CISA Exam Preparatory CourseCISA is recognized worldwide, by independent surveys, as the best professional certification. CISA stands for Certified Information Systems Auditor. It is designed & offered by ISACA, USA. CISA is the only recognized auditing qualification in the areas of ICT. IT audits also cover process audits. CISA exam is conducted by ISACA local chapters, i.e., Dhaka Chapter, Kolkata Chapter, San Francisco Chapter, etc. The exam is taken twice a year on the same date worldwide. The exam method is paper-based MCQ. It is a costly, but very beneficial exam.

How Participants will benefit after the course: There is great need for IT auditors in the market. Bangladesh bank has defined ICT Risk as the 6th core risk which madates auditing on it. So, every commerical bank is requiring IT audit functions. Telecom industry is another area where IT & engineering audits play a vital role for corporate governance. Apart from these two primary sectors, there are various big organizations where IT plays a major role. But, there are currently around 10 CISA holders in the country. So, one can clearly see the market opportunity for this competence. After completing this course, participants should feel confident to sit for the CISA exam.Contents of Training:Part -1: IS Audit Process Day1 – Introduction to IS Audit & CISA a. Introduction to IS Audit b. Relationship of IS Audit to Financial Audit c. Introduction to the Products of ISACA & ITGI d. What values a CISA can contribute to the organization e. CISA Exam & Preparation Roadmap f. ISACA IS Auditing Standards & Guidelines

Day2 – IS Audit Process a. Risk Assessment b. Internal Controls c. Performing an IS Audit d. Control Self-Assessment e. Emerging Changes in IS Audit Process f. Fundamental Challenges to IS Audit Function

Day3 – Exercise on Part-1 a. Quiz with Sample Questions b. Discussion on Exam Result c. Overview of IIA Standards & CIA, and IFAC & ISA d. Bridging ISACA, IIA, IFAC, ISO & IEEE

Part-2: IT Governance Day4 – IT Governance a. Corporate Governance vs. IT Governance b. Assurance Practices for the Board & Executive Management 

c. IS Strategies, Policies & Procedures d. Risk Management e. IS Management Practices f. IS Organizational Structure & Responsibilities g. Auditing IT Governance Structure & Implementation

Day5 – Exercise on Part-2 a. Quiz with Sample Questions b. Discussion on Exam Result c. Overview of COBIT & Auditing

Part-3: Systems & Infrastructure Life Cycle Management Day6 – Business Value Creation & Realization a. Project & program portfolio management b. Project management techniques and frameworks c. Auditing PMO & Rollout Dept

Day7 – SDLC Controls & Audit a. Auditing Application Controls & Testing processes b. ISACA, ISO & IEEE guidelines for project audits c. Auditing SDLC d. Business Application Systems

Day8 – Exercise on Part-3 a. Quiz with Sample Questions b. Discussion on Exam Result

Part-4: IT Service Delivery & Support Day9 – Architecture, Hardware & Software a. IS Operations & Hardware b. IS Architecture & Software c. IS Network Infrastructure d. Auditing Infrastructure & Operations

Day10 – Exercise on Part-4 a. Quiz with Sample Questions b. Discussion on Exam Result

Part-5: Protection of Information Assets Day11 – Information Security a. Importance of Information Security Management b. Logical Access Exposures & Controls c. Network Infrastructure Security

Day12 – Network Infrastructure Security a. LAN/WAN Security 

b. Client-Server Security c. Wireless Security d. Internet Threats & Security

Day13 – Encryption & Security Auditing a. Encryption & Digital Signatures b. Malicious Codes c. VoIP & PABX d. Auditing Information Security Framework e. Auditing Network Infrastructure Security f. Environmental & Physical Exposures & Control

Day14 – Exercise on Part-5 a. Quiz with Sample Questions b. Discussion on Exam Result c. Introduction to BCP & DRP

Part-6: Business Continuity & Disaster Recovery Day15 – BCP/DRP Planning a. Disasters & Downtimes b. BCP Process c. Policies d. Incident Management e. BIA f. RPO & RTO g. Recovery Strategies & Alternatives h. Development of BCP i. Plan Testing j. Backup & Restoration k. Auditing BCP l. Quiz with Sample Questions m. Discussion on Exam Result

Day16 – Application (professional aids) a. Sketching the Technical Auditing Scope in the Banking Sector b. Sample Audit Plan development for a Bank c. Sketching the Technical Auditing Scope in the Telecom Sector d. Sample Audit Plan development for a Telecom Operator e. Sketching the Technical Auditing Scope in general f. Sample Audit Plan development in general g. Recap of the contents of major documents in auditing: --a. Scope & Timing Plan --b. Engagement Letter --c. Process Map & Risk Map --d. Audit Programme & Inquiry List --e. Data Analysis, Evidence & Filing 

--f. Draft & Final Audit Reports h. Summarization of Lessons Learned & wrap-up

Suggested Study Materials: a. ISACA Auditing Standards & Procedures Manual (No. of pages: 330) b. CISA Review Manual published by ISACA (No. of pages: 550) c. Practising Questions & Answers (No. of pages:300)