CISA (Certified Information Systems Auditor) Review Classes Linaanza January 2016

[Tarime natokea]

True Ink Associates would like to Announce that the Fifth CISA
(Certified Information Systems Auditor) Review Class is scheduled
to commence on Monday 11/01/2016, Dar Es Salaam City Center,
Raha Tower Building 4th Floor at the Institute of Internal Auditors (IIA)
Conference Room. For those who are interested to sit for

June/September 2016 CISA/CISM Exams Exams are warmly welcomed.


The course Duration is 5 weeks, 3 hrs a day, from Monday to Friday,
starting from 17:00-20:00 hrs in the evening. Additional one week
will be provided for intensive review on sample questions and
in depth discussion on various areas as we have almost 1,200
questions covering the entire 5 modules.


The course Fee is TZS 700,000/= which includes Manuals,Database for questions,
answers and explanations and other supplementary materials reccomended by ISACA




Register to reserve your sit.


For more information please Contact us through +255 713451713 or 0764 978313
or Email us through mujinja@hotmail.com

 

[mzee wa ndonga]

EligibilityTo qualify as CISA, candidates have to have five years of work experience in the fields of Information Systems Auditing, Control, Assurance or Security. Only those who clear the CISA exam will be certified. The work experience must be gained within the 10-year period preceding the application date for certification or within five years from the date of initially passing the exam.
The CISA exam is a one-time exam, consisting of 150 multiple-choice questions, and the timeframe given is four hours. The exam is held thrice a year, on the second Saturday of June, September (in select locations) and December.

 

[mzee wa ndonga]

How to become CISA certified

The CISA designation is awarded to individuals with an interest in Information Systems auditing, control and security who meet the following requirements:

1. Successful completion of the CISA examination
2. Submit an Application for CISA Certification
3. Adherence to the Code of Professional Ethics
4. Adherence to the Continuing Professional Education Program
5. Compliance with the Information Systems Auditing Standards

1. Successful completion of the CISA Examination
The examination is open to all individuals who have an interest in information systems audit, control and security. All are encouraged to work toward and take the examination. Successful examination candidates will be sent all information required to apply for certification with their notification of a passing score. For a more detailed description of the exam see CISA Certification Job Practice. Also, CISA Exam Preparation resources are available through the association and many chapters host CISA Exam Review Courses (contact your local chapter).

1. Successful completion of the CISA examination
The examination is open to all individuals who have an interest in information systems audit, control and security. All are encouraged to work toward and take the examination. Successful examination candidates will be sent all information required to apply for certification with their notification of a passing score.
2. Submit an Application for CISA Certification

Once a CISA candidate has passed the CISA certification exam and has met the work experience requirements, the final step is to complete and submit a CISA Application for Certification. A minimum of 5 years of professional information systems auditing, control or security work experience (as described in the CISA job practice areas) is required for certification.
3. Adherence to the Code of Professional Ethics
Members of ISACA and/or holders of the CISA designation agree to a Code of Professional Ethics to guide professional and personal conduct.

4. Adherence to the Continuing Professional Education (CPE) Program
The objectives of the continuing education program are to:

• Maintain an individual's competency by requiring the update of existing knowledge and skills in the areas of information systems auditing, control or security.
• 5. Compliance with the Information Systems Auditing Standards

Individuals holding the CISA designation agree to adhere to the Information Systems Auditing Standards as adopted by ISACA.
True Ink Associates, provides training on CISA by conducting CISA Review classes in Dar Es Salaam, mwanza and Arusha , other class in going on, and we are expecting to start the new CISa review class on 26/10/2015 at Dar Es Salaam.
Other class will be conducted in Arusha in collaboration with Institute of Accountants Arusha (Njiro).

For more information contact us through +255 713451713 or +255764978313
or though email address mujinja@hotmail.com contact person Sam Mujinja

karibuni Wote

 

[mzee wa ndonga]

Zimebaki week 2 darasa la CISA lianze.
kwa wale walioko DSM wanaombwa tuwasiliane ili kutunza nafasi yako,
kwani darasa linachukua wanafunzi 15 tu na si zaidi ya hapo.

Kwa wale wa Arusha na mwanza taratibu zinaendelea na mwezi wa pili mwishoni tutaanza review za CISA..
kwa mawasiliano naomba tuwasiliane kupitia

0713 451713/0764978313
contact person : Sam Mujinja

 

[mzee wa ndonga]

Domain 1—The Process of Auditing Information Systems

Provide audit services in accordance with IS audit standards to assist the organization in protecting and controlling information systems. (21%)

Task Statements:

1.1

Execute a risk-based IS audit strategy in compliance with IS audit standards to ensure that key risk areas are audited.

1.2

Plan specific audits to determine whether information systems are protected, controlled and provide value to the organization.

1.3

Conduct audits in accordance with IS audit standards to achieve planned audit objectives.

1.4

Communicate audit results and make recommendations to key stakeholders through meetings and audit reports to promote change when necessary.

1.5

Conduct audit follow-ups to determine whether appropriate actions have been taken by management in a timely manner.

Knowledge Statements:

1.1

Knowledge of ISACA IT Audit and Assurance Standards, Guidelines and Tools and Techniques, Code of Professional Ethics and other applicable standards

1.2

Knowledge of the risk assessment concepts and tools and techniques used in planning, examination, reporting and follow-up

1.3

Knowledge of fundamental business processes (e.g., purchasing, payroll, accounts payable, accounts receivable) and the role of IS in these processes

1.4

Knowledge of the control principles related to controls in information systems

1.5

Knowledge of risk-based audit planning and audit project management techniques, including follow-up

1.6

Knowledge of the applicable laws and regulations that affect the scope, evidence collection and preservation, and frequency of audits

1.7

Knowledge of the evidence collection techniques (e.g., observation, inquiry, inspection, interview, data analysis, forensic investigation techniques, computer-assisted audit techniques [CAATs]) used to gather, protect and preserve audit evidence

1.8

Knowledge of different sampling methodologies and other substantive/data analytical procedures

1.9

Knowledge of reporting and communication techniques (e.g., facilitation, negotiation, conflict resolution, audit report structure, issue writing, management summary, result verification)

1.10

Knowledge of audit quality assurance (QA) systems and frameworks

1.11

Knowledge of various types of audits (e.g., internal, external, financial) and methods for assessing and placing reliance on the work of other auditors or control entities

​

 

[mzee wa ndonga]

The job practice domains and task and knowledge statements are as follows:


Domain 1—The Process of Auditing Information Systems (21%)

Domain 2—Governance and Management of IT (16%)

Domain 3—Information Systems Acquisition, Development and Implementation (18%)

Domain 4—Information Systems Operations, Maintenance and Service Management (20%)

Domain 5—Protection of Information Assets (25%)

 

[mzee wa ndonga]

What is going to be covered in Domain II

Domain 2—Governance and Management of IT

Provide assurance that the necessary leadership and organizational structures and processes are in place to achieve objectives and to support the organization's strategy. (16%)

Task Statements:

2.1

Evaluate the IT strategy, including IT direction, and the processes for the strategy’s development, approval, implementation and maintenance for alignment with the organization’s strategies and objectives.

2.2

Evaluate the effectiveness of the IT governance structure to determine whether IT decisions, directions and performance support the organization’s strategies and objectives.

2.3

Evaluate IT organizational structure and human resources (personnel) management to determine whether they support the organization’s strategies and objectives.

2.4

Evaluate the organization’s IT policies, standards and procedures, and the processes for their development, approval, release/publishing, implementation and maintenance to determine whether they support the IT strategy and comply with regulatory and legal requirements.

2.5

Evaluate IT resource management, including investment, prioritization, allocation and use, for alignment with the organization’s strategies and objectives.

2.6

Evaluate IT portfolio management, including investment, prioritization and allocation, for alignment with the organization’s strategies and objectives.

2.7

Evaluate risk management practices to determine whether the organization’s IT-related risk is identified, assessed, monitored, reported and managed.

2.8

Evaluate IT management and monitoring of controls (e.g., continuous monitoring, quality assurance [QA]) for compliance with the organization’s policies, standards and procedures.

2.9

Evaluate monitoring and reporting of IT key performance indicators (KPIs) to determine whether management receives sufficient and timely information.

2.10

Evaluate the organization’s business continuity plan (BCP), including alignment of the IT disaster recovery plan (DRP) with the BCP, to determine the organization’s ability to continue essential business operations during the period of an IT disruption.

Knowledge Statements:

2.1

Knowledge of the purpose of IT strategy, policies, standards and procedures for an organization and the essential elements of each

2.2

Knowledge of IT governance, management, security and control frameworks, and related standards, guidelines and practices

2.3

Knowledge of the organizational structure, roles and responsibilities related to IT, including segregation of duties (SoD)

2.4

Knowledge of the relevant laws, regulations and industry standards affecting the organization

2.5

Knowledge of the organization’s technology direction and IT architecture and their implications for setting long-term strategic directions

2.6

Knowledge of the processes for the development, implementation and maintenance of IT strategy, policies, standards and procedures

2.7

Knowledge of the use of capability and maturity models

2.8

Knowledge of process optimization techniques

2.9

Knowledge of IT resource investment and allocation practices, including prioritization criteria (e.g., portfolio management, value management, personnel management)

2.10

Knowledge of IT supplier selection, contract management, relationship management and performance monitoring processes, including third-party outsourcing relationships

2.11

Knowledge of enterprise risk management (ERM)

2.12

Knowledge of the practices for monitoring and reporting of controls performance (e.g., continuous monitoring, quality assurance [QA])

2.13

Knowledge of quality management and quality assurance (QA) systems

2.14

Knowledge of the practices for monitoring and reporting of IT performance (e.g., balanced scorecard [BSC], key performance indicators [KPIs])

2.15

Knowledge of business impact analysis (BIA)

2.16

Knowledge of the standards and procedures for the development, maintenance and testing of the business continuity plan (BCP)

2.17

Knowledge of the procedures used to invoke and execute the business continuity plan (BCP) and return to normal operations

 

[mzee wa ndonga]

Bado week moja na nusu, na tunaendela kuwakumbusha wale wote wanaohitaji kufanya review class ya cisa wasisite kuwasiliana nasi.
nafasi zimebaki 4 ili darasa litimie.jitahidi ku reserve nafasi yako kwa kutupigia number zifuatazo,,

For more information contact us through +255 713451713 or +255764978313
or though email address mujinja@hotmail.com contact person Sam Mujinja

 

[mzee wa ndonga]

Get Recognized as an Expert in Your Profession

Earn the Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in the Governance of Enterprise IT (CGEIT) or Certified in Risk and Information Systems Control (CRISC) certification.

ISACA certifications are globally accepted and recognized. They combine the achievement of passing an exam with credit for your work and educational experience, giving you the credibility you need to move ahead in your career. Certification proves to employers that you have what it takes to add value to their enterprise. In fact, many organizations and governmental agencies around the world require or recognize ISACA’s certifications.

Independent studies consistently rate ISACA’s designations among the highest paying IT and impactful certifications that an IT professional can earn. Earning and maintaining an ISACA certification:

• Boosts your earning potential
• Counts in the hiring process
• Enhances your professional credibility and recognition

The future of IS auditing is in the hands of its practitioners. Proven experience and knowledge are essential, but certification is also crucial to meeting the demands of the future, which also necessitates continuous education. Maintaining an ISACA certification helps provide practitioners with the ability to meet the demands of today and prepare for the future.”

 

[mzee wa ndonga]

THREE THINGS AN IT AUDIT IS NOT
But first, especially for those new to the
profession and for those outside our profession,
it should be noted what IT auditing is not. It
is not about ordinary accounting controls or
traditional financial auditing. That knowledge
and skill set served the audit profession well
from the beginning of auditing in the middle ages
(with exchequers and other forms of auditing)
until the introduction of computing systems in
the 1950s. In fact, before 1954, it was possible
for an auditor to use a very similar audit program
from day one of his/her career until he/she
retired. To put it simply, the use of computers in
accounting systems introduced a new source of
risk associated with accounting processes and
information (i.e., data). And, it introduced the
need for those who understand this new “thing”
to identify and mitigate the risk.
IT auditing is also not compliance testing.
Some believe IT auditors are about making sure
people conform to some set of rules—implicit
or explicit—and that what we do is report
on exceptions to the rules. Actually, that is management’s job. It is not the compliance with
rules that is of interest to IT auditors. IT auditors
are examining whether the entity’s relevant
systems or business processes for achieving and
monitoring compliance are effective. IT auditors
also assess the design effectiveness of the rules—
whether they are suitably designed or sufficient in
scope to properly mitigate the target risk or meet
the intended objective.

 

[mzee wa ndonga]

Available Study Materials From ISACA:
Passing an ISACA exam can be achieved through an organized plan of study.
To assist individuals with the development of a successful study plan, ISACA
offers, for purchase, study aids to exam candidates. visit isaca
bookstore for more complete details including detailed descriptions of the
products, costs, and languages available. Order early as delivery time can be
one to two weeks, depending on geographic location and customs clearance
practices.
CISA:
CISA Review Manual 26th Edition.
CISA Review Questions, Answers & Explanations Manual 11th Edition
CISA Review Questions, Answers & Explanation Database—
12 month subscription

For more information please contact us..

 

[mzee wa ndonga]

Imebaki week moja exactly review class ya CISA ianze..nazidi kuwakaribisha wote

 

[mzee wa ndonga]

One of the Topics we are covering includes Vendor Management; below are only fer things to be covered
The information is organized as follows:
• Vendor management definition, life-cycle stages and stakeholders
• Threats and risk related to vendor management
• Good practices to mitigate risk related to vendor management
• Binding documents that should be considered during the vendor
management life cycle
• Cloud vendor management

 

[mzee wa ndonga]

At the end of the course, participants will be able to:
i) Understand Information Systems Audit Concepts: IT/IS Audit Focus; Audit’s Role; Control Environment; Control Framework; IT Audit Certifications
ii) Information Systems Audit Process: This encompasses the entire practice of IS auditing, including procedures, and the thorough methodologies that allows an IS auditor to perform an audit on any given IT area in a professional manner.
iii) Audit Information Technology Governance: ICT Strategic Alignment; Resource Management; Risk Management; Performance Measurement; information security governance; IT policies and procedures; separation of duties and outsourcing
iv) Audit Information Systems Acquisition, Development and Implementation: Systems Development Life Cycle; Identifying Audit Risk in Systems Development Life Cycle, software licensing, change management and controls; Audit of ERPs purchases
v) Audit Business Continuity and Disaster Recovery: Business Continuity Planning; Disaster recovery strategy; Backup plan; Risk assessment; Business Impact Analysis (BIA)
2
vi) Auditing Information Systems Security: Evaluate information security policies; evaluate design, implementation, and monitoring of physical and logical controls; evaluate the processes and procedures used to store, retrieve, transport and dispose of information assets.
vii) The Tools of IT/IS Audit: CAATs; Data Retrieval and Analysis Software; Audit Software; Testing Technique; IT Audit Resources


Darasa linaanza Jumatatu..nazidi kuwakaribisha wote..

 

[mzee wa ndonga]

Tuko kwenye maandalizi ya mwisho ya kuanza darasa la revies ya CISA keshokutwa jumatatu, saa 11 jioni hadi saa 2 usiku..kwa wale wanaohitaji bado wanaombwa kuwasiliana nasi kwa number zifuatazo. ama wafike raha tower building, gorofa la 4 waulizie ilipo IIA Tanzania..ama Institute of Internal auditors. karibuni sana..

+255 713451713 or +255764978313
or though email address mujinja@hotmail.com contact person Sam Mujinja

 

[mzee wa ndonga]

CISA Class linaanza leo jioni ..karibuni sana

 

[mzee wa ndonga]

Darasa la CISA limeanza rasmi leo hapa Raha Tower Floor ya 4. asanteni wote mlioweza kuanza leo na naamini mtakuwa mashuhuda wazuri wa kazi nzuri na shule nzuri mtakayoipata hapa True Ink Associates.

Nawatakia shule njema..

Sam Mujinja: Course Director

 

[mzee wa ndonga]

Darasa la CISA Limeanza toka Juzi...kwa wale ambao hawajafanikiwa kuhudhuria zimebaki nafasi mbili darasa litimie..karibuni sana..
kwa mawasiliano :

0713 451713/0764978313
contact person : Sam Mujinja

 

[mzee wa ndonga]

Leo tunaendelea na review class za CISA..darasa limechangamka, ijumaa ndio siku ya mwisho ya kupkea wanaohitaji kujiunga nasi.
nawatakia siku njema.

sam

 

[mzee wa ndonga]

Area of concentration Today in our review cisa class
COBIT 5

COBIT 5 helps enterprises create optimal value from IT by maintaining a balance between realizing benefits and optimizing risk levels and resource use.
COBIT 5 enables information and related technology to be governed and managed in a holistic manner for the entire enterprise, taking in the full end-to-end business and functional areas of responsibility, considering the IT-related interests of internal and external stakeholders.
The COBIT 5 principles and enablers are generic and useful for enterprises of all sizes, whether commercial, not-for-profit or in the public sector.

Karibuni Wote