Certified Information Systems Auditor (CISA) Review Class

Jana tumeanza Chapter II..na hapa chini hizi ni baadhi ya maeneo tutkayoyafundisha

Domain 2—Governance and Management of IT
Provide assurance that the necessary leadership and organizational structures and processes are in place to achieve objectives and to support the organization's strategy. (16%)

Task Statements:
2.1 Evaluate the IT strategy, including IT direction, and the processes for the strategy’s development, approval, implementation and maintenance for alignment with the organization’s strategies and objectives.
2.2 Evaluate the effectiveness of the IT governance structure to determine whether IT decisions, directions and performance support the organization’s strategies and objectives.
2.3 Evaluate IT organizational structure and human resources (personnel) management to determine whether they support the organization’s strategies and objectives.
2.4 Evaluate the organization’s IT policies, standards and procedures, and the processes for their development, approval, release/publishing, implementation and maintenance to determine whether they support the IT strategy and comply with regulatory and legal requirements.
2.5 Evaluate IT resource management, including investment, prioritization, allocation and use, for alignment with the organization’s strategies and objectives.
2.6 Evaluate IT portfolio management, including investment, prioritization and allocation, for alignment with the organization’s strategies and objectives.
2.7 Evaluate risk management practices to determine whether the organization’s IT-related risk is identified, assessed, monitored, reported and managed.
2.8 Evaluate IT management and monitoring of controls (e.g., continuous monitoring, quality assurance [QA]) for compliance with the organization’s policies, standards and procedures.
2.9 Evaluate monitoring and reporting of IT key performance indicators (KPIs) to determine whether management receives sufficient and timely information.
2.10 Evaluate the organization’s business continuity plan (BCP), including alignment of the IT disaster recovery plan (DRP) with the BCP, to determine the organization’s ability to continue essential business operations during the period of an IT disruption.
Knowledge Statements:
2.1 Knowledge of the purpose of IT strategy, policies, standards and procedures for an organization and the essential elements of each
2.2 Knowledge of IT governance, management, security and control frameworks, and related standards, guidelines and practices
2.3 Knowledge of the organizational structure, roles and responsibilities related to IT, including segregation of duties (SoD)
2.4 Knowledge of the relevant laws, regulations and industry standards affecting the organization
2.5 Knowledge of the organization’s technology direction and IT architecture and their implications for setting long-term strategic directions
2.6 Knowledge of the processes for the development, implementation and maintenance of IT strategy, policies, standards and procedures
2.7 Knowledge of the use of capability and maturity models
2.8 Knowledge of process optimization techniques
2.9 Knowledge of IT resource investment and allocation practices, including prioritization criteria (e.g., portfolio management, value management, personnel management)
2.10 Knowledge of IT supplier selection, contract management, relationship management and performance monitoring processes, including third-party outsourcing relationships
2.11 Knowledge of enterprise risk management (ERM)
2.12 Knowledge of the practices for monitoring and reporting of controls performance (e.g., continuous monitoring, quality assurance [QA])
2.13 Knowledge of quality management and quality assurance (QA) systems
2.14 Knowledge of the practices for monitoring and reporting of IT performance (e.g., balanced scorecard [BSC], key performance indicators [KPIs])
2.15 Knowledge of business impact analysis (BIA)
2.16 Knowledge of the standards and procedures for the development, maintenance and testing of the business continuity plan (BCP)
2.17 Knowledge of the procedures used to invoke and execute the business continuity plan (BCP) and return to normal operations

karibuni.. wote..
Kwa maelezo zaidi tuwasiliane kwa kupitia 0713 451713 ama 0764 978313
 
Benefits of CISA Certification

• Recognition of attainment of advanced job skills as required for an information systems auditor

• Worldwide recognition as an information systems auditor

• Opportunity to build upon existing certifications/credentials already earned

• Provides tangible evidence of career growth

• Potential for a salary increase and/or promotion

Benefits of Training with True Ink Associates


True Ink is a specialist training company focused on providing quality education to IT professionals in business and government. Our courses offer some key benefits:


• Outstanding world-class instructors. Ultimately the caliber of the instructor is the key determinant of the effectiveness of training.

• Independence. Our courses are independently commissioned and developed to ensure maximum ongoing relevance.

• Pre-Exam Support. All participants gain exclusive access to our CISA Support Hotline as well as our online forums for questions, comments and resources.

• Exclusive Warranty. Extensive research, development and high-level expertise has gone into the creation of our CISA course. We back the quality of the course unreservedly, and provide a special warranty: if, for whatever reason, the unthinkable should happen and you do not pass the exam the first time, you are entitled to re-sit the entire course, or any part thereof, at no charge.
 
Leo tunamalizia chapter II kisha tunaanza Chapter III.

Karibuni muone mazingira yetu ya kufundishia na quality of trainers.

regards

sam
 
Our institution has been authorized by the ISACA Tanzania Lo-cal Chapter to conduct CISA, CISM trainings in Tanzania, and has reputable and experienced trainers. ISACA Tanzania Local Chapter represents and governs all ISACA activities in Tanzania including providing assurance that CISA Training institutions meet the minimum standards of the respective ISACA’s curricu-lum and the trainers have required competence to facilitate the review courses.
 Because we understand that the CISA/CISM exam contents vary from practical technical ICT matters to practical technical IS au-diting skills, our courses are conducted by a minimum of four (4) facilitators, each with hands-on experience and technical knowledge of the designated area hence provide in-depth knowledge transfer to students within the facilitator’s highly spe-cialized field of competence. All of the facilitators conducting the course are Certified Information Systems Auditors (CISAs) and hold other Certification like CISM, ITIL, PMP, ISO 27001 Lead Auditor,

For more information please contact us through
0713 451713 or 0764 978313
mujinja@hotmail.com
 
Leo Tarehe 11/04/2016 tunamalizia Chapter II na kesho tunaanza Chapter IV.
Tumeshaanza maandalizi ya darasa litakaloanza mwezi wa nne trh 25/04/2016
karibuni sana..

Kwa maelezo zaidi tuwasiliane kwa kupitia 0713 451713 ama 0764 978313
ama kwa email mujinja@hotmail.com
 
Mkuu, Hii thread umeilipia nini??

Mbona unatangaza na kujijibu / comment mwenyewe..
 
@Vaiko Joel.
Am a professional. I am sure na wewe u r a professional. sio wote wanaoona thread humu wanajibu hapa, nina darasa la zaidi ya watu 20, na nimeanza kuandikisha darasa lingine. usipende kukatisha watun tamaa... Huna haja ya kuandika ulichoandika, kama hauko interested u better keep quite na kutafuta kazi ya kufanya.. natumia elimu yangu kulemisha jamii na kumsaidia raisi JPM kuongeza wataalam wa IT Audit.... wala sitangazi hapa, najaribu kuwasiliana na watu ambao wako very interested, Please stop and start thinking as a professional....
 
True Ink Associates would like to announce the CISA (Certified Information Systems Auditor) review class will start on 02/05/2016 at DSM City Center Raha Tower Building .The course duration is 5 weeks, from 1700-2000 hrs Monday to Friday. Course fee is 700,000/= including manuals and database for questions answers and explanations .For those who are preparing for CISA June/September or December 2016 are warmly welcomed.

For more information please email us through true_ink_associates@hotmail.com or mujinja@hotmail.com or Mob. 0713451713 and 0764978313.

Contact Person Sam Mujinja. Karibuni sana...
 
We are offering CISA Review Classes..read Below

What are the Course Objectives?


By the end of this training you will:
Be able to identify and assess vulnerabilities,
report on compliance and institute controls.
Acquire the relevant knowledge and skills required to
clear the CISA certification exam by ISACA.
Gain a better understanding of IS Audit and Assurance
Guidelines, Standards and best practices for IS audit and control,
governance of enterprise IT, acquisition, development, testing and implementation of information systems.
Develop a working knowledge in the five domains of CISA,
as prescribed by ISACA.


Who should do this course?


This training is an essential professional requirement
for professionals who are responsible for controlling, monitoring and
assessing an organization's information technology and business systems.
Applicable careers positions include:
IS / IT Auditor/Consultants
IT Compliance Manager
Chief Compliance Officer
Chief Risk & Privacy Officer
Security Head / Director
Security Manager / Architect

For more information please email us through true_ink_associates@hotmail.com or mujinja@hotmail.com or Mob. 0713451713 and 0764978313.
 
Tunaendelea kupokea maombi ya wanaohitaji kufanya review ya CISA kwa ajili ya mtihani wa mwezi wa June,September or December

Kwa maelezo tafadhali tupigie kupitia 0713 451713 or 0764 978313.
karibuni wote
 
How to become a CISA Certified.

The CISA designation is awarded to individuals with an interest in Information Systems auditing, control and security who meet the following requirements:

1. Successful completion of the CISA examination
2. Submit an Application for CISA Certification
3. Adherence to the Code of Professional Ethics
4. Adherence to the Continuing Professional Education Program
5. Compliance with the Information Systems Auditing Standards

1. Successful completion of the CISA Examination
The examination is open to all individuals who have an interest in information systems audit, control and security. All are encouraged to work toward and take the examination. Successful examination candidates will be sent all information required to apply for certification with their notification of a passing score. For a more detailed description of the exam seeCISA Certification Job Practice. Also, CISA Exam Preparation resources are available through the association and many chapters host CISA Exam Review Courses (contact your local chapter).

1. Successful completion of the CISA examination
The examination is open to all individuals who have an interest in information systems audit, control and security. All are encouraged to work toward and take the examination. Successful examination candidates will be sent all information required to apply for certification with their notification of a passing score.
[h=4]2. Submit an Application for CISA Certification[/h]Once a CISA candidate has passed the CISA certification exam and has met the work experience requirements, the final step is to complete and submit a CISA Application for Certification. A minimum of 5 years of professional information systems auditing, control or security work experience (as described in the CISA job practice areas) is required for certification.

3. Adherence to the Code of Professional Ethics
Members of ISACA and/or holders of the CISA designation agree to a Code of Professional Ethics to guide professional and personal conduct.

4. Adherence to the Continuing Professional Education (CPE) Program
The objectives of the continuing education program are to:

  • Maintain an individual's competency by requiring the update of existing knowledge and skills in the areas of information systems auditing, control or security.
  • 5. Compliance with the Information Systems Auditing Standards
Individuals holding the CISA designation agree to adhere to the Information Systems Auditing Standards as adopted by ISACA.
True Ink Associates, provides training on CISA by conducting CISA Review classes in Dar Es Salaam, mwanza and Arusha , other class in going on, and we are expecting to start the new CISa review class on 26/10/2015 at Dar Es Salaam.
Other class will be conducted in Arusha in collaboration with Institute of Accountants Arusha (Njiro).

For more information contact us through +255 713451713 or +255764978313
or though email address mujinja@hotmail.com contact person Sam Mujinja
 
Not All Audits Are the Same

A list of what could be audited is long, and, in practice, the most likely activities to be audited are those that link to significant business risk.
It is likely that if previous audits raised issues and included recommendations, the auditors will be interested in what has changed since these were made and may choose to re-audit some of them.
It can be assumed that documented and current business impact analyses, business continuity plans and risk assessments will be of interest to the auditors. Questions will be raised if these are incomplete, out of date or not available. Not a good start.
In addition, a short list of what could be audited would include:


  • Data center audits-Including physical and logical security, process documentation and metrics. Of course, there is much more to this, including, for example, examination of controls at various levels (e.g., operating systems, applications, databases, networks, cryptography).
  • IS/IT process audits-Often a COBIT 5 -based audit, which includes the COBIT Process Assessment Model (PAM): Using COBIT 5 (It replaces the capability maturity model used up to COBIT 4.1.)
  • Information security audits-Focusing on the controls used to manage the availability, confidentiality and integrity of information
  • IS/IT systems development audits-Focusing on the specification, development, testing, initial data loading, accreditation, and, in particular, security and business process controls
  • IS/IT large software projects audits-Related to the previous item, but focusing on project management processes, change management and reporting (A series of columns on this topic is planned for future issues of the ISACA Journal.)
  • Postimplementation benefits audits-Occur once a project has been completed and has been operational for some time. These audits are intended to validate whether the benefits identified in the original business case for investing in the project have been achieved.
  • Business continuity audits-To review the resiliency, recovery and other contingency plans prepared to restore an appropriate level of normalcy after a situation that heavily disrupts the organization's IS/IT facilities
  • IS/IT management/governance audits-Particularly important when relying on external service providers (i.e., outsourcing and offshoring service providers). Such audits examine cost recovery or charging systems, budgeting and cost control, and organizational structure.
  • Change management audits-Reviewing the procedures and systems used to control changes to infrastructure, software and the changes in relationships arising from organizational changes and/or the introduction of new technologies (such as bring your own device [BYOD])
True ink associates will help you achieve the ebove
karibuni sana
 
In terms of the Governing authority, CISA Candidates are recognized by ISACA International, for the case of Tanzania, there is ISACA Local Chapter called ISACA Tanzania Chapter headed by the presidents and its board members.

ISACA certification (CISA inclusive) have been recognized by government entities, industries, publications, standard bodies, and major consulting groups. Examples are listed below.

1. UK Government's 2014 cyber security skills report revealed that CISA are among the information assurance qualification they look when they recruiting staff.

2. The American National Standards Institute (ANSI) has awarded accreditation under ISO /IEC 17024 to the CISA Certification programs for the past three years.

3. US Department of defense (DoD)included CISA in the list of approved certification for its information assurance professionals.
4. NBAA Tanzania and Insititute of Internal Auditors (IIA) Tanzania inatutambua ISACA professional (CISA inclusive) kama professional Certification na huwa tunafanya kazi in collaboration.

Kwa Tanzania, kuna jitihada za makusudi ambazo ISACA Tanzania Chapter inafanya kwa ajili ya kuwa na Governing board ama regulatory board kwa ajili ya kuwatambua IT Auditors na kuwafanyia regulation kuhakikisha standards and code of conduct are followed according to Professional code of ethics provided by ISACA international , kama ambavyo Tanzania tuna NBAA kama board inayowatambua Wahasibu. Na kuna proposal inatengenezwa kupelekwa serikalini kuhakikisha kuwa IT Audit scheme of service inawekwa kwenye nyanja mbali mbali na carrier path inakuwa recognised. Soon tutakuwa na Regulatory Authority inayowatambua IT Auditor. \
For reference hata ukienda CBE..Chuo cha usimamizi wa Biashara inatengeneza mitaala kwa ajili ya IT Auditors na kuna baadhi ya Universities in Tanzania are thinking of including IT audit as one of their courses.

Na ukiangalia Mkaguzi mkuu wa serikali (kwa wakati huo Mr. Utoh) aliona potential ya IT Auditors ndo maana kuanzia mwaka jana aliamua kubadilisha focus kuwasomesha auditors wake CISA badala ya CPA. kwani kaangalia mbali kuona jinsi ambavyo most organisation depends on IT and we are heading towards an automated environments, ukiwa financial auditors kuna areas utakuwa unazimis kwa ajili ya ku perform proper IT Audit.na tulifundisha auditors 26 na katika hao almost nusu walifaulu CISA certification baada ya kufanya mtihani wa June 2014.
Hata Mabenki na Telecom Company wanahitaji IT Auditors with CISA certification, BOT, TANESCO, National Audit Office, EWURA, TRA sasahivi wana kitengo kabisa cha IT Auditors, just few to mention.

Its a certification that is coming up in Tanzania na kuna room kubwa ya kufanya consultancy provided you have knowldege and skills to perform that according to ISACA profesional code of ethics and standards/assurance tools.
 
You must log in or register to reply here.

Similar Discussions

Back
Top Bottom
Forums
New posts
Post thread
Back