CISA CISSP - 2 in 1

CISA + CISSP Training - 5 Days Course (Virtual)

Course Outline: 

Domain 1 -Information Systems Auditing Process (CISA Only) 

Audit Planning

1. IS Audit Standards, Guidelines and Codes of Ethics 

2. IS Internal Audit Function & Audit Planning 

3. Types of Controls 

4. Risk-Based Audit Planning 

5. Types of Audits 

6. Audit Project Management 

7. Sampling Methodology 

8. Audit Evidence Collection Techniques 

9. Data Analytics 

10. Reporting and Communication 

11. Control Self-Assessment (CSA) 

Domain 2 -Governance and Management of IT (CISA D2, CISSP D1) 

AIT Governance

1. IT Governance and IT Strategy 

2. IT Policies, Standards, Guidelines & Procedures 

3. Organizational Structure 

4. Enterprise Risk Management 

5. Maturity Models 

IT Management

1. IT Resource Management 

2. Segregation of Duties within IT 

3. IT Service Provider Acquisition and Management 

4. IT Performance Monitoring and Reporting 

Domain 3 -Information Systems Acquisition, Development and Implementation (CISA D3, CISSP D3/D6/D8) 

Information Systems Acquisition and Development

1. Project Governance and Management 

2. Business Case 

3. System Development 

4. Control Identification and Design 

Information Systems Implementation

1. System Testing 

2. System Migration, Infrastructure Deployment and Data Conversion 

3. Post-implementation Review 

Domain 4 -Information Systems Operations and Business Resilience (CISA D4, CISSP D4/D7) 

Information Systems Operations

1. Common Technology Components & IT Asset Management 

2. System Interfaces & Configuration Management 

3. Systems Performance Management 

4. Problem and Incident Management 

5. Change, Release and Patch Management 

6. Database Management 

Business Resilience

1. System Resiliency & Capacity Management 

2. Data Backup, Storage and Restoration 

3. Business Impact Analysis 

4. Business Continuity Plan 

5. Disaster Recovery Plan 

Domain 5 -Protection of Information Assets (CISA D5, CISSP D2/D5) 

Information Asset Security and Control

1. Information Asset Management 

2. Privacy Principles 

3. Physical Access and Environmental Controls 

4. Identity and Access Management (IAM) 

5. Data Classification 

6. Data Protection 

7. Cloud Computing 

8. Mobile, Wireless and Internet-of-things Devices 

Security Event Management

1. Security Awareness Training and Programs  

2. Information System Attacks 

3. Security Monitoring Tools 

4. Evidence Collection and Forensics 

Course fee: HKD$ 9,800 (Exam fee not included)
Course Duration: 30 hours

Date: 15/4, 22/4, 29/4, 6/5, 13/5 Saturday

Time: 9:30 – 4:30

Tutor: Mr. Sze

Classroom: Virtual – Live Online Classroom