Information systems have become an integral part of any modern organization. Many of the business processes are now dependent on the information systems and the data contained in these systems is of critical importance to any enterprise. The need to protect and safeguard these systems is also directly proportional to the increase in their usage. With the information systems becoming so important, the attacks and threats including but not limited to ransomware, data theft, hacking, forgery and brute force are also on the rise. More and more attackers are targeting organization with less control and protection. This course prepares the candidates to put in place effective controls and policies to protect their information systems and assets from unauthorized access and leakage.

Information systems auditor course is a comprehensive course designed with the objective of preparing the candidates to be able to familiarize themselves with the IS audit process, governance, management of IT, IS operations, maintenance and support, IS operations and business resilience as well as protection of information assets.

These information systems or assets can be in the form of databases, files, images, documents and software. The course covers the protection methods and techniques regardless of the form the data is residing within the organization.

After successfully completing this course, the students will be able to:

· Understand the IS audit process

· Plan audit

· Perform risk analysis

· Put in place internal controls

· Learn about different phases of IS audit

· Understand the role of governance in IT/IS

· Make policies, procedures and identify risks

· Create information security policy document

· Conduct management reviews of the policy document

· Perform risk management

· Create in-sourcing and outsourcing strategy

· Perform organizational quality management

· Create project management structure

· Introduce application development best practices

· Plan IS operations and business resiliency plans

· Define RPO/RTO

· Develop disaster recovery plan

· Protect information assets

· Identify exposures and vulnerabilities

· Understand role of encryption in data protection

· Learn the basics of computer forensics

Overall, the course touches all the aspects required to become an effective information systems auditor and perform the taks efficiently. This course also helps the candidates to prepare for the relevant certification, i.e., CISA as the exam topics are in alignment with the concepts taught in this course.