CISA – Certified Information Systems Auditor
- CISA Training Fee: Rs 15,000 + 18 % GST = INR 17,700 (Indian Students)
- CISA Training Fee: USD 650 (International Students)
- CISA Training Duration : 4 Days
- CISA Certification Cost: USD 575
- 100% Certification Success in First Attempt
- Classroom and Online Batches available
- Free Demo Sessions for Aspirants
- Training delivered by Accredited Professionals
- Certified Trainers with enormous Industry experience
- Important Insights on Certification preparation
- Validity of CISA Certification: 3 Years
- Batch Date September 8, 9, 15, 16, 22, 23 – 2018
- Timings: 10 am – 6 pm
- Batch Date October 6, 7, 13, 14, 20, 21 – 2018
- Timings: 10 am – 6 pm
- Batch Date November 3, 4, 10, 11, 17, 18 – 2018
- Timings: 10 am – 6 pm
Mr. Daniel Mahanty is a banker-turned information security professional with over three decades of experience. He has worked in information systems security and information systems audit in leading banks in India and overseas. He has enormous experience in training candidates for CISA & CISSP Certification exams and has trained innumerable aspirants from all over the World.
Some of the major training conducted by Mr. Daniel includes the Security awareness training in Staff Colleges of public sector banks and has also served as an Adjunct Faculty of MIS in American University in a foreign country.
Mr. Daniel Mahanty has held the following positions:
- Chief Manager, Information Security Department of a major public sector bank;
- Asst. Vice President, Information Systems Audit, Internal Audit in a leading new generation bank;
- Manager, Information Systems Audit, Internal Audit of a large bank in the middle-east;
- Chief Internal Auditor / Head of Internal Audit of a medium-sized bank overseas; and
- Vice-President, Credit Operations of a Bangalore-based MFI (micro-finance institution).
Daniel Mahanty holds the following certifications:
- CISSP (Certified Information Systems Security Professional), International Information System Security Certification Consortium, USA
- CISA (Certified Information Systems Auditor), Information Systems Audit Control Association (ISACA), USA
- CRISC (Certified in Risk Information Systems Control),Information Systems Audit Control Association (ISACA), USA
- CIA (Certified Internal Auditor), Institute of Internal Auditors, USA
- ISO 27001 ISMS (Information Security Management Systems)
- ITIL v.3 Foundation
- CAIIB (Certified Associate of the Indian Institute of Bankers)
CISA – a globally recognized certification that ensures you to gain deep insight on audit experience, knowledge and skills and indicate your capability to assess vulnerabilities and follow compliance of laws stated by the government. It is a course in which you get to learn to audit Information security. The course enables you to match the standards defined by ISO 27001 that requires organizations to have internal and external audit and acquire skills that are in huge demand today.
It is meant for Information technology professionals who audit, monitor, access, and control data.
Basically, the Job Practice helps in understanding the tasks performed representing work done in Information Systems Audit, Assurance and Control. These practices will also serve as the basis for Certification exam.
The CISA exam contains 150 Multiple choice questions for testing new Job Practices. The Certification will contain 5 IS audit, control or security areas.
The Job Practice domains along with their weightage is as followed:
Domain 1 : The Process of Auditing Information Systems
- Develop a risk-based strategy for IT audit
- To Plan Specific Audits
- Conducting audits as per IS audit standards
- Implementing Risk management & Control Practices
Domain 2 : Governance and Management of IT
- To evaluate effectiveness of IT Governance structure
- Organisational Structure, IT and HRM
- Design IT Policies, Standards and Procedures for Organization
- Check adequacy of QMS
- IT management & Monitoring controls
- IT Resource Investment
- IT Contracting strategies and Policies
- Managing IT-related risks in Organisation
- Monitoring & assurance practices
- Knowledge of SOPs for Business Continuity Plan (BCP)
Domain 3 : Information Systems Acquisition, Development and Implementation
- Benefits realization knowledge through Feasibility studies, business Cases, TCO (Total cost of Ownership) & ROI (Return on Investment)
- Knowledge about Project management control Frameworks, Practices and Controls
- Risk Management practices in Projects
- Requirement analysis and Management practices fluency
- Readiness for Enterprise architecture related to Data, applications and technology
- Configuration and Release Management details related to Information system
- SDLC Related Testing Methodologies and Practices
Domain 4 : Information Systems Operations, Maintenance and Service Management
- Knowledge of Frameworks related to Service Management
- Deep understanding of Service management Practices and Service level Management
- Conduct periodic reviews of organisations objectives
- Third Party Management expertise
- Operations & End-user procedures for scheduled & non-scheduled processes
- Expertise in system resiliency tools & techniques such as Clustering & others
- Process of Information systems maintenance
- Database administration practices knowledge
- Capacity planning and related monitoring tools & techniques
- Problem and Incident management practices such as Help Desk, tracking
- Process Knowledge including Change, configuration & Release management Practices
- Knowledge of Data backup, storage, retention and restoration of provisions
- Disaster recovery plan in the event of a disaster
Domain 5 : Protection of Information Assets
- Designing, Implementation and monitoring of Security controls
- Monitoring and responding to security incidents
- Logical access controls for identification, authentication and restriction of users
- Security controls related to hardware, system software and DBMS
- Risks and controls associated with virtualization of systems
- Configuration, implementation, operation & maintenance of Network Security controls
- Processes and procedures to store, retrieve, transport and dispose of information assets
CISA Certification Eligibility Criteria:
There are no prerequisites for attending the CISA training but for appearing in CISA Certification exam, you require minimum 5 years of professional Information Systems Auditing, Control or Security work experience. If you possess certain education and general IS or Audit experience to your credit, then there can be exceptions as listed below:
- Maximum 1 year of Information systems experience OR 1 year of non-IS auditing experience is eligible for 1 year experience.
- 60 to 120 completed University semester Credit hours (equivalent for 2-year or 4-year degree) not limited by the 10-year preceding restriction, can be substituted for 1 or 2 years of experience, respectively.
- A Bachelor’s or Master’s degree from a University that enforces ISACA-sponsored curriculum can be substituted for 1 year of experience. This option is not applicable when 3 years of experience and educational waiver has already been claimed.
- A Master’s degree in Information Security or Information Technology from an accredited University can be substituted for 1 year of experience.
- 2 years as a full-time university instructor in a related field (e.g. Computer Science, Accounting, Information Systems auditing) can be substituted for 1 year of experience.
- 3 years of IS Audit, Control, Assurance or Security experience can be substituted for 1 year of Experience.
Many individuals choose CISA exam prior to meeting the experience prerequisites. Although this practice is acceptable and followed very commonly but CISA certification will not be issued unless all requirements are met.
The work experience for CISA certification must have been gained within 10 year period before the application date for Certification or within 5 years from the date of originally passing the Exam.
Candidates will get only 5 years from the passing date to apply for certification.
Benefits of CISA Certification:
- Certifies you for expert understanding of Information Security Audit Process
- Brings along competitive advantages against other Professionals
- Better awareness on protection of Information Systems
- A Certification will confirm your commitment to Profession
- Ensures enhanced credibility and marketability that will prove a career differentiator
- You will have knowledge of Cybersecurity with ability to recognize and managing them
- Access to valuable resources, such as peer learning and Networking
- CISA is a globally recognized certification
- CISA certification showcases your experience, skills and knowledge,
- It demonstrates capability to assess vulnerabilities and report on compliance & institute controls in enterprise
- Requires minimum 5 years of experience
- Adds broader perspective of business management
- latest tech development and trends
- Gets knowledge about latest tools and techniques in market
- Open the door for forensic accountancy for the candidates
The certification is best suited for:
- IS/IT auditors
- IT managers
- Audit Managers
- Security Managers
- IT Compliance Manager / Head , Audit Executives
- System Analysts, Consultants, and even CIOs and CTOs.
Expected Job roles:
The primary job of an IS auditor is to ensure that no situations of fraud or non compliance of government laws take place in the organization structure. He is entrusted with the responsibility to analyze and prepare reports for the management.
In view of the above, the holders of CISA certification are likely to be offered the following job roles based on their skills and experience:
- Internal Auditor
- Public Accounting Auditor
- Information Security Analyst
- Technology Auditor
- Network Operation Security Engineer
- IT Audit Manager
- Cyber security professional
- IT Risk and Assurance Manager
- IT Consulting
- Privacy Officer
- PCI Security Specialist
The participant to this course is expected to have a minimum of 5 years of professional information systems auditing, control or security work experience (as described in the CISA job practice areas).