePricing
Course fees: If you meet the eligibility criteria, course fees can be subsidised by up to 70%. Moreover, SkillsFuture Credit can be applied to cover course fees in addition to existing government subsidies.