This intense three-day boot camp covers in detail the concepts and best practices that encompass a best-practice audit of IT systems. You will leave this 3 day boot camp with a solid foundation in the basics of information technology as they apply to IT risks, audit, information security, and business application systems.
This intense three-day boot camp covers in detail the concepts and best practices that encompass a best-practice audit of IT systems. You will learn the technology specifics as they relate to the audit concerns in the IT environment. Additionally, you will study the necessary controls for enterprise systems. You will learn how to vary the audit process when auditing currently installed systems, new systems under development, and the various activities within the information technology department.
Focusing on a top-down, operational risk management approach to auditing application system transactions, you will master techniques you can apply to all types of applications from batch, to on-line, to real-time systems. You will leave this 3 day boot camp with a solid foundation in the basics of information technology as they apply to IT risks, audit, information security, and business application systems.
Every student leaves with a solid foundation in the basics of information technology as they apply to audit and security concerns. InfoSec Institute ensures that every student is able to apply this knowledge immediately after returning to work with attention-grabbing case studies and interactive expert-instructor led mentor sessions.
Lastly, you will learn techniques for auditing automated systems and examine the impact of Sarbanes-Oxley and other regulatory compliance issues when auditing IT systems.
The goal of the course is to prepare professionals to lead or take part in a challenging IT Audit. You leave the class with the real-world job skills of an IT Auditor, knowledgeable in the most common IT audit business drivers and best practices.
AS SEEN IN:
During the three day program, our instructors give you 100% of their time and dedication to ensure that your time is well spent. You will receive an all-inclusive immersion experience including most meals during your training experience, therefore you eat, sleep and train at the learning facility with no distractions!
We have compiled a collection of CISM information at InfoSec Resources. Some of the articles and features that may be of interest include:
According to ISACA, the CISM certification is changing to reflect the new CISM job practice analysis. (Source: ISACA’s CISM Review Manual 2012 p. iii) ISACA has reformatted the CISM changing it from five domains to four domains. They have combined the Information Security Program Development and Information Security Program Management domains into one domain entitled
Incident management (IM) is a necessary part of a security program. When effective, it mitigates business impact, identifies weaknesses in controls, and helps fine-tune response processes. Traditional IM approaches, however, are not always effective in a partially or completely virtualized data center. Consequently, some aspects of incident management and response processes require review and adjustment
CISM Chapter 5 – Incident Management and Response Incident Management and Response (IM&R) accounts for 14 percent of the CISM exam or about 28 questions. This is the final domain covered in the Certified Information Security Manager (CISM) material. In my opinion it’s the most important. Most important because if you can’t recover from an
CISM Chapter 4 – Information Security Program Management (ISPM) In Chapter 3 we talked about Information Security Program Development, in Chapter 4 we’re going to talk about the management of that security program which we just developed. ISPM accounts for 24 percent of the CISM exam or about 48 questions. As you can see ISACA
CISM Chapter 3 – Information Security Program Development (ISPD) ISPD accounts for 17 percent of the CISM exam or about 34 questions. In 2010, ISACA reorganized the CISM Review Manual and separated each chapter into two major sections. Section 1 of each chapter contains the definitions and objectives with the corresponding tasks and knowledge statements