CISA Prep Course Training Class

1. Certification Requirements

2. Introduction to the Seven Domains

3. Technical Infrastructure and Operation

• 
  General-Purpose Computers
  
  
  
  • Hardware
  
  
  • Architecture
  
  
  • Memory
  
  
  • Operations
  
  
  • Memory Addressing
  
  
  • Reference Monitor
  
  
  • Languages
  
  
  • Transmissions
  
  
  • Systems Acquisition
    
    
    
    • 
      Systems Management
    
    
    • 
      Systems Databases
    
    
    • 
      Systems Operations
    
    
    
    
  
  
  
  


• Telecommunications
  
  
  
  • Telecommunications Security
  
  
  • Data Network Types: LAN
  
  
  • Data Network Types: WAN
  
  
  
  


• The OSI Model
  
  
  
  • Description
  
  
  • Protocol Definition
  
  
  • Layer Behavior
  
  
  • Layers Defined
  
  
  • Layer Protocols
  
  
  • Layer Devices and Equipment
  
  
  
  

4. Management, Planning, and Organization of Information Systems

• 
  Policies


• 
  Operations


• 
  Personnel


• 
  Documentation


• 
  Standards


• 
  Guidelines

5. Protection of Information Assets

• 
  Information Security
  
  
  
  • Confidentiality
  
  
  • Integrity
  
  
  • Availability
  
  
  • Compliance with Local and International Law
  
  
  
  


• 
  Security Management


• 
  Classification


• 
  System Access


• 
  System Access Control


• 
  Security Awareness & Training


• 
  New Employees' Training (NEO)


• 
  Policy Examples and Resources


• 
  CIRT


• 
  Security Incident Phases


• 
  Privacy Impact Analysis (PIA)


• 
  Access Control


• 
  Authentication


• 
  Passwords


• 
  Malicious Logic


• 
  Biometrics


• 
  Authorization Techniques


• 
  Cryptography

6. Applications Development

• 
  Systems Development Life Cycle (SDLC)


• 
  Software Models


• 
  Approaches


• 
  Personnel


• 
  Tools
  
  
  
  • Rapid Application Development (RAD)
  
  
  • Business Process Re-Engineering
  
  
  • Computer Aided Software Engineering (CASE)
  
  
  • Capability Maturity Model (S/W) (CMM)
  
  
  • Extensible Markup Language (XML)
  
  
  
  

7. Business Processes and Risk Management

• 
  Business Process Re-Engineering (BPR)


• 
  Risk Management


• 
  Security Risk Concept


• 
  Security Risk Concept Exercise


• 
  IT Governance


• 
  System Development


• 
  System Documentation


• 
  Project Lifestyle Phases


• 
  Project Lifestyle Models


• 
  Business Applications Systems


• 
  E-Commerce Models


• 
  EDI Components


• 
  Expert Systems Development


• 
  Data Warehouse


• 
  Data Mining


• 
  Database Security

8. Disaster Recovery Planning (DRP)

• 
  Business Continuity Planning (BCP) Motivation


• 
  BCP vs. DRP


• 
  BCP
  
  
  
  • Overview
  
  
  • Requirements
  
  
  • Plan Documentation
  
  
  
  


• 
  Disaster Recovery
  
  
  
  • Strategy
  
  
  • Plan Development
  
  
  • Training & Documentation
  
  
  • Testing & Maintenance
  
  
  
  

9. The Formal Audit Process

• 
  IS Audit Function


• 
  IS Audit Planning


• 
  ISACA


• 
  Internal Control System


• 
  IS Control Procedures


• 
  Control Objectives for Information and Related Technology (COBIT)


• 
  Performing an IS Audit

10. Review of Certification Requirements

11. Review of the Seven Domains

12. Test-Taking Tips

Internal review auditors, IS security professionals, and all individuals who have an interest i