CISA Domain: The Process of Auditing Information Systems - Part 2

Target Audience
Expected Duration
Lesson Objectives
Course Number

While performing audits, it is extremely important to classify audit information and to evaluate and document both the controls used and the outcomes of all parts of the audit process. This course examines the audit classification process, how risk-based auditing is performed, how compliance testing is used, and the processes and procedures used to evaluate and document the audit process. The Certified Information Systems Auditor (CISA) certification is known world-wide as the standard of achievement for those who assess, audit, control, and monitor an organization’s information systems. CISA has been given ISO/IEC 17024:2003 certification by The American National Standards Institute (ANSI). This course will help to prepare learners for the CISA examination and follows the 2014 ISACA Candidate Information Guide.

Target Audience
Information Systems professionals with an interest in information systems audit, control and security. A minimum of five years of professional information systems auditing, control or security work experience is required for certification.

Expected Duration (hours)

Lesson Objectives

CISA Domain: The Process of Auditing Information Systems - Part 2

  • classify the various types of audits based on the procedures associated with them
  • recognize the different phases of an audit
  • recognize the concepts of risk-based auditing and audit risk and materiality
  • recognize risk assessment concepts within an auditing context
  • compare compliance testing and substantive testing
  • classify audits and recognize risk-based auditing concepts
  • recognize risk assessment concepts and compare testing techniques
  • describe the different type of audit aids used by an IS auditor
  • specify how to evaluate an audit and recognize how to communicate results to management
  • describe the types of audit documentation required during an IS audit
  • specify the concept of control self-assessment (CSA) and its objectives
  • describe some of the benefits of CSA
  • recognize the role of the auditor and technology in CSA
  • recognize how the IS audit process must continue to evolve to keep up with innovation in technology
  • recognize how to apply audit aids, evaluate and document an audit, and communicate results
  • describe the concept of control self-assessment (CSA) and recognize the evolving IS audit process
  • Course Number: