• Home
  • Course Catalog
  • Contact Us

    Certified Information Systems Auditor with Intro to Security

    0 Students Enrolled
    0 Students Enrolled

    Additional information

    Hours: 785
    Duration: 12 months

    Language: English

    Data sheet

    Certification included

    To request more information, you can contact us via online chat, our website contact form, or toll free at 1-855-201-6910.

    Online courses are accessible 24/7/365 and self-paced, allowing you to progress at your own pace on your own schedule. They can be taken from anywhere in the world from the comfort of your own home. Classroom courses have a set schedule of the days and times the courses will be held, and you must attend during those specific times.

    Find out if online learning is right for you by contacting our team of registration advisers. Our team is available to answer any of your questions about taking an online course before you commit to enrolling. We will walk you through what to expect to ensure you are making the right decision. You can contact a registration adviser today via online chat, our website contact form, or toll free at 1-855-201-6910.

    No, you are not required to have a diploma or higher education degree to enroll in an online course. However, some occupations may require minimum educational thresholds for employment or certification. For more information on your desired career requirements, please contact us via online chat, our website contact form, or toll free at 1-855-201-6910.

    To take an online course, you will need to have access to an internet connection and an internet ready device such as a laptop, PC, or tablet. For course specific requirements, please visit the course page or contact a registration adviser today.

    Our courses are developed with multiple formats including text, audio, video, and interactivity. Our courses also include multiple resources and tools which can include flashcards, games, activities, and more.

    No, you can take the online courses from anywhere in the world.

    We participate in several financial assistance options including third party funding, both military and non-military. To request more information on the financial assistance options available and check your eligibility, contact us via online chat, our website contact form, or toll free at 1-855-201-6910.

    Duration is the amount of time you will receive access to your course. Durations vary by course and range between 1 month and 12 months. If you complete your course before your duration ends you will continue to have access to your course until the duration period ends.

    Many of our career training programs include certification vouchers. This means that at the successful completion of your course, at no additional charge, you will receive an exam voucher for the corresponding industry certification. This voucher will allow you to register and sit for the appropriate certification exam to obtain your industry credential.

    Our online courses are open enrollment, so you can start immediately. If you are using any third-party funding to cover your course tuition, your start date may be a future date determined by your funding program.

    Once enrolled, you will be assigned a client adviser who will provide you with customer and technical support. Your client adviser will supply you with your course access information, any needed materials, and be available to answer any questions you have during your training experience. They will regularly check-in with you to monitor your progress and assist you with staying on track. You will also be assigned to a course mentor who will provide curriculum support throughout your training. Your mentor is available to answer any questions you have on your course curriculum, will monitor your progress and understanding of the curriculum, and may give assignments or quizzes.

    If you experience any trouble accessing your course including technical issues or lost login credentials, please contact your client adviser at helpdesk@worldeducation.net.

    We strive to provide a fully online experience for students however some of our training courses include physical materials or equipment. Courses that have materials shipped directly to students will be shipped within 7 business days of registration. Some training courses have material for different sections and these courses may require multiple shipments as you completed stages of your course.

    Our goal for students is to successfully complete their training course and achieve their career goals. We understand that extenuating circumstances can interfere with your ability to complete your course in the duration given. Because of this we have free or low-cost extensions available for our courses upon request. To discuss or request an extension please contact your client adviser at helpdesk@worldeducation.net.

    Upon successful completion of your course and fulfillment of any outstanding financial obligations, you will receive your certificate of completion. Certificates are provided to you within 30 days of completion. Your certificate will validate the training course you completed with a stamp of completion.

    Students that successfully complete our career training programs are assigned a career development adviser who will coordinate placement at a local externship or hands on opportunity. These opportunities are optional and may vary based on availability and occupation. Your career development adviser will also provide job search services such as: resume building, mock interviews, job opportunity resources, and more. Our professional enrichment courses do not come with a career adviser or career services.

    Program Description

    This intensive assessment-rich certification course is ideal for experienced IT professionals. It introduces you to Information Security Management as well as Cyber Security procedures. The course includes CompTIA Security + practice lab, which will allow you to practice the covered material using real-world equipment in a safe environment. This course is an introductory Cyber Security program and also provides complete training in Information Systems Auditing. After successfully completing this course, you will know: • How to manage the audit function using ISACA IT audit and assurance standards and guidelines • How to perform risk analysis and set up internal controls • How to set up and control self-assessment • How to deal with corporate governance in IT monitoring and assurance • How to manage IT investment and allocation practices, security policies, and procedures • How to use the proper risk management and IS management practices • How to best audit IT governance structure and implementations • How to create business continuity plans • How to deal with Information Systems acquisition, development, and implementation • How to work with business application systems • How to set up and test Information Systems maintenance practices • How to manage system development tools and productivity aids • How to identify the information systems (IS) audit process and corporate organizational structure • How to set up and use ISS policies and procedures • How to set up and maintain IT recovery strategies

    Learning Objectives

    Upon completion of this course, students will know: • How to manage the Audit Function using ISACA IT Audit and Assurance Standards and Guidelines • How to perform Risk Analysis and set up Internal Controls • How to set up and control Self-Assessment • How to deal with Corporate Governance in IT Monitoring and Assurance • How to manage IT Investment and Allocation Practices, Security Policies and Procedures • How to use proper Risk Management and IS Management Practices • How to best audit IT Governance Structure and Implementations • How to create Business Continuity Plans • How to deal with Information Systems Acquisition, Development and Implementation • How to work with Business Application Systems • How to set up and test Information Systems Maintenance Practices • How to manage System Development Tools And Productivity Aids • How to identify the information systems (IS) audit process and Corporate Organizational Structure • How to set up and use ISS Policies and Procedures • How to set up and maintain IT Recovery Strategies


    Module 01 - The Process of Auditing Information Systems Lesson 1: Management of the Audit Function • Organization of the IS Audit Function • IS Audit Resource Management • Audit Planning • Effect of Laws and Regulations on IS Audit Planning Lesson 2: ISACA IT Audit and Assurance Standards and Guidelines • ISACA IT Audit And Assurance Standards And Guidelines • ISACA IT Audit And Assurance Standards Framework • Auditing Standards • Audit Guidelines • Audit and Assurance Tools and Techniques • Relationship Among Standards, Guidelines, and Tools and Techniques • Information Technology Assurance Framework • Information Technology Assurance Framework Components • ITAF General Standards (Section 2200) • ITAF Performance Standards (Section 2400) • Reporting Standards (Section 2600) • IT Assurance Guidelines (Section 3000) Lesson 3: Risk Analysis • Risk Analysis Lesson 4: Internal Controls • Internal Control Objectives • IS Control Objectives • COBIT • General Controls • IS Controls Lesson 5: Performing An IS Audit • Performing an IS Audit • Classification of Audits • Audit Programs • Audit Methodology • Fraud Detection • Risk-Based Auditing • Audit Risk and Materiality • Risk Assessment and Treatment • Risk Assessment Techniques • Audit Objectives • Compliance Versus Substantive Testing • Evidence • Interviewing and Observing Personnel in the Performance Of Their Duties • Sampling • Using The Services Of Other Auditors And Experts • Computer-Assisted Audit Techniques (CAAT) • Evaluation Of Audit Strengths And Weaknesses • Communicating Audit Results • Management Implementation Of Recommendations • Audit Documentation Lesson 6: Control Self-Assessment • Objectives of CSA • Benefits of CSA • Disadvantages of CSA • Auditor Role in CSA • Technology Drivers for CSA • Traditional Versus CSA Approach Lesson 7: The Evolving IS Audit Process • Automated Work Papers • Integrated Auditing • Continuous Auditing -- Module 01 Review Module 02 - Governance and Management of IT Lesson 1: Corporate Governance • Corporate Governance Lesson 2: IT Governance • IT Governance Lesson 3: IT Monitoring and Assurance Practices for Board and Senior Management • IT Monitoring and Assurance Practices for Board and Senior Management • Best Practices for IT Governance • IT Governance Frameworks • Audit Role in IT Governance • IT Strategy Committee • IT Balanced Scorecard • Information Security Governance • Importance of Information Security Governance • Outcomes of Security Governance • Effective Information Security Governance • Roles and Responsibilities of Senior Management and Board of Directors • Enterprise Architecture Lesson 4: Information Systems Strategy • Strategic Planning • Steering Committee Lesson 5: Maturity and Process Improvement Models • Maturity and Process Improvement Models Lesson 6: IT Investment and Allocation Practices • IT Investment and Allocation Practices • Implement IT Portfolio Management • IT Portfolio Management Versus Balanced Scorecard Lesson 7: Policies and Procedures • Policies • Information Security Policy Procedures Lesson 8: Risk Management • Risk Management • Developing a Risk Management Program • Risk Management Process • Risk Analysis Methods Lesson 9: IS Management Practices • Human Resource Management • Organizational Change Management • Financial Management Practices • Quality Management • Information Security Management • Performance Optimization Lesson 10: IS Organizational Structure and Responsibilities • IS Roles and Responsibilities • Segregation of Duties • Segregation of Duties Controls • Compensating Controls for Lack of Segregation Lesson 11: Auditing IT Governance Structure and Implementation • Reviewing Documentation • Reviewing Contractual Commitments Lesson 12: Business Continuity Planning • IS Business Continuity Planning • Disasters and Other Disruptive Events • Business Continuity Planning Process • Business Continuity Policy • Business Impact Analysis • Classification of Operations and Criticality Analysis • Development of Business Continuity Plans • Other Issues and Plan Development • Components of a BCP • BCP Testing • BCP Maintenance • Summary of BCP -- Module 02 Review Module 03 - Information Systems Acquisition, Development and Implementation Lesson 1: Business Realization • Portfolio/Program Management • Business Case Development and Approval • Benefits Realization Techniques Lesson 2: Project Management Structure • Project Context and Environment • Project Organizational Forms • Project Communication and Culture • Project Objectives • Roles and Responsibilities of Groups and Individuals Lesson 3: Project Management Practices • Initiation of a Project • Project Planning • Example of Project Management for New Software • Software Size Estimation • Lines of Source Code • Function Point Analysis (FPA) • Function Points • Cost Budgets • Software Cost Estimation • Scheduling and Establishing the Timeframe • Critical Path Methodology • Gantt Charts • Program Evaluation Review Technique (PERT) • Time Box Management • General Project Management • Project Controlling • Management of Resource Usage • Management of Risk • Closing a Project Lesson 4: Business Application Development • Traditional SDLC Approach • SDLC Phases • SDLC • Integrated Resource Management Systems • Description of SDLC Phases • Risks Associated with Software Development Lesson 5: Business Application Systems • Electronic Commerce • E-Commerce Models • E-Commerce Architectures • E-Commerce Risks • E-Commerce Requirements • E-Commerce Audit and Control Issues or Best Practices • Components of PKI • Electronic Data Interchange • General Requirements of EDI • Traditional EDI • Web Based EDI • EDI Risks and Controls • Controls in EDI Environment • E-Mail • E-Mail Security Issues • Standards for E-Mail Security • Point-Of-Sale Systems (POS) • Electronic Banking • Risk Management Challenges in E-Banking • Risk Management Controls for E-Banking • Electronic Finance • Payment Systems • Electronic Money Model • Electronic Checks Model • Electronic Transfer Model • Electronic Funds Transfer • Controls in an EFT Environment • Automated Teller Machines • Image Processing • Business Intelligence • Decision Support System (DSS) • DSS Frameworks • Customer Relation Management (CRM) • Supply Chain Management (SCM) Lesson 6: Alternative Forms of Software Project Organization • Agile Development • Prototyping • Rapid Application Development (RAD) Lesson 7: Alternative Development Methods • Data Oriented System Development • Object Oriented System Development • Component-Based Development • Web-Based Application Development • Software Reengineering • Reverse Engineering Lesson 8: Infrastructure Development/Acquisition Practices • Project Phases of Physical Architecture Analysis • Planning Implementation of Infrastructure • Critical Success Factors • Hardware Acquisition • Acquisition Steps • System Software Acquisition • System Software Implementation • System Software Change Control Procedures Lesson 9: Information Systems Maintenance Practices • Change Management Process Overview • Deploying Changes • Documentation • Testing Changed Programs • Auditing Program Changes • Emergency Changes • Change Exposures (Unauthorized Changes) • Configuration Management Lesson 10: System Development Tools And Productivity Aids • Code Generators • Computer Aided Software Engineering • Fourth-Generation Languages (4GL) Lesson 11: Business Process Reengineering And Process Change Projects • Business Process Reengineering And Process Change Projects Continued • The Benchmarking Process • ISO 9126 • Software Capability Maturity Model • ISO 15504 Lesson 12: Application Controls • Inputs Controls • Processing Procedures And Controls • Processing Controls • Data File Control Procedures • Output Controls • Business Process Control Assurance Lesson 13: Auditing Application Controls • Risk Assessment Model To Analyze Application Controls • Observing And Testing User Performing Procedures • Data Integrity Testing • Example Of Referential And Relational Integrity • Data Integrity In Online Transaction Processing Systems • Test Application Systems • Continuous Online Auditing • Online Auditing Techniques Lesson 14: Auditing Systems Development, Acquisition And Maintenance • Project Management • Feasibility Study • Requirements Definition • Software Acquisition Process • Detailed Design And Development Testing • Implementation Phase • Post Implementation Review • System Change Procedures And The Program Migration Process -- Module 03 Review Module 04 - Information Systems Operations, Maintenance and Support Lesson 1: Information Systems Operations • Management of IS Operations • Service Management • Service Level • Infrastructure Operations Scheduling • Monitoring Use of Resources • Process of Incident Handling • Problem Management • Detection, Documentation, Control, • Resolution and Reporting of Abnormal Conditions • Support/Helpdesk • Change Management Process • Release Management • Information Security Management • Media Sanitization Lesson 2: Information Systems Hardware • Computer Hardware Components and Architecture • Common Enterprise Backend Devices • Specialized Devices • Risks • Security Control • Radiofrequency Identification • RFID Applications • RFID Risks • RFID Security Control • Hardware Maintenance Program • Hardware Monitoring Procedures • Capacity Management Lesson 3: IS Architecture and Software Operating Systems • Software Integrity Issues • Activity Logging and Reporting Options • Data Communication Software • Data Management • File Organization • Database Management Systems • Example of Data in DBMS • DBMS Architecture • DBMS Metadata Architecture • Database Structure • Relational Database • Database Models • Relational Database Model • Database Controls • Tape and Disk Management Systems • Utility Programs • Software Licensing Issues • Digital Rights Management Lesson 4: Network Infrastructure • Enterprise Network Architecture • Types of Networks • Network Services • Network Standards and Protocols • OSI Architecture • OSI Layers • Application of the OSI Model in Network Architectures • Local Area Network • Network Physical Media Specifications • Implementation of WANs • LAN Media Access Technologies • LAN Components • OSI Layer Diagram • LAN Technology Selection Criteria • Wide Area Networks • WAN Message Transmission Techniques • WAN Devices • WAN Technologies • Wireless Networks • Wireless Wide Area Networks • Wireless Local Area Networks • Wireless Security • Wireless Application Protocol • Risks of Wireless Communications • World Wide Web Services • General Internet Terminology • Network Administration and Control • Network Performance Metrics • Network Management Issues • Network Management Tools • Client/Server Technology Lesson 5: Disaster Recovery Planning • Recovery Point Objective and Recovery Time Objective • Recovery Strategies • Application Disaster Recovery Methods • Data Storage Disaster Recovery Methods • Telecommunication Networks Disaster Recovery Methods • Methods for Network Protection • Development of Disaster Recovery Plans • Organization and Assignment Of Responsibilities • Backup and Restoration • Off-Site Library Controls • Types of Backup Devices and Media • Periodic Backup Procedures • Frequency of Rotation • Backup Schemes -- Module 04 Review Module 05 - Protection of Information Assets Lesson 1: Importance Of Information Security • Key Elements of Information Security Management • Information Security Management Roles and Responsibilities • Inventory and Classification of Information Assets • System Access Permission • Mandatory and Discretionary Access Controls • Privacy Management Issue and the Role of IS Auditors • Critical Success Factors to Information Security Management • Information Security and External Parties • Identification of Risks Related to External Parties • Addressing Security When Dealing with Customers • Addressing Security and Third-Party Agreements • Human Resources Security and Third Parties • Computer Crime Issues and Exposures • Types of Computer Crimes • Peer to Peer, Instant Messaging, Data Leakage and Web-Based Technologies • Security Incident Handling and Response Lesson 2: Logical Access • Logical Access Exposures • Familiarization with the Enterprise IT Environment • Paths of Logical Access • General Points of Entry • Logical Access Control Software • Identification and Authentication • Features of Passwords • Identification and Authentication Best Practices • Token Devices, One-Time Passwords • Management of Biometrics • Single Sign-On • Authorization Issues • Access Control Lists • Logical Access Security Administration • Remote Access Security • Common Connectivity Methods • Remote Access Using PDAs • Access Issues with Mobile Technology • Access Rights to System Logs • Tools for Audit Trail Analysis • Use of Intrusion Detection Storing, Retrieving, Transporting and Disposing of Confidential Information Lesson 3: Network Infrastructure Security • LAN Security • Virtualization • Client/Server Security • Wireless Security Threats and Risks Mitigation • Internet Threats and Security • Network Security Threats • Internet Security Control Audits • Firewall Security Systems • Common Attacks Against a Firewall • Examples of Firewall Implementation • Intrusion Detection • Describing IDS and IPS Deployment • Encryption • Uses of Encryption • Viruses • Technical Controls Against Viruses • AV Software • Voice Over IP • Private Branch Exchange Lesson 4: Auditing Information Security Management Framework • Auditing Logical Access • Techniques for Testing Security Lesson 5: Auditing Network Infrastructure Security • Auditing Remote Access • Network Penetration Test • Types of Penetration Tests • Full Network Assessment Reviews • Development and Authorization of Network Changes • Unauthorized Changes • Computer Forensics • Chain of Evidence Lesson 6: Environmental Exposures and Controls Lesson 7: Physical Access Exposures and Controls • Physical Access Exposures • Physical Access Controls • Auditing Physical Access Lesson 8: Mobile Computing Module 6 - In-depth Information Security Strategy Overview • Determining Current State Of Security • Information Security Strategy Development • Strategy Resources • Strategy Constraints • Action Plan to Implement Strategy



    Students should be very comfortable with basic computer and internet functions.


    Technical Requirements

    All required reference materials are provided with this program. Technical requirements: Internet Connection • Broadband or High-Speed (DSL, Cable, Wireless) Hardware Requirements • Processor - 2GHz Processor or Higher • Memory - 1 GB RAM Minimum Recommended Software Requirements • Operating Systems - Windows 7, 8 or 10; Mac OS x 10 or higher • Microsoft Office 2007, 2010 or 2013 or a Word Processing application to save and open Microsoft Office formats (.doc, .docx, .xls, .xlsx, .ppt, .pptx) • Internet Browsers - Google Chrome is highly recommended • Cookies MUST be enabled • Pop-ups MUST be allowed (Pop-up Blocker disabled) • Adobe PDF Reader


    The CISA designation is a globally recognized certification for IS audit control, assurance and security professionals. Being CISA-certified showcases your audit experience, skills and knowledge, and demonstrates you are capable to assess vulnerabilities, report on compliance and institute controls within the enterprise. Once a CISA candidate has passed the CISA certification exam and has met the work experience requirements, the final step is to complete and submit a CISA Application for Certification. A minimum of 5 years of professional information systems auditing, control or security work experience (as described in the CISA job practice areas) is required for certification. It is important to note that many individuals choose to take the CISA exam prior to meeting the experience requirements. This practice is acceptable and encouraged although the CISA designation will not be awarded until all requirements are met. The work experience for CISA certification must be gained within the 10-year period preceding the application date for certification or within 5 years from the date of originally passing the exam. The CISA Application for Certification is available at www.isaca.org/cisaapp. Note that candidates have 5 years from the passing date to apply for certification. Each state may have additional licensing requirements, be sure to research your states requirements for employment by visiting your states occupation board.


    • 100% Online, Self-Paced • Open Enrollment • Admissions and Student Support • Multimedia Rich and Interactive Content • Industry Certification Exam, when applicable • Hands-on Opportunity Upon Completion

    Career Services

    Students that successfully complete our career training are given a full years access to our modern day career services. With our career services, students are provided a multitude of career development tools to help launch their career quickly and successfully. These tools include:

    • Certification Exam Voucher and Registration Assistance (If Applicable)
    • Resume Building Assistance
    • Externship or Shadowing Placement
    • Career Coaching
    • Employer Skills Matching
    • And More!

    We are dedicated to serving our students on their unique career development journey. Whether you are transitioning to a new career, entering the workforce for the first time, or an experienced professional looking to climb the corporate ladder, our career services team can provide you with professional development tools applicable for any stage of your career.

    Write your review

    The following email wasn't used for buying this product