|
|
Title |
Duration |
|
|
|
Introduction to CISA
Why should you become a CISA? In this first Nugget you'll discover why CISA is a valuable certification. You'll also learn about the six core CISA knowledge areas. And you'll get a few helpful tips for success on the CISA path.
|
00:14:19 |
|
|
|
The IS Audit Process (part 1)
Before digging deep into information technology auditing, you need to cover the basics. Learn what your responsibilities are as an auditor of information systems. Explore the IT auditing process, risk analysis, and the importance of internal controls.
|
00:27:25 |
|
|
|
The IS Audit Process (part 2)
This Nugget investigates audit classifications as well as phases of the auditing process. Learn to apply the risk-based audit methodology, including what qualifies as evidence. Also, explore how to apply Computer Assisted Audit Technique (CAAT) and the Control Self-Assessment (CSA) framework and techniques.
|
00:30:17 |
|
|
|
Information Technology Governance (part 1)
Define corporate and IT governance, including what governance practices and procedures are critical to the auditing process. Discover the realm of Information Security (IS) governance, as well as IS strategy.
|
00:34:22 |
|
|
|
Information Technology Governance (part 2)
In this second Nugget on IT governance you'll learn what goes into IT policies and the IS Policy document. You'll also discover what risk management processes and risk analysis methods can be applied.
|
00:35:08 |
|
|
|
Information Technology Governance (part 3)
This last Nugget on IT governance explores a few more vital aspects of governance -- personnel management, insourcing, outsourcing, organizational change management, IS quality management, and performance management.
|
00:29:49 |
|
|
|
Systems and Infrastructure Life Cycle Management (part 1)
Four key areas of systems and infrastructure life cycle management are explored in this Nugget. These areas are project management structure, practical project management, business application development, and the software development process.
|
00:24:03 |
|
|
|
Systems and Infrastructure Life Cycle Management (part 2)
This Nugget continues the flow from part 1, looking at waterfall application development as an alternative method of life cycle management. Then you'll learn about infrastructure development and acquisition, IS maintenance methods, tools and aids you can use, and finally about techniques you can use for improving the audit process.
|
00:34:43 |
|
|
|
Systems and Infrastructure Life Cycle Management (part 3)
In part 3 of systems and infrastructure life cycle management you will learn about application controls and auditing application controls. You will also learn about developing, acquiring and maintaining business application systems.
|
00:34:14 |
|
|
|
|
00:30:03 |
|
|
|
|
00:30:49 |
|
|
|
IT Service Delivery and Support (part 3)
The third and last Nugget on IT service delivery and support investigates different network infrastructure taxonomies. We apply the OSI model to LANs, WANs, and VPNs, as well as looking at the difference between wired and wireless VPNs.
|
00:40:33 |
|
|
|
Protection of Information Assets (part 1)
What are the key elements, roles, and responsibilities of the IS auditor in protecting information assets? Learn these, plus the importance of classifying information assets. Also, learn about assigning system access permissions, Mandatory Access Controls (MACs) and Discretionary Access Controls (DACs), what the IS auditor's role is in maintaining privacy, and finally, how to deal with external parties such as service providers, vendors, contractors, and customers.
|
00:30:40 |
|
|
|
Protection of Information Assets (part 2)
This Nugget teaches you about logical access control vulnerabilities and access paths. Learn about identification and authentication mechanisms, as well as authorization. You'll wrap up the Nugget by exploring how auditors deal with the storage, retrieval, transport, and disposal of data.
|
00:38:48 |
|
|
|
|
00:37:01 |
|
|
|
|
00:26:36 |
|
|
|
Protection of Information Assets (part 5)
This final Nugget on protection of information assets explores auditing IS management framework, auditing infrastructure security, physical access controls, and environmental controls.
|
00:34:15 |
|
|
|
Disaster Recovery and Business Continuity (part 1)
You can do a lot to prepare but what do you do when disaster strikes? Learn critical concepts surrounding disaster recovery and business continuity. This includes the business continuity planning (BCP) process, doing a Business Impact Analysis (BIA), and recovery strategies.
|
00:26:25 |
|
|
|
Disaster Recovery and Business Continuity (part 2)
This final Nugget in both the topic and series continues where the previous Nugget left off. You'll learn how to organize and assign responsibilities dealing with business continuity, deal with the separate BCP components, and finally perform an audit on disaster recovery and business continuity plans.
|
00:24:33 |
|
|
|
|
00:03:21 |
|
|
|
CISA Update (Part 1)
This update Nugget explores the IT Information Assurance Framework (ITAF), the evolving IS Auditing process, best practices for IT governance, and the Federal Enterprise Architecture (FEA).
|
00:28:16 |
|
|
|
CISA Update (Part 2)
This second and final CISA update Nugget is a survey of several concepts and technologies including IT outsourcing governance, the RFP process, business intelligence, inventory classification of information assets, and social engineering.
|
00:22:54 |
