İT Təhlükəsizliyi

CISA - Certified Information Systems Auditor

3 ay (48 saat) 500 m

The Process of Auditing Information Systems

- Develop and implement a risk-based IT audit strategy
- Plan specific audits
- Conduct audits in accordance with IT audit standards
- Report audit findings and make recommendations to key stakeholders
- Conduct follow-ups or prepare status reports

IT Governance and Management of IT

- Effectiveness of the IT governance structure
- E IT organizational structure and human resources (personnel) management
- Organization’s IT policies, standards, and procedures
- Evaluate the adequacy of the quality management system
- IT management and monitoring of controls
- Evaluate IT contracting strategies and policies, and contract management practices
- Risk management practices
- Organization’s business continuity plan

Information Systems Acquisition, Development, and Implementation

- Evaluate the business case for proposed investments in information
- Pproject management practices and controls
- Conduct reviews to determine whether a project is progressing in accordance with project plans
- Controls for information systems
- Readiness of information systems for implementation and migration into production
- Conduct post implementation reviews of systems

Information Systems Operations, Maintenance, and Support

- Conduct periodic reviews of information systems
- Service level management practices
- Third-party management practices
- Data administration practices
- Capacity and performance monitoring tools and techniques
- Change, configuration, and release management practices

Protection of Information Assets

- Information security policies, standards and procedures
- Design, implementation, and monitoring of system and logical security
- Design, implementation, and monitoring of physical access and environmental controls
- Evaluate the processes and procedures used to store, retrieve, transport, and dispose of information assets