CISA: Governance and Management of IT - Part 2


Overview/Description
Target Audience
Prerequisites
Expected Duration
Lesson Objectives
Course Number
Expertise Level


Overview/Description
IS auditors require the skills and ability to assess an organization's overall structure and division of responsibilities. This course covers best practices for IT organizational structure and responsibility activities including segregation of duties and contractual commitments. This course also outlines best practices for business continuity planning including effective processes, policies, business impact analysis, and plan testing. Finally this course covers specific knowledge for effective business continuity auditing including evaluating test results, offsite storage, and security practices. This course is one of a series in the Skillsoft learning path that covers the objectives for the ISACA Certified Information Systems Auditor (CISA) certification exam.

Target Audience
Individuals in IS audit, controls and security professions; individuals preparing for the CISA certification exam.

Prerequisites
None

Expected Duration (hours)
1.5

Lesson Objectives

CISA: Governance and Management of IT - Part 2

  • start the course
  • distinguish between the different IT roles and responsibilities
  • identify characteristics and best practices of segregation of duties within IT
  • identify characteristics and best practices of segregation of duties controls
  • identify the documents that are reviewed as part of auditing IT governance structure and implementation
  • identify best practices when reviewing contractual commitments as part of auditing IT governance structure and implementation
  • identify characteristics and best practices of IT business continuity planning
  • identify best practices for auditing disaster and other disruptive events procedures
  • identify characteristics and best practices in business continuity planning process and policy activities
  • distinguish between the different classifications of incident and best practices for incident management
  • identify characteristics and best practices of business impact analysis
  • identify the factors and issues for consideration when developing business continuity plans
  • identify the components and best practices of a business continuity plan
  • identify best practices for testing business continuity plans
  • identify the audit procedures to follow when reviewing business continuity plans
  • identify best practices when evaluating prior test results and interviewing key personnel
  • identify best practices when evaluating offsite storage and offsite facility security
  • identify best practices for reviewing alternative processing contracts and insurance coverage
  • identify best practices when auditing the IT organizational structure, implementation practices, and business continuity plans of an organization

    • Course Number:
    sp_cisb_a04_it_enus

    Expertise Level
    Intermediate