CISA Cert Prep: 2 Information Technology Governance and Management for IS Auditors
2hIntermediate2021-04-20
Authors

Michael Lester
CTO of WindTalker LLC

Human Element LLC
Founded as Logical Security by legendary security expert Shon Harris
Course details
Earning a CISA certification validates your ability to audit, control, and monitor information systems. The CISA Cert Prep series prepares you to tackle this exam and acquire the skills you need to confidently manage IT security audits. This course—the second in the series—teaches the concepts of IT governance and management that the CISA candidate needs to know.
Instructor Michael Lester starts out with a description of IT governance and the role of IT policies, processes, and standards, providing examples of many of the most common types. He reviews three key areas for auditing: risk management, business continuity, and disaster recovery planning. He also explains how an IT department and its auditing team should be organized. At each stage, he explains how the auditor would address these topics in a typical audit environment.
Topics include:
IT governance
Policies, processes, and standards
Risk management
IT organization
Business continuity
Disaster recovery
Instructor Michael Lester starts out with a description of IT governance and the role of IT policies, processes, and standards, providing examples of many of the most common types. He reviews three key areas for auditing: risk management, business continuity, and disaster recovery planning. He also explains how an IT department and its auditing team should be organized. At each stage, he explains how the auditor would address these topics in a typical audit environment.
Topics include:
IT governance
Policies, processes, and standards
Risk management
IT organization
Business continuity
Disaster recovery
Skills covered
Governance, Risk, and ComplianceCybersecurityCert Prep
Concepts
0. Introduction
- 01 - Welcome
1. Governance
- 02 - IT governance
2. Enterprise architecture
- 03 - Enterprise architecture
- 04 - Policies
- 05 - Auditing governance and documentation
3. Risk Management
- 06 - Risk management process
- 07 - Planning
- 08 - Collect information - Part 1
- 09 - Collect information - Part 2
- 10 - Dealing with risk
- 11 - Auditing risk management
4. IT Management, Structure, and Responsibilities
- 12 - IT organization
- 13 - Auditing management structure
5. Business Continuity and Disaster Recovery
- 14 - Introduction
- 15 - BCP step-by-step
- 16 - Business impact analysis
- 17 - Recovery strategies and solutions
- 18 - Developing and implementing the plan
- 19 - Testing, training, and maintenance
- 20 - Auditing business continuity and disaster recovery
6. Maturity Models
- 21 - Maturity models
Conclusion
- 22 - Next steps
Related courses
- ISACA Certified Information Systems Auditor (CISA) Cert Prep
- CISA Cert Prep: 4 IT Operations, Maintenance, and Service Delivery for IS Auditors
- CISA Cert Prep: 3 Information Technology Life Cycle for IS Auditors
- CISA Cert Prep: 5 Information Asset Protection for IS Auditors
- CISA Cert Prep: 1 Auditing Information Systems for IS Auditors
- CISA Cert Prep: The Basics
- ISACA Certified Information Systems Auditor (CISA) Cert Prep (2024)
- Vulnerability Management: Assessing the Risks with CVSS, CISA KEV, EPSS, and SSVC