CISA Training program
PwC’s Academy in Mongolia invites you to participate in CISA training - Certified Information Systems Auditor.
CISA (Certified Information Systems Auditor) it is independent and the most prestige IT auditors’ certification. CISA program is accredited by ANSI and is recognised on a state level in many countries worldwide.
This training provides theoretical knowledge and practical skills in IT audit, its role in internal control and information security, practical recommendations for successful conduct and efficiency improvement of IT audit, practical skills in describing IT controls and actions to address information risks.
Training syllabus
Training syllabus consists of five modules. Each module defines key audit tasks, including skills set, which is required for they effective execution.
Module 1 – The process of auditing information systems
• IT –audit: definition, basic concepts, goals and objectives;
• Overview of standards, tools and approaches used in IT audit;
• Risks assessment within audit process;
• Techniques of planning and management of the audit process;
• Collection of the information and audit evidence.
Module 2 – Governance and Management of IT
• IT strategy, policies, standards and procedures;
• Risk management within organization;
• IT governance, organizational structure and segregation of duties;
• Maturity and process improvement models;
• IS management practices;
• Business continuity planning.
Module 3 – Systems and infrastructure life cycle management
• Project management practices;
• Methodology and tools for software development;
• Configuration and releases management;
• Data migration and information systems implementation;
• Goals and practices of system launch quality assessment.
Module 4 – Information systems operations, maintenance and support
• Practices in IT services management and operational management;
• Planning and capacity management;
• Problems and incidents management;
• Disaster recovery planning and plans testing.
Module 5 – IT security audit
• Information security controls;
• Access management;
• IT infrastructure security;
• Physical security.