CISA Domain: Governance and Management of IT - Part 1

Target Audience
Expected Duration
Lesson Objectives
Course Number

IS Governance is an incredibly important part of IS security. Management and monitoring of resources are built into the audit process and the CISA must be aware of the role they will play in the process. This course examines the role of Governance, IT Management and IT Monitoring, and the strategies and models used to evaluate and create policies and procedures within the environment. This course also examines the Risk Management strategies that can be used, and how the CISA plays a role in choosing the correct strategy for the environment. The Certified Information Systems Auditor (CISA) certification is known world-wide as the standard of achievement for those who assess, audit, control, and monitor an organization’s information systems. CISA has been given ISO/IEC 17024:2003 certification by The American National Standards Institute (ANSI). This course will help to prepare learners for the CISA examination and follows the 2014 ISACA Candidate Information Guide.

Target Audience
Information Systems professionals with an interest in information systems audit, control and security. A minimum of five years of professional information systems auditing, control or security work experience is required for certification.

Expected Duration (hours)

Lesson Objectives

CISA Domain: Governance and Management of IT - Part 1

  • match the example of governance to either corporate or IT
  • recognize best practices for IT governance
  • match examples of other IT monitoring and assurance practices with their correct descriptions
  • recognize the role of governance, IT management and IT monitoring in the IS audit process
  • recognize information systems strategies
  • match maturity and process improvement models with their correct descriptions
  • describe IT investment and allocation practices
  • recognize the role of policies and procedures in IS auditing
  • implement a risk management process
  • define risk management techniques and recognize how to develop a risk management program
  • match the different risk analysis methods with their correct description
  • calculate Annual Loss Expectancy (ALE)
  • implement IS strategies, maturity models, and allocation practices
  • implement policies, procedures, and risk management
  • Course Number: