Information System Auditing, Governance and Management

Overview

Information System Auditing, Governance, and Management is the first course of Exam Prep: Certified Information Systems Auditor (CISA) Specialization. The course also explores enterprise governance frameworks, IT policies and standards, quality management practices, and enterprise architecture. Additionally, it covers IT resource management and regulatory compliance, providing a comprehensive foundation for professionals involved in IT audit, risk, and governance roles. The course is divided into three modules, and Lessons and Video Lectures further segment each module. This course facilitates learners with approximately 2:00-2:30 Hours of Video lectures that provide both Theory and Hands-On knowledge. Also, Graded and Ungraded Quizzes are provided with every module to test the ability of learners. - Module 1: Information System Auditing Process - Module 2: Execution - Module 3: Governance and Management of IT This course is designed for IT auditors, audit managers, security professionals, and consultants. Their current job roles often involve assessing IT and business systems, managing risks, ensuring compliance, and implementing controls. By the end of the course, learners will be able to: - Evaluate & Test IT Controls Effectively. - Utilize Key Audit Evidence & Analytics. - Understand IT Governance & Compliance.

Syllabus

Information System Auditing Process

Welcome to Week 1. Welcome to Week 2. This week, we’ll delve into the fundamentals of audit planning, starting with how to structure effective audit strategies and align them with organizational goals. We’ll explore various types of controls and gain a clear understanding of risk and its classifications. We’ll also examine risk response methodologies, including acceptance, mitigation, avoidance, and transference. Wrapping up the week, we’ll learn the key elements of risk-based audit planning, enabling you to prioritize audit efforts based on impact and likelihood.

Execution

Welcome to Week 2. This week, we'll dive into key aspects of audit project management, exploring how to structure and execute effective IT audits. We'll learn about various sampling methodologies and the differences between compliance and substantive testing. We'll examine techniques for collecting audit evidence and introduce continuous auditing practices for real-time assurance. We'll also gain insights into leveraging data analytics to strengthen audit outcomes, apply control self-assessment methods, and understand quality assurance principles and IT quality management standards.

Governance and Management of IT

Welcome to Week 3. This week, we’ll explore the key principles of enterprise governance of information and technology, focusing on aligning IT strategies with organizational objectives. We’ll examine the creation and enforcement of IT standards, policies, and procedures to ensure compliance and operational consistency. Diving into enterprise architecture, we’ll understand how structured frameworks support scalable and secure IT environments. Additionally, we’ll discuss laws, regulations, and industry standards that influence IT governance, followed by a practical look at IT resource management, including training, scheduling, and time reporting.