We're offering 20% off September Live Online classes! See which courses are applicable.   |   Details

  
AccountIcon BigDataIcon BlogIcon default_resource_icon CartIcon checkmark_icon cloud_devops_icon computer_network_admin_icon cyber_security_icon gsa_schedule_icon human_resources_icon location_icon phone_icon plus_icon programming_software_icon project_management_icon redhat_linux_icon search_icon sonography_icon sql_database_icon webinar_icon

Search UMBC Training Centers

Computer and Network Administration

Certified Information Systems Auditor (CISA)

Group Training + View more dates & times 

                 

                
                        Overview
                        

                            






Validate your expertise and get the leverage you need to move up in your career. With ISACA’s Certified Information Systems Auditor (CISA) certification, you can do just that. CISA is world-renowned as the standard of achievement for those who audit, control, monitor and assess an organization’s information technology and business systems.


CISA certification is foundational to a successful IT career. If you are an entry-level to mid-career professional, CISA can showcase your expertise and assert your ability to apply a risk-based approach to planning, executing and reporting on audit engagements. Gain instant credibility in your interactions with internal stakeholders, regulators, external auditors, and customers.


Certified Information Systems Auditor (CISA) refers to a designation issued by the Information Systems Audit and Control Association (ISACA). The designation is the global standard for professionals who have a career in information systems, in particular, auditing, control, and security. CISA holders demonstrate to employers that they have the knowledge, technical skills, and proficiency to meet the dynamic challenges facing modern organizations.





                        

                

                                            

                        
                            Who Should Take This Course
                            

                                
PREREQUISITES


CISA candidates must have a minimum of five years of professional experience and must undertake 20 hours of training per year to keep their designation.


To receive a Certified Information Systems Auditor certification, candidates must pass a comprehensive exam and satisfy industry work experience requirements. Candidates must also undergo continuing education and professional development and adhere to ISACA’s Code of Professional Ethics and Information Systems Auditing Standards.


CISA candidates must have a minimum of five years of professional experience in information systems auditing, control, or security. There are several work experience substitutions and waivers up to a maximum of three years that candidates can satisfy.


    

  • A maximum of one year of information systems experience OR one year of non-information systems auditing experience. (Substitutes one year of work experience.)
    • 

  • Sixty to 120 completed university semester credit hours. (Sixty credit hours substitutes one year of work experience, while 120 credit hours substitute two years of work experience.)
    • 

  • A master’s or bachelor’s degree from a university that sponsors ISACA programs. (Substitutes one year of work experience.)
    • 

  • A master’s degree in information security or information technology from an ISACA accredited university. (Substitutes one year of work experience.)
    • 



University instructors who have two years of experience in a related field, such as computer science, information systems auditing, or accounting, can substitute that experience for one year of work experience.

                            

                    

                                                                

                        
                            Why You Should Take This Course
                            

                                
Upon completion of this course, students will be able to demonstrate:


    

  • An understanding of the format and structure of the CISA certification exam
    • 

  • A knowledge of the various topics and technical areas covered by the exam
    • 

  • Practice with specific strategies, tips and techniques for taking and passing the exam
    • 

  • Opportunities to execute practice questions with debriefs of answers
    • 


                            

                    

                                                                                

                    
                        Schedule
                        

                            
                            
                            
                            

                        

                    

                                                            

                    
                        Course Outline
                        

                            
General information regarding the exam


Domain 1: Information Systems Auditing Process


    

  • Planning

      

    • IS Audit Standards, Guidelines and Codes of Ethics
      • 

    • Business Proces Types of Controls
      • 

    • Risk-based Audit Planning
      • 

    • Types of Audits and Assessments
      • 

    

    • 

  • Execution

      

    • Audit Project Management
      • 

    • Sampling Methodology
      • 

    • Audit Evidence Collection Techniques
      • 

    • Data Analytics
      • 

    • Reporting and Communication Techniques
      • 

    • Quality Assurance and Improvement of the Audit Process
      • 

    

    • 



Domain 2: Governance and Management of IT


    

  • IT Governance and IT Strategy

      

    • IT-related Frameworks
      • 

    • IT Standards, Policies and Procedures
      • 

    • Organizational Structure
      • 

    • Enterprise Architecture
      • 

    • Enterprise Risk Management
      • 

    • Maturity Models
      • 

    • Laws, Regulations and Industry Standards Affecting the Organization
      • 

    

    • 

  • IT Management

      

    • IT Resource Management
      • 

    • IT Service Provider Acquisition and Management
      • 

    • IT Performance Monitoring and Reporting
      • 

    • Quality Assurance and Quality Management of IT
      • 

    

    • 



Domain 3: Information Systems Acquisition, Development and Implementation


    

  • Information Systems Acquisition and Development

      

    • Project Governance and Management
      • 

    • Business Case and Feasibility Analysis
      • 

    • System Development Methodologies
      • 

    • Control Identification and Design
      • 

    

    • 

  • Information Systems Implementation

      

    • Testing Methodologies
      • 

    • Configuration and Release Management
      • 

    • System Migration, Infrastructure Deployment and Data Conversion
      • 

    • Post-implementation Review
      • 

    

    • 



Domain 4: Information Systems Operations and Business Resilience


    

  • Information Systems Operations

      

    • Common Technology Components
      • 

    • IT Asset Management
      • 

    • Job Scheduling and Production Process Automation
      • 

    • System Interfaces
      • 

    • End-user Computing
      • 

    • Data Governance
      • 

    • Systems Performance Management
      • 

    • Problem and Incident Management
      • 

    • Change, Configuration, Release and Patch Management
      • 

    • IT Service Level Management
      • 

    • Database Management
      • 

    

    • 

  • Business Resilience

      

    • Business Impact Analysis
      • 

    • System Resiliency
      • 

    • Data Backup, Storage and Restoration
      • 

    • Business Continuity Plan
      • 

    • Disaster Recovery Plans
      • 

    

    • 



Domain 5: Protection of Information Assets


    

  • Information Asset Security Frameworks, Standards and Guidelines

      

    • Privacy Principles
      • 

    • Physical Access and Environmental Controls
      • 

    • Identity and Access Management
      • 

    • Network and End-point Security
      • 

    • Data Classification
      • 

    • Data Encryption and Encryption-related Techniques
      • 

    • Public Key Infrastructure
      • 

    • Web-based Communication Technologies
      • 

    • Virtualized Environments
      • 

    • Mobile, Wireless and Internet-of-things Devices
      • 

    

    • 

  • Security Event Management

      

    • Security Awareness Training and Programs
      • 

    • Information System Attack Methods and Techniques
      • 

    • Security Testing Tools and Techniques
      • 

    • Security Monitoring Tools and Techniques
      • 

    • Incident Response Management
      • 

    • Evidence Collection and Forensics
      • 

    

    • 


                        

                    

                                                            

                    
                        FAQs
                        

                            
Is there a discount available for current students?


UMBC students and alumni, as well as students who have previously taken a public training course with UMBC Training Centers are eligible for a 10% discount, capped at $250. Please provide a copy of your UMBC student ID or an unofficial transcript or the name of the UMBC Training Centers course you have completed. Asynchronous courses are excluded from this offer.


What is the cancellation and refund policy?


Student will receive a refund of paid registration fees only if UMBC Training Centers receives a notice of cancellation at least 10 business days prior to the class start date for classes or the exam date for exams.

                        

                    

                                                            

            

            
        

    

    







    


    










				









    

      

        
Contact Us