Mwalimu wa CISA anapatikana

[mzee wa ndonga]

Kwa wale wanaopenda kusoma tunawajulisha kuwa mwalimu wa kufundisha kozi mbalimbali za IS Audit, security, risk assessment and risk management, conrols,governance, Value for money Audit, performance audit etc wanaombwa wawasiliane nami. Unaweza kuwa mtu mmoja mmoja ama taasis yoyote..wasifu wangu ni huo hapo chini..

Samwel Mujinja is a Senior information Systems Auditor and security expert and with more than 10 years of experience and achievement across the whole spectrum of technical aspects of Information Technology, Information Security, Business Continuity, Networking and Systems Integration and physical security in Information and Communications Technology (ICT). He has solid grounds in Microsoft infrastructure, Cisco systems, firewall, ERP, Oracle Business Intelligence and other corporate applications.

Working at the University Computing Center Ltd as System Administrator/Instructor/Web developer/Web Designer/Database Designer

Where he managed train students on various IT courses and also become ICDL Course Coordinator and manage to accomplish a lot of assignments such as development of the certificate and Diploma in IT course curriculum.


Also he worked at Tanzania Revenue Authority as a Business Intelligence analyst and a Project Coordinator in the development and enhancement of the Data Warehouse Phase II and Business Intelligence that integrate all the operational systems that are within the authority and external sources and perform some analysis that enable the management to provide some strategic decision making on various tax policy and tax administration issue across the organisation.


Currently working at TRA as a Senior Information Systems Auditor providing assurance and consulting services to the Organization. Holder of CISA,ISO 27001 Lead Auditor and ITIL Certification, Samwel has attended various advanced training on ACL (Automated Command Language) data analysis and advanced scripting and is capable of using various Audit software’s in various country like South Africa, India and U.S.A.


Samwel believes that managing IT risk is part of running any business these days, regardless of the business, understanding IT risk helps increase network security, reduce management costs and achieve greater compliance posture. Failure to identify, assess and mitigate IT risk sets the business up for serious security breaches and financial losses down the road and therefore IT governance stand as vital pillar in this success.

Samwel is an active member of ISACA and Founder Member of Tanzania Information Technology Association (TITA), Member of Institute of Internal Auditors (IIA), Member of Society of Digital Information and Wireless Communication (SDIWC) Malaysia which most of them provide world standard frameworks for Auditing, security and Fraud investigation.

Samwel Also is a Sub committee member of ISACA Board Tanzania Chapter.
Am conducting review classes for CISA, CISM, ISO 27001, ITIL for IT service management and I have trained many students to get their certification
I also Conduct In collaboration with The Institute of Accountant Arusha, training and organising workshops for various subject IT Audit areas like Performance Audit training Value for money Training and various IT Audit awareness program.
The New CISA Review Class will start on 11/01/2016...
Current responsibilities

• Conduct Risk based Audit to identifies, analyses, and, where necessary, responds appropriately to risks that might adversely affect realization of the organization's business objectives.
• Perform Various Audits using ACL data analytics tool for data extraction and analysis to identify areas of fraud detection & prevention, and risk management. Sampling large data sets, find irregularities or patterns in transactions to indicate control weaknesses or fraud.
• Implement continuous monitoring using ACL to determine areas of risk and appraise their significance and likelihood.
• Provide technical assistance to other internal auditors

• Perform special investigations assigned by management.
• Performing Performance audit
• Etc.

For more information contact us through
0713451713 or 0764 978313
Email: mujinja@hotmail.com
Contact person: Sam Mujinja

 

[mzee wa ndonga]

Kuna kozi zaidi ya CISA unaweza kufundishwa pia

• COBIT 5
• ITLI
• ISO 27001 LEAD AUDITOR
• BUSINESS CONTINUITY
• DISASTER RECOVERY PLAN
• etc

 

[mzee wa ndonga]

Most of our courses are practical oriented. and after training you will be able to do the following
At the end of the course, participants will be able to:
i) Understand Information Systems Audit Concepts: IT/IS Audit Focus; Audit’s Role; Control Environment; Control Framework; IT Audit Certifications
ii) Information Systems Audit Process: This encompasses the entire practice of IS auditing, including procedures, and the thorough methodologies that allows an IS auditor to perform an audit on any given IT area in a professional manner.
iii) Audit Information Technology Governance: ICT Strategic Alignment; Resource Management; Risk Management; Performance Measurement; information security governance; IT policies and procedures; separation of duties and outsourcing
iv) Audit Information Systems Acquisition, Development and Implementation: Systems Development Life Cycle; Identifying Audit Risk in Systems Development Life Cycle, software licensing, change management and controls; Audit of ERPs purchases
v) Audit Business Continuity and Disaster Recovery: Business Continuity Planning; Disaster recovery strategy; Backup plan; Risk assessment; Business Impact Analysis (BIA)
2
vi) Auditing Information Systems Security: Evaluate information security policies; evaluate design, implementation, and monitoring of physical and logical controls; evaluate the processes and procedures used to store, retrieve, transport and dispose of information assets.
vii) The Tools of IT/IS Audit: CAATs; Data Retrieval and Analysis Software; Audit Software; Testing Technique; IT Audit Resources

Karibuni wote

 

[mzee wa ndonga]

Kama mtu akihitaji kufundishwa kozi yoyote one on one pia awasiliane nasi. tuna tailor made course nyingi sana kulingana na mahitaji,
karibuni sana..
+255 713451713 or +255764978313
or though email address mujinja@hotmail.com contact person Sam Mujinja

 

[mzee wa ndonga]

karibunni leo CISA Review Class Inaanza...

 

[mzee wa ndonga]

Jana tumeanza review classes za CISA pale raha tower dsm city center.
kwa wale ambao wako interested tunaomba wawasiliane nasi.

contact: 0713 451713/0764978313
Contact Person: Sam Mujinja

 

[mzee wa ndonga]

Kwa wanaohitaji pia tailor made courses za information security, risk assessment, governance, nawakaribisha sana

 

[mzee wa ndonga]

Area of concentration Today in our review cisa class
COBIT 5

COBIT 5 helps enterprises create optimal value from IT by maintaining a balance between realizing benefits and optimizing risk levels and resource use.
COBIT 5 enables information and related technology to be governed and managed in a holistic manner for the entire enterprise, taking in the full end-to-end business and functional areas of responsibility, considering the IT-related interests of internal and external stakeholders.
The COBIT 5 principles and enablers are generic and useful for enterprises of all sizes, whether commercial, not-for-profit or in the public sector.

Karibuni Wote

 

[Abra One]

Hongera mkuu japo wadau hawaonekani kabisa.. Usikate tamaa, kila la kheri.

 

[mzee wa ndonga]

Asante sana Abra One...
Watu wanapatikana.sio wote wanaojibu humu, wengine wanaandika email na wengine wanapiga simu. kuna darasa limeanza jumatatu juzi na lina wanafunzi yapata ishirini hivi(20). hao ni wengi sana kwa professional course kama hizi na fee yake ni kubwa...

 

[mzee wa ndonga]

Jana tumemaliza Module I. Jumatatu tunafanya maswali na discussion na Jumanne tunaanza Module II.
Area of concentration :
Domain 2—Governance and Management of IT
Provide assurance that the necessary leadership and organizational structures and processes are in place to achieve objectives and to support the organization's strategy. (16%)

Task Statements:
2.1 Evaluate the IT strategy, including IT direction, and the processes for the strategy’s development, approval, implementation and maintenance for alignment with the organization’s strategies and objectives.
2.2 Evaluate the effectiveness of the IT governance structure to determine whether IT decisions, directions and performance support the organization’s strategies and objectives.
2.3 Evaluate IT organizational structure and human resources (personnel) management to determine whether they support the organization’s strategies and objectives.
2.4 Evaluate the organization’s IT policies, standards and procedures, and the processes for their development, approval, release/publishing, implementation and maintenance to determine whether they support the IT strategy and comply with regulatory and legal requirements.
2.5 Evaluate IT resource management, including investment, prioritization, allocation and use, for alignment with the organization’s strategies and objectives.
2.6 Evaluate IT portfolio management, including investment, prioritization and allocation, for alignment with the organization’s strategies and objectives.
2.7 Evaluate risk management practices to determine whether the organization’s IT-related risk is identified, assessed, monitored, reported and managed.
2.8 Evaluate IT management and monitoring of controls (e.g., continuous monitoring, quality assurance [QA]) for compliance with the organization’s policies, standards and procedures.
2.9 Evaluate monitoring and reporting of IT key performance indicators (KPIs) to determine whether management receives sufficient and timely information.
2.10 Evaluate the organization’s business continuity plan (BCP), including alignment of the IT disaster recovery plan (DRP) with the BCP, to determine the organization’s ability to continue essential business operations during the period of an IT disruption.
Knowledge Statements:
2.1 Knowledge of the purpose of IT strategy, policies, standards and procedures for an organization and the essential elements of each
2.2 Knowledge of IT governance, management, security and control frameworks, and related standards, guidelines and practices
2.3 Knowledge of the organizational structure, roles and responsibilities related to IT, including segregation of duties (SoD)
2.4 Knowledge of the relevant laws, regulations and industry standards affecting the organization
2.5 Knowledge of the organization’s technology direction and IT architecture and their implications for setting long-term strategic directions
2.6 Knowledge of the processes for the development, implementation and maintenance of IT strategy, policies, standards and procedures
2.7 Knowledge of the use of capability and maturity models
2.8 Knowledge of process optimization techniques
2.9 Knowledge of IT resource investment and allocation practices, including prioritization criteria (e.g., portfolio management, value management, personnel management)
2.10 Knowledge of IT supplier selection, contract management, relationship management and performance monitoring processes, including third-party outsourcing relationships
2.11 Knowledge of enterprise risk management (ERM)
2.12 Knowledge of the practices for monitoring and reporting of controls performance (e.g., continuous monitoring, quality assurance [QA])
2.13 Knowledge of quality management and quality assurance (QA) systems
2.14 Knowledge of the practices for monitoring and reporting of IT performance (e.g., balanced scorecard [BSC], key performance indicators [KPIs])
2.15 Knowledge of business impact analysis (BIA)
2.16 Knowledge of the standards and procedures for the development, maintenance and testing of the business continuity plan (BCP)
2.17 Knowledge of the procedures used to invoke and execute the business continuity plan (BCP) and return to normal operations

Karibuni sana..kwa mawasiliano utatupat kwa number hizi

0713 451713 or 0764 978313

Sam Mujinja: Course Coordinator

 

[mzee wa ndonga]

Leo Jumanne tunaanza Module II.

Area of concentration :
Domain 2—Governance and Management of IT
Provide assurance that the necessary leadership and organizational structures and processes are in place to achieve objectives and to support the organization's strategy. (16%)

Task Statements:
2.1 Evaluate the IT strategy, including IT direction, and the processes for the strategy’s development, approval, implementation and maintenance for alignment with the organization’s strategies and objectives.
2.2 Evaluate the effectiveness of the IT governance structure to determine whether IT decisions, directions and performance support the organization’s strategies and objectives.
2.3 Evaluate IT organizational structure and human resources (personnel) management to determine whether they support the organization’s strategies and objectives.
2.4 Evaluate the organization’s IT policies, standards and procedures, and the processes for their development, approval, release/publishing, implementation and maintenance to determine whether they support the IT strategy and comply with regulatory and legal requirements.
2.5 Evaluate IT resource management, including investment, prioritization, allocation and use, for alignment with the organization’s strategies and objectives.
2.6 Evaluate IT portfolio management, including investment, prioritization and allocation, for alignment with the organization’s strategies and objectives.
2.7 Evaluate risk management practices to determine whether the organization’s IT-related risk is identified, assessed, monitored, reported and managed.
2.8 Evaluate IT management and monitoring of controls (e.g., continuous monitoring, quality assurance [QA]) for compliance with the organization’s policies, standards and procedures.
2.9 Evaluate monitoring and reporting of IT key performance indicators (KPIs) to determine whether management receives sufficient and timely information.
2.10 Evaluate the organization’s business continuity plan (BCP), including alignment of the IT disaster recovery plan (DRP) with the BCP, to determine the organization’s ability to continue essential business operations during the period of an IT disruption.
Knowledge Statements:
2.1 Knowledge of the purpose of IT strategy, policies, standards and procedures for an organization and the essential elements of each
2.2 Knowledge of IT governance, management, security and control frameworks, and related standards, guidelines and practices
2.3 Knowledge of the organizational structure, roles and responsibilities related to IT, including segregation of duties (SoD)
2.4 Knowledge of the relevant laws, regulations and industry standards affecting the organization
2.5 Knowledge of the organization’s technology direction and IT architecture and their implications for setting long-term strategic directions
2.6 Knowledge of the processes for the development, implementation and maintenance of IT strategy, policies, standards and procedures
2.7 Knowledge of the use of capability and maturity models
2.8 Knowledge of process optimization techniques
2.9 Knowledge of IT resource investment and allocation practices, including prioritization criteria (e.g., portfolio management, value management, personnel management)
2.10 Knowledge of IT supplier selection, contract management, relationship management and performance monitoring processes, including third-party outsourcing relationships
2.11 Knowledge of enterprise risk management (ERM)
2.12 Knowledge of the practices for monitoring and reporting of controls performance (e.g., continuous monitoring, quality assurance [QA])
2.13 Knowledge of quality management and quality assurance (QA) systems
2.14 Knowledge of the practices for monitoring and reporting of IT performance (e.g., balanced scorecard [BSC], key performance indicators [KPIs])
2.15 Knowledge of business impact analysis (BIA)
2.16 Knowledge of the standards and procedures for the development, maintenance and testing of the business continuity plan (BCP)
2.17 Knowledge of the procedures used to invoke and execute the business continuity plan (BCP) and return to normal operations

Karibuni sana..kwa mawasiliano utatupat kwa number hizi

0713 451713 or 0764 978313

Sam Mujinja: Course Coordinator

 

[mzee wa ndonga]

Leo ni siku ya pili toka tuanze review class ya cisa, na tuko chapter 2..waliotaka kujiunga muda umeshapita na tunawakaribisha darasa litakaloanza mwezi wa 3. karibuni sana..

 

[mzee wa ndonga]

The Certified Information Systems Auditor (CISA) Training True ink Associates aims to make working professionals adept at evaluating, securing and controlling complex business and IT systems in an enterprise. This course will also highlight government regulations and helps devise policies with stronger internal control measures and disclosures.

CISA Certification acts as a career differentiator for security professionals or IT managers who wish to enhance their marketability and credibility. This is an ideal path for those looking at a long term career in Information Systems Auditing. This course is highly recommended for IS/IT auditors, IT managers, Audit Managers, Security Managers, System Analysts, Consultants, and even CIOs and CTOs.

Participants enrolled for this course will learn the following set of skills:

· Entire Process of Auditing Information Systems

· Management and Governance of IT

· Acquisition, Implementation and Development of Business Information Systems

· Managing Operations, Support and Maintenance of IS

· Securing Information Assets

These core skills provide extensive understanding of managerial and technological factors that must be coordinated effectively in order to protect business information and systems.

Karibunisana

 

[mzee wa ndonga]

Leo Tunamalizia Chapter II. Na Jumatatu ya tarehe 25/01/2016 tunaanza Chapter III.
Kwa mawasiliano zaidi tutembelee ofisini kwetu ama piga simu number 0713451713 or 0764 978313
Karibuni sana

 

[mzee wa ndonga]

Ijumaa tulimaliza chapter 2, Kesho tunaanza chapter 3..karibuni wote


Domain 3—Information Systems Acquisition, Development and Implementation

Provide assurance that the practices for the acquisition, development, testing and implementation of information systems meet the organization’s strategies and objectives. (18%)


Task Statements:

3.1 Evaluate the business case for the proposed investments in information systems acquisition, development, maintenance and subsequent retirement to determine whether the business case meets business objectives.

3.2 Evaluate IT supplier selection and contract management processes to ensure that the organization’s service levels and requisite controls are met.

3.3 Evaluate the project management framework and controls to determine whether business requirements are achieved in a cost-effective manner while managing risk to the organization.

3.4 Conduct reviews to determine whether a project is progressing in accordance with project plans, is adequately supported by documentation, and has timely and accurate status reporting.

3.5 Evaluate controls for information systems during the requirements, acquisition, development and testing phases for compliance with the organization's policies, standards, procedures and applicable external requirements.

3.6 Evaluate the readiness of information systems for implementation and migration into production to determine whether project deliverables, controls and the organization's requirements are met.

3.7 Conduct post-implementation reviews of systems to determine whether project deliverables, controls and the organization's requirements are met.

Knowledge Statements:

3.1 Knowledge of benefits realization practices, (e.g., feasibility studies, business cases, total cost of ownership [TCO], return on investment [ROI])

3.2 Knowledge of IT acquisition and vendor management practices (e.g., evaluation and selection process, contract management, vendor risk and relationship management, escrow, software licensing), including third-party outsourcing relationships, IT suppliers and service providers.

3.3 Knowledge of project governance mechanisms (e.g., steering committee, project oversight board, project management office)

3.4 Knowledge of project management control frameworks, practices and tools

3.5 Knowledge of the risk management practices applied to projects

3.6 Knowledge of requirements analysis and management practices (e.g., requirements verification, traceability, gap analysis, vulnerability management, security requirements)

3.7 Knowledge of the enterprise architecture (EA) related to data, applications and technology (e.g., web-based applications, web services, n-tier applications, cloud services, virtualization)

3.8 Knowledge of system development methodologies and tools, including their strengths and weaknesses (e.g., agile development practices, prototyping, rapid application development [RAD], object-oriented design techniques, secure coding practices, system version control)

3.9 Knowledge of the control objectives and techniques that ensure the completeness, accuracy, validity and authorization of transactions and data

3.10 Knowledge of the testing methodologies and practices related to the information system development life cycle (SDLC)

3.11 Knowledge of the configuration and release management relating to the development of information systems

3.12 Knowledge of system migration and infrastructure deployment practices and data conversion tools, techniques and procedures.

3.13 Knowledge of project success criteria and project risk

3.14 Knowledge of post-implementation review objectives and practices (e.g., project closure, control implementation, benefits realization, performance measurement)

 

[mzee wa ndonga]

Leo darasa linaendelea kama kawaida ..karibuni sana.

 

[mzee wa ndonga]

Leo tunaanza Module III.
Maeneo tutakayofundisha ni kama yafuatavyo.

Domain 3—Information Systems Acquisition, Development and Implementation

Provide assurance that the practices for the acquisition, development, testing and implementation of information systems meet the organization’s strategies and objectives. (18%)

Task Statements:

3.1

Evaluate the business case for the proposed investments in information systems acquisition, development, maintenance and subsequent retirement to determine whether the business case meets business objectives.

3.2

Evaluate IT supplier selection and contract management processes to ensure that the organization’s service levels and requisite controls are met.

3.3

Evaluate the project management framework and controls to determine whether business requirements are achieved in a cost-effective manner while managing risk to the organization.

3.4

Conduct reviews to determine whether a project is progressing in accordance with project plans, is adequately supported by documentation, and has timely and accurate status reporting.

3.5

Evaluate controls for information systems during the requirements, acquisition, development and testing phases for compliance with the organization's policies, standards, procedures and applicable external requirements.

3.6

Evaluate the readiness of information systems for implementation and migration into production to determine whether project deliverables, controls and the organization's requirements are met.

3.7

Conduct post-implementation reviews of systems to determine whether project deliverables, controls and the organization's requirements are met.

Knowledge Statements:

3.1

Knowledge of benefits realization practices, (e.g., feasibility studies, business cases, total cost of ownership [TCO], return on investment [ROI])

3.2

Knowledge of IT acquisition and vendor management practices (e.g., evaluation and selection process, contract management, vendor risk and relationship management, escrow, software licensing), including third-party outsourcing relationships, IT suppliers and service providers.

3.3

Knowledge of project governance mechanisms (e.g., steering committee, project oversight board, project management office)

3.4

Knowledge of project management control frameworks, practices and tools

3.5

Knowledge of the risk management practices applied to projects

3.6

Knowledge of requirements analysis and management practices (e.g., requirements verification, traceability, gap analysis, vulnerability management, security requirements)

3.7

Knowledge of the enterprise architecture (EA) related to data, applications and technology (e.g., web-based applications, web services, n-tier applications, cloud services, virtualization)

3.8

Knowledge of system development methodologies and tools, including their strengths and weaknesses (e.g., agile development practices, prototyping, rapid application development [RAD], object-oriented design techniques, secure coding practices, system version control)

3.9

Knowledge of the control objectives and techniques that ensure the completeness, accuracy, validity and authorization of transactions and data

3.10

Knowledge of the testing methodologies and practices related to the information system development life cycle (SDLC)

3.11

Knowledge of the configuration and release management relating to the development of information systems

3.12

Knowledge of system migration and infrastructure deployment practices and data conversion tools, techniques and procedures.

3.13

Knowledge of project success criteria and project risk

3.14

Knowledge of post-implementation review objectives and practices (e.g., project closure, control implementation, benefits realization, performance measurement)

 

[mzee wa ndonga]

Tunaendelea na chapter 3 leo jioni..karibuni wote

 

[mzee wa ndonga]

leo tunaanza tunamalizia chapter III na kesho tunaanza chapter IV..we are half way na natumaini wanafunzi wana enjoy the class.

karibuni sana..
pia tumeanza kuandikisha wanafunzi wanaohitaji kusoma darasa la mwezi wa tatu mwishoni.