Visão Geral

Certified Information Systems Auditor (CISA)® é uma das certificações de auditoria de segurança/informação mais populares do mundo para profissionais de todo o mundo. O curso de certificação CISA é desenvolvido pelo ISACA e ideal para quem procura forjar a sua carreira no domínio da Segurança Informática/Segurança Cibernética. Auditor de Sistemas de Informação Certificado (CISA) valida as suas competências de auditoria, controlo, e segurança entre as melhores da indústria. 

Informações Gerais

Carga Horária: 40h

• Se noturno este curso é ministrado de Segunda-feira à sexta-feira, das 19h às 23h
• Se aos sábados este curso é ministrado das 9h às 18h
• Se in-company por favor fazer contato para mais detalhes.

Formato de entrega:

• 100% on-line ao vivo, via Microsoft Teams na presença de um instrutor/consultor ativo no mercado.
• Nota: não é curso gravado.

Lab:

• Laboratório + Exercícios práticos 

Materiais

Conteúdo Programatico

INFORMATION SYSTEMS AUDITING PROCESS - (21%)

1. Planning
2. IS Audit Standards, Guidelines, and Codes of Ethics
3. Business Processes
4. Types of Controls
5. Risk-Based Audit Planning
6. Types of Audits and Assessments
7. Execution
8. Audit Project Management
9. Sampling Methodology
10. Audit Evidence Collection Techniques
11. Data Analytics
12. Reporting and Communication Techniques

 Governance and Management of IT - (17%)

1. IT Governance
2. IT Governance and IT Strategy
3. IT-Related Frameworks
4. IT Standards, Policies, and Procedures
5. Organizational Structure
6. Enterprise Architecture
7. Enterprise Risk Management
8. Maturity Models
9. Laws, Regulations, and Industry Standards affecting the Organization
10. IT Management
11. IT Resource Management
12. IT Service Provider Acquisition and Management
13. IT Performance Monitoring and Reporting
14. Quality Assurance and Quality Management of IT

Information Systems Acquisition, Development and Implementation - (12%)

1. Information Systems Acquisition and Development
2. Project Governance and Management
3. Business Case and Feasibility Analysis
4. System Development Methodologies
5. Control Identification and Design
6. Information Systems Implementation
7. Testing Methodologies
8. Configuration and Release Management
9. System Migration, Infrastructure Deployment, and Data Conversion
10. Post-implementation Review

INFORMATION SYSTEMS OPERATIONS AND BUSINESS RESILIENCE - (23%)

1. Information Systems Operations
2. Common Technology Components
3. IT Asset Management
4. Job Scheduling and Production Process Automation
5. System Interfaces
6. End-User Computing
7. Data Governance
8. Systems Performance Management
9. Problem and Incident Management
10. Change, Configuration, Release, and Patch Management
11. IT Service Level Management
12. Database Management
13. Business Resilience
14. Business Impact Analysis (BIA)
15. System Resiliency
16. Data Backup, Storage, and Restoration
17. Business Continuity Plan (BCP)
18. Disaster Recovery Plans (DRP)  

Protection of Information Assets - (27%)

1. Information Asset Security and Control
2. Information Asset Security Frameworks, Standards, and Guidelines
3. Privacy Principles
4. Physical Access and Environmental Controls
5. Identity and Access Management
6. Network and End-Point Security
7. Data Classification
8. Data Encryption and Encryption-Related Techniques
9. Public Key Infrastructure (PKI)
10. Web-Based Communication Techniques
11. Virtualized Environments
12. Mobile, Wireless, and Internet-of-Things (IoT) Devices
13. Security Event Management
14. Security Awareness Training and Programs
15. Information System Attack Methods and Techniques
16. Security Testing Tools and Techniques
17. Security Monitoring Tools and Techniques
18. Incident Response Management
19. Evidence Collection and Forensics
20. Supporting Tasks