CERTIFIED INFORMATION

SYSTEMS AUDITOR

Vertical Technology

Type Certification -led

Sub-Category Audit, security, governance and risk

3

Hello there

You've considered embarking on an exciting journey to

strengthen your professional status and career trajectory. The

choice to obtain professional certification and/or further

credentials in the subject matter area that you choose to

specialise in, puts a powerful tool, right in your hands.

It will bring you competitive edge, career progression and

market opportunity.

This brochure will provide further information about the

course of your choice. There is a wide selection of other

courses on our website, a selection that is constantly added

and improved upon. Feel free to email or call us if you need

help with anything.

We welcome the chance to be part of your journey.

Sincerely

Rowena Morais

Programme Director

rmorais@verticaldistinct.com

Welcome Note

Rowena Morais

Programme Director

rmorais@verticaldistinct.com

2

3

Course Information

Rowena Morais

Programme Director

rmorais@verticaldistinct.com

Course Overview

Rowena Morais

Programme Director

rmorais@verticaldistinct.com

Five day course. Growing demand for Information Security

(InfoSec) management skills has led to the ISACA's Certified

Information Systems Auditor (CISA) becoming a leading

InfoSec professional certification around the world. It will

provide you with the international practices about IS audit,

control, assurance and security.

Learning Objectives

At the end of the course, you will be able to :

provide audit services according to ISACA standards;

assist your organisation in protecting and controlling

their IS;

ensure the practices of acquisition, development,

testing and implementation of IS meet your

organisational strategies and objectives;

provide assurances that the leadership,

organisational structure and processes are in place

to achieve objectives and support your

organisation's strategies;

provide assurance as to the processes of information

systems operations, maintenance and support; and

be assured that policies, standards, procedures and

controls attain organisational information assets'

confidentiality, integrity and availability.

Curriculum

Module 01 Understanding Processes of Auditing

Information Systems

1.1 Management of IS Audit Function

1.2 ISACA IS Audit and Assurance Standards and

Guidelines

1.3 Risk Analysis

1.4 Internal Controls

1.5 Performing an IS Audit

1.6 Control Self-assessment

1.7 The Evolving IS Audit Process

2015 Courses

Rowena Morais

Programme Director

rmorais@verticaldistinct.com

INFORMATION TECHNOLOGY

HUMAN RESOURCE

Certificate of Cloud Security Knowledge

Cloud Technology Associate

TOGAF® 9

Professional Scrum Master

Professional Scrum Developer

Professional Scrum Product Owner

Certified Kanban Foundation

Certified in the Governance of Enterprise IT

COBIT 5 Foundation

Certified in Risk and Information Systems

Control

Certified Professional in Health IT

ISTQB® Advanced Test Manager

ISTQB®Advanced Test Analyst

ISTQB® Advanced Technical Test Analyst

iSQI® Certified Agile Tester

ITIL® Lifecycle- Service Strategy

ITIL® Lifecycle- Service Operation

ITIL® Lifecycle - Service Transition

ITIL® Lifecycle - Service Design

ISTQB® Foundation

Certified Wireless Network Administrator

Certified Wireless Analysis Professional

Certified Wireless Design Professional

Certified Wireless Security Professional

Ethical Hacker and Penetration Tester

How to Implement Practical Data Quality

Management

Transitioning to Agile

and more

Change Management Foundation

Certified Mentor Practitioner (Level 1)

The Language of Effective Presentations

4

Course Information

Rowena Morais

Programme Director

rmorais@verticaldistinct.com Module 02 Commencing

Governance and the

Management of

Information Technology

2.1 Corporate Governance

2.2 Governance of Enterprise IT

2.3 Information Systems

Strategy

2.4 Maturity and Process

Improvement Models

2.5 IT Investment and

Allocation Practices

2.6 Policies and Procedures

2.7 Risk Management

2.8 Information Systems

Management Practice

2.9 IS Organisational Structure

and Responsibilities

2.10 Auditing IT Governance

Structure and Implementation

2.11 Business Continuity

Planning

2.12 Auditing Business

Continuity

Module 03 Valuing IS

Acquisition, Development

and Maintenance

3.1 Benefits Realisation

3.2 Project Management

Structure

3.3 Project Management

Practice

3.4 Business Application

Development

3.5 Business Application

Systems

3.6 Development Methods

3.7 Infrastructure Development/

Acquisition Practices

3.8 Information Systems

Maintenance Practices

3.9 System Development Tools

and Productivity Aids

3.10 Process Improvement

Practices

3.11 Application Controls

3.12 Auditing Application

Controls

10

3.13 Auditing System Development, Acquisition

and Maintenance

Module 04

Comprehending IS

Operations, Maintenance

and Support

4.1 Information System

Operations

4.2 Information Systems

Hardware

4.3 IS Architecture and

Software

4.4 IS Network Infrastructure

4.5 Auditing Infrastructure

and Operations

4.6 Disaster Recovery

Planning

Module 05 Valuing

Protection of Information

Assets

5.1 Importance of Information

Security Management

5.2 Logical Access

5.3 Network Infrastructure

Security

5.4 Auditing Information

Security Management

Framework

5.5 Auditing Network

Infrastructure Security

5.6 Environmental Exposure

and Controls

5.7 Physical Access

Exposures and Controls

Training

Methodology 30% of the time will be

devoted to important

concepts and theory while

70% will be allocated for

discussion, presentation and

case studies. Active

participation through

individual work and

collaborative effort is

encouraged.

Job Practice Areas

1. A job practice serves the

basis for the exam and

experience requirements to

earm the CISA. Each job

practice comprises tasks and

knowledge statements,

organised by domain.

2. The five domains are :

Domain 1 - The Process of

Auditing Information

Systems (14%);

Domain 2 - Governance and

Management of IT (14%);

Domain 3 - Information

Systems Acquisition,

Development and

Implementation (19%);

Domain 4 - Information

Systems Operations,

Maintenance and Support

(23%); and

Domain 5 - Protection of

Information Assets (30%).

Important Note

1. This course is brought to

you in partnership with

Goutama Bachtiar.

2. Terms and conditions

apply. Please visit Vertical

Distinct for the full terms.

Prerequisites

You should have an

educational background or

working experience in

Information Technology,

Information Systems or

Audit.

5

Course Information

Rowena Morais

Programme Director

rmorais@verticaldistinct.com

1. ISACA provides an Exam

Candidate Information Guide.

ISACA also provides a CISA

Self Assessment Test to help

you assess your knowledge.

2. 200 multiple choice

question exam; test time of 4

hours.

3. Passing score is 450. A

retake is permitted.

4. Passing the exam does not

grant the CISA designation -

you must also earn the

required job experience and

submit a CISA application.

Locations

Faculty Instructors:

Goutama Bachtiar

Rowena Morais

Programme Director

rmorais@verticaldistinct.com

Geographies covered :

Middle East | Asia Pacific |

Africa

Complete and updated list of

all cities and dates are

available on

www.verticaldistinct.com

including Universitas Tulang

Bawang (UTB), University of

Indonesia (UI) and the Swiss-

German University (SGU).

An auditor and consultant, he

has more than 65 international

certifications under his belt and

has delivered 230+ sessions and

5,500+ hours of training both

across Indonesia and APAC.

Goutama has written, reviewed

and edited 300+ articles, white

papers and manuscripts on ICT,

business and management for

20+ media, blogs, journals,

frameworks and conferences,

including COBIT, PMBOK, ZDNet

Asia, SDA Asia, TechWireAsia and

Forbes. He has written one Body

of Knowledge, two books and 27

courseware.

An enterprise technologist

with more than 13 years in

consulting and auditing, 12

years in training and

education experience and 10

years in project management

and solution development,

Goutama Bachtiar serves as

an ISACA International

Subject Matter Expert, an

International Programme

Mentor and Editorial Journal

Reviewer. He is a Certification

Exam and Study Materials

developer for the CISA, CGEIT,

CISM and CRISC

qualifications.

An advisor at six companies,

Goutama also guest lectures

at top Universities for the

Masters programmes

Exam Info

5. Exam fees are not included

in the registration fees

quoted and are to be

purchased separately.

6

Course Information

Rowena Morais

Programme Director

rmorais@verticaldistinct.com

Target audience

1. New or experienced

IT/Information

Security/Information Systems

executives,managers or

consultants;

2. Risk and Security managers,

leaders and consultants;

Accreditation

Certification by : ISACA

ISACA is an independent, non

profit, global association which

engages in the development,

adoption and global use of

accepted, industry-leading

knowledge and practices for

information systems.

With more than 100,000

members worldwide, ISACA

provides practical guidance,

benchmarks and other tools

for the enterprise that uses

information systems.

Additional Info

Rowena Morais

Programme Director

rmorais@verticaldistinct.com

3. Internal or External

Auditors;

4. Those who are involved in

or who manage Information

Security, IT or auditing

functions within their

organisations or deliver such

services to their clients.

7

Testimonials

Rowena Morais

Programme Director

rmorais@verticaldistinct.com

Good trainer, clear and humble."

Syahroni Djaid, General Manager, IT Central Proteinaprima

"Excellent trainer !!"

Teguh Hambudi, Director at PT Inspirasi Abadi Mandiri

" Goutama is one of the best IT trainer and consultants I have ever met.

With his cool, calm and collected demeanour, he gives structured and

detailed lectures and explanation to his students and clients. He is not

only good in presenting his thoughts and opinions, but he also has a

very strong technical background and skills..."

Maureen Chandra, Senior Quality Engineer "

"Goutama is extremely competent technically as well as in team

sharing knowledge with the team in the best possible manner.He is one

of the most excellent IT professional I have worked with!!"

Pradeep Saggam, Director Hambudi

Visit our website

Check out Vertical Distinct' Profile

Preview Accelerate Magazine, a publication of Vertical Distinct.

VERTICAL DISTINCT SDN BHD Suite 1208 Level 12 Amcorp Tower, Amcorp Trade Centre

No. 18 Persiaran Barat, 46050 Petaling Jaya, Selangor Darul Ehsan, Malaysia.

+603 7948 5241 +603 7955 6363 hello@verticaldistinct.com

www.verticaldistinct.com