Learn your way! Get started

Certified Information Systems Auditor CISA, Part 1 of 5: Auditing Systems

with expert Kenneth Mayer


Watch trailer


Course at a glance

Included in these subscriptions:

  • Dev & IT Pro Video
  • Dev & IT Pro Power Pack

Release date 3/1/2018
Level Intermediate
Runtime 3h 46m
Closed captioning N/A
Transcript N/A
eBooks / courseware N/A
Hands-on labs N/A
Sample code N/A
Exams Included


Enterprise Solutions

Need reporting, custom learning tracks, or SCORM? Learn More



Course description

This course discusses the process of auditing information systems covering the practice of IS auditing, methodology and procedures to provide audits and assist the organization to protect their information systems. First, develop risk based IT audit strategy in compliance with IT audits. Second, plan specific audits. Third, conduct audits on standards and objectives to stakeholders. Fourth, conduct followups and status reports to ensure appropriate actions have been taken. The goal is to provide a framework and guidelines that you can follow to implement audit plans. This course is part of a series covering the ISACA Certified Information Systems Auditor (CISA).

Prerequisites

There are no prerequisites for this course.

Learning Paths

This course will help you prepare for the following certification and exam:
Certified Information Systems Auditor

Meet the expert

Kenneth Mayer As a certified Microsoft Instructor, Ken has focused his career on various security aspects of computer and network technology since the early 1980s. He has offered a wide variety of IT training and high level consulting projects for Fortune 500 companies globally. Through the course of his extensive career, he has taught a full line of Microsoft, CompTIA, Cisco, and other high level IT Security curricula.


Course outline



Audit Standards and Guidelines

Manage Audit Function (18:32)
  • Introduction (01:47)
  • The IS Audit Function (03:12)
  • IS Audit Resource Management (01:04)
  • Audit Planning (01:08)
  • Other planning Considerations (01:48)
  • Information Gathering (01:32)
  • Audit Planning Continued (01:07)
  • Guidelines to Follow (02:01)
  • Effects of Laws and Regulations (02:17)
  • Effects of Laws and Regulations Continued (00:57)
  • Major Areas of Concern (00:41)
  • Determine Level of Compliance (00:44)
  • Summary (00:08)
Audit and Assurance Standards (42:39)
  • Introduction (02:03)
  • Maintaining Privacy and Confidentiality (03:25)
  • IT Audit and Assurance Standards and Guidelines (01:17)
  • IT Audit and Assurance Standards Framework (01:19)
  • Auditing Standards (02:59)
  • Auditing Standards Continued (02:44)
  • Reporting Standards (00:29)
  • Follow-up Activities (01:58)
  • IT Governance (03:27)
  • Using Experts' Work (01:46)
  • Guidelines (00:34)
  • Audit Guidelines (01:07)
  • Audit Guidelines Continued (01:38)
  • Outsourcing and Audit Charter (03:07)
  • Materiality Concepts (01:57)
  • Due Professional Care and Audit Documentation (01:28)
  • More Audit Guidelines (01:41)
  • Even More Audit Guidelines (01:58)
  • Yet More Audit Guidelines (01:57)
  • Still More Audit Guidelines (01:31)
  • Further Audit Guidelines (01:56)
  • Ultimate Audit Guidelines (02:00)
  • Summary (00:08)

Risks and Controls

ITAF Standards (34:36)
  • Introduction (02:02)
  • Tools and Techniques (02:15)
  • IT Assurance Framework (02:50)
  • ITAF General Standards (01:27)
  • ITAF General Standards Continued (01:21)
  • ITAF Performance Standards (03:02)
  • ITAF Performance Standards Continued (02:02)
  • Assignment Performance and Representation (01:43)
  • Reporting Standards (01:12)
  • Reporting Standards Continued (00:54)
  • It Assurance Guidelines (01:15)
  • Dealing with Management (00:51)
  • IT Assurance Guidelines Continued (01:31)
  • IT Management Processes (01:31)
  • IT Management Process Continued (02:06)
  • Common Practices (00:20)
  • IT Audit and Assurance Processes (01:23)
  • IT Audit and Assurance Areas Continued (02:10)
  • IT Audit and Assurance Management (00:45)
  • IT Audit and Assurance Management Continued (03:37)
  • Summary (00:08)
Risk Analysis (21:30)
  • Introduction (00:42)
  • Business Environment (04:20)
  • Risk IT Framework (03:05)
  • Determine Associated Risks (02:33)
  • Risk Analysis Continued (01:26)
  • Risk Assessment Lifecycle (01:31)
  • Identifying Controls to Reduce Loss (04:10)
  • Risk Analysis Lifecycle (03:30)
  • Summary (00:08)
Internal Controls (17:13)
  • Introduction (01:32)
  • Internal Controls Objectives (01:06)
  • IS Control Objectives (02:34)
  • Controls Classifications (01:19)
  • IS Control Objectives Continued (02:06)
  • COBIT (00:34)
  • Linking Goals (00:49)
  • General Controls (03:23)
  • IS Controls (03:39)
  • Summary (00:08)

Performing an Audit

Performing an Audit Part 1 (32:49)
  • Introduction (02:41)
  • Audit Project Management (01:08)
  • Classification of Audits (02:31)
  • Audit Program (01:07)
  • General Audit Procedures (02:56)
  • Audit Software (04:57)
  • Audit Methodology (01:26)
  • Fraud Detection (03:25)
  • Fraud Detection Continued (02:13)
  • Risk-Based Auditing (02:05)
  • Risk-Based Auditing Continued (00:57)
  • Risk Model Assessment (01:10)
  • Audit Risk and Materiality (01:18)
  • Audit Risks (01:36)
  • Audit Risk and Materiality Continued (01:29)
  • Assess Security Risks (00:39)
  • Process of Risk Assessment (00:55)
  • Summary (00:08)
Performing an Audit Part 2 (37:51)
  • Introduction (02:41)
  • Treating Risks (01:58)
  • Selecting Controls (01:47)
  • Controls and Security (00:45)
  • Audit Subjects for Risk Assessment (02:04)
  • Risk Assessment Approach (00:46)
  • Judgemental Risk Assessment (00:18)
  • Risk Assessment Techniques Continued (00:39)
  • Audit Objectives (01:07)
  • Translating Objectives and Compliance (01:48)
  • Compliance vs. Substantive Testing (00:36)
  • Compliance vs. Substantive Testing Continued (00:31)
  • Evidence (02:56)
  • Methods of Gaining Evidence (01:13)
  • Identifying Work Functions (01:10)
  • Sampling (01:21)
  • Sampling Continued (02:19)
  • Sampling Terms to Know (01:57)
  • Using the Services of Other Auditors (02:04)
  • Using the Services of Other Auditors Continued (00:30)
  • Computer-Assisted Audit Techniques (01:08)
  • Review Evidence and Audit Strengths and Weaknesses (02:50)
  • Audit Strengths and Weaknesses Continued (00:57)
  • Communicating Results (02:32)
  • Follow-up (00:21)
  • Audit Documentation (01:15)
  • Summary (00:08)
Control Self-Assessment (09:49)
  • Introduction (00:52)
  • Control Self-Assessment (01:12)
  • Control Self-Assessment Continued (01:38)
  • Objectives of CSA (01:18)
  • Benefits of CSA (00:57)
  • Disadvantages of CSA (00:36)
  • Auditors and CSA (01:20)
  • CSA and Empowerment (01:08)
  • CSA vs. Traditional Method (00:35)
  • Summary (00:08)
Evolving the Audit Process (11:06)
  • Introduction (00:10)
  • Automated Work Papers (01:20)
  • Automated Work Papers Continued (01:23)
  • Integrated Auditing (01:32)
  • Integrated Auditing Continued (00:37)
  • Benefits of Integrated Auditing (00:24)
  • Continuous Auditing (00:42)
  • Continuous Auditing vs. Continuous Monitoring (01:01)
  • Continuous Auditing Continued (03:46)
  • Summary (00:08)