O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Certified Information Systems Auditor (CISA)

Video Description

The Certified Information Systems Auditor (CISA) course covers all the six domains of the CISA exam offered by the Information Systems Audit and Control Association (ISACA). CISA exam has become the industry standard for the IT auditing, control and security. The course helps the students to gain relevant, up-to-date and concise knowledge along with hands-on practice exams to prepare for the CISA certification exam. CISA is one of the most popular and high-demand IT certifications available in the market, approximately, more than 60,000 professionals hold CISA certification. The CISA certification is also consistently named one of the best professional certifications to have by the leading analysts around the world. The course offers the students to gain comprehensive knowledge and concepts that are required to pass the CISA certification exam.

Table of Contents

  1. Course Introduction
    1. Introduction 00:00:10
    2. Course Introduction 00:02:46
    3. Instructor Introduction 00:00:52
  2. Module 01 -The Process of Auditing Information Systems
    1. Module 01 Introduction 00:01:51
    2. Lesson 1: Management of the Audit Function 00:01:41
    3. Organization of the IS Audit Function 00:03:13
    4. IS Audit Resource Management 00:01:05
    5. Audit Planning Part1 00:01:09
    6. Audit Planning Part2 00:01:49
    7. Audit Planning Part3 00:01:32
    8. Audit Planning Part4 00:01:07
    9. Audit Planning Part5 00:02:01
    10. Effect of Laws and Regulations on IS Audit Planning Part1 00:02:17
    11. Effect of Laws and Regulations on IS Audit Planning Part2 00:00:57
    12. Effect of Laws and Regulations on IS Audit Planning Part3 00:00:42
    13. Effect of Laws and Regulations on IS Audit Planning Part4 00:00:46
    14. Lesson 2: ISACA IT Audit and Assurance Standards and Guidelines Part1 00:02:02
    15. ISACA IT Audit and Assurance Standards and Guidelines Part2 00:03:25
    16. ISACA IT Audit and Assurance Standards and Guidelines Part3 00:00:41
    17. ISACA IT Audit and Assurance Standards and Guidelines Part4 00:00:36
    18. ISACA IT Audit And Assurance Standards Framework 00:01:19
    19. Auditing Standards Part1 00:01:54
    20. Auditing Standards Part2 00:01:06
    21. Auditing Standards Part3 00:02:45
    22. Auditing Standards Part4 00:00:29
    23. Auditing Standards Part5 00:01:59
    24. Auditing Standards Part6 00:01:26
    25. Auditing Standards Part7 00:02:01
    26. Auditing Standards Part8 00:00:41
    27. Auditing Standards Part9 00:01:06
    28. Audit Guidelines Part1 00:00:34
    29. Audit Guidelines Part2 00:01:08
    30. Audit Guidelines Part3 00:01:38
    31. Audit Guidelines Part4 00:03:08
    32. Audit Guidelines Part5 00:01:57
    33. Audit Guidelines Part6 00:01:28
    34. Audit Guidelines Part7 00:01:42
    35. Audit Guidelines Part8 00:01:59
    36. Audit Guidelines Part9 00:01:57
    37. Audit Guidelines Part10 00:01:31
    38. Audit Guidelines Part11 00:01:56
    39. Audit Guidelines Part12 00:02:02
    40. Audit and Assurance Tools and Techniques 00:00:46
    41. Relationship Among Standards, Guidelines, and Tools and Techniques 00:01:30
    42. Information Technology Assurance Framework 00:00:27
    43. Information Technology Assurance Framework Components 00:02:24
    44. ITAF General Standards (Section 2200) Part1 00:01:27
    45. ITAF General Standards (Section 2200) Part2 00:01:22
    46. ITAF Performance Standards (Section 2400) Part1 00:03:03
    47. ITAF Performance Standards (Section 2400) Part2 00:02:02
    48. ITAF Performance Standards (Section 2400) Part3 00:00:34
    49. ITAF Performance Standards (Section 2400) Part4 00:01:10
    50. Reporting Standards (Section 2600) Part1 00:00:22
    51. Reporting Standards (Section 2600) Part2 00:00:51
    52. Reporting Standards (Section 2600) Part3 00:00:54
    53. IT Assurance Guidelines (Section 3000) Part1 00:01:16
    54. IT Assurance Guidelines (Section 3000) Part2 00:00:51
    55. IT Assurance Guidelines (Section 3000) Part3 00:03:23
    56. IT Assurance Guidelines (Section 3000) Part4 00:01:31
    57. IT Assurance Guidelines (Section 3000) Part5 00:02:06
    58. IT Assurance Guidelines (Section 3000) Part6 00:00:21
    59. IT Assurance Guidelines (Section 3000) Part7 00:01:23
    60. IT Assurance Guidelines (Section 3000) Part8 00:02:11
    61. IT Assurance Guidelines (Section 3000) Part9 00:00:46
    62. IT Assurance Guidelines (Section 3000) Part10 00:01:58
    63. IT Assurance Guidelines (Section 3000) Part11 00:01:40
    64. Lesson 3: Risk Analysis 00:00:40
    65. Risk Analysis Part1 00:04:21
    66. Risk Analysis Part2 00:03:06
    67. Risk Analysis Part3 00:02:33
    68. Risk Analysis Part4 00:01:27
    69. Risk Analysis Part5 00:01:32
    70. Risk Analysis Part6 00:04:11
    71. Risk Analysis Part7 00:03:31
    72. Lesson 4: Internal Controls 00:01:31
    73. Internal Control Objectives 00:01:06
    74. IS Control Objectives Part1 00:02:34
    75. IS Control Objectives Part2 00:01:19
    76. IS Control Objectives Part3 00:02:06
    77. COBIT 00:00:35
    78. General Controls Part1 00:00:48
    79. General Controls Part2 00:03:24
    80. IS Controls 00:03:41
    81. Lesson 5: Performing An IS Audit 00:02:40
    82. Performing an IS Audit 00:01:08
    83. Classification of Audits 00:02:32
    84. Audit Programs Part1 00:01:07
    85. Audit Programs Part2 00:02:57
    86. Audit Methodology Part1 00:03:03
    87. Audit Methodology Part2 00:01:55
    88. Audit Methodology Part3 00:01:26
    89. Fraud Detection Part1 00:03:25
    90. Fraud Detection Part2 00:02:13
    91. Risk-Based Auditing Part1 00:01:13
    92. Risk-Based Auditing Part2 00:00:53
    93. Risk-Based Auditing Part3 00:00:57
    94. Audit Risk and Materiality Part1 00:01:11
    95. Audit Risk and Materiality Part2 00:01:18
    96. Audit Risk and Materiality Part3 00:01:36
    97. Audit Risk and Materiality Part4 00:01:05
    98. Audit Risk and Materiality Part5 00:00:24
    99. Risk Assessment and Treatment Part1 00:00:39
    100. Risk Assessment and Treatment Part2 00:00:56
    101. Risk Assessment and Treatment Part3 00:01:58
    102. Risk Assessment and Treatment Part4 00:01:47
    103. Risk Assessment and Treatment Part5 00:00:46
    104. Risk Assessment Techniques Part1 00:02:05
    105. Risk Assessment Techniques Part2 00:00:47
    106. Risk Assessment Techniques Part3 00:00:19
    107. Risk Assessment Techniques Part4 00:00:39
    108. Audit Objectives Part1 00:01:07
    109. Audit Objectives Part2 00:00:40
    110. Compliance Versus Substantive Testing Part1 00:01:09
    111. Compliance Versus Substantive Testing Part2 00:00:36
    112. Compliance Versus Substantive Testing Part3 00:00:32
    113. Evidence Part1 00:00:58
    114. Evidence Part2 00:01:57
    115. Evidence Part3 00:01:14
    116. Interviewing and Observing Personnel in the Performance Of Their Duties 00:01:10
    117. Sampling Part1 00:01:22
    118. Sampling Part2 00:02:20
    119. Sampling Part3 00:01:56
    120. Using The Services Of Other Auditors And Experts Part1 00:02:05
    121. Using The Services Of Other Auditors And Experts Part2 00:00:31
    122. Computer-Assisted Audit Techniques (CAAT) Part1 00:00:43
    123. Computer-Assisted Audit Techniques (CAAT) Part2 00:00:25
    124. Evaluation Of Audit Strengths And Weaknesses Part1 00:00:49
    125. Evaluation Of Audit Strengths And Weaknesses Part2 00:02:02
    126. Evaluation Of Audit Strengths And Weaknesses Part3 00:00:57
    127. Communicating Audit Results Part1 00:00:41
    128. Communicating Audit Results Part2 00:01:26
    129. Communicating Audit Results Part3 00:00:25
    130. Management Implementation Of Recommendations 00:00:22
    131. Audit Documentation 00:01:16
    132. Lesson 6: Control Self-Assessment 00:00:51
    133. Control Self-Assessment Part1 00:01:12
    134. Control Self-Assessment Part2 00:01:39
    135. Objectives of CSA 00:01:19
    136. Benefits of CSA 00:00:57
    137. Disadvantages of CSA 00:00:37
    138. Auditor Role in CSA 00:01:21
    139. Technology Drivers for CSA 00:01:08
    140. Traditional Versus CSA Approach 00:00:37
    141. Lesson 7: The Evolving IS Audit Process 00:00:10
    142. Automated Work Papers Part1 00:01:20
    143. Automated Work Papers Part2 00:01:22
    144. Integrated Auditing Part1 00:01:32
    145. Integrated Auditing Part2 00:00:38
    146. Integrated Auditing Part3 00:00:25
    147. Continuous Auditing Part1 00:00:42
    148. Continuous Auditing Part2 00:01:02
    149. Continuous Auditing Part3 00:00:49
    150. Continuous Auditing Part4 00:02:13
    151. Continuous Auditing Part5 00:00:46
    152. Module 01 Review 00:01:37
  3. Module 02 - Governance and Management of IT
    1. Module 02 Introduction 00:03:13
    2. Lesson 1: Corporate Governance 00:00:18
    3. Corporate Governance Part1 00:00:25
    4. Corporate Governance Part2 00:00:33
    5. Corporate Governance Part3 00:01:34
    6. Lesson 2: IT Governance 00:01:02
    7. IT Governance Part1 00:00:23
    8. IT Governance Part2 00:00:23
    9. Lesson 3: IT Monitoring and Assurance Practices for Board and Senior Management 00:00:31
    10. IT Monitoring and Assurance Practices for Board and Senior Management Part1 00:02:04
    11. IT Monitoring and Assurance Practices for Board and Senior Management Part2 00:01:02
    12. IT Monitoring and Assurance Practices for Board and Senior Management Part3 00:00:46
    13. Best Practices for IT Governance Part1 00:02:29
    14. Best Practices for IT Governance Part2 00:00:44
    15. Best Practices for IT Governance Part3 00:03:15
    16. Best Practices for IT Governance Part4 00:00:53
    17. IT Governance Frameworks 00:01:31
    18. Audit Role in IT Governance Part1 00:00:38
    19. Audit Role in IT Governance Part2 00:01:17
    20. Audit Role in IT Governance Part3 00:01:17
    21. Audit Role in IT Governance Part4 00:00:32
    22. IT Strategy Committee 00:01:14
    23. IT Balanced Scorecard Part1 00:00:34
    24. IT Balanced Scorecard Part2 00:04:03
    25. Information Security Governance Part1 00:01:36
    26. Information Security Governance Part2 00:01:46
    27. Information Security Governance Part3 00:03:10
    28. Information Security Governance Part4 00:01:23
    29. Importance of Information Security Governance Part1 00:01:10
    30. Importance of Information Security Governance Part2 00:02:09
    31. Outcomes of Security Governance Part1 00:01:04
    32. Outcomes of Security Governance Part2 00:00:49
    33. Effective Information Security Governance 00:00:52
    34. Roles and Responsibilities of Senior Management and Board of Directors Part1 00:00:59
    35. Roles and Responsibilities of Senior Management and Board of Directors Part2 00:02:09
    36. Enterprise Architecture 00:00:45
    37. Lesson 4: Information Systems Strategy 00:02:10
    38. Strategic Planning Part1 00:00:58
    39. Strategic Planning Part2 00:00:43
    40. Steering Committee 00:01:34
    41. Lesson 5: Maturity and Process Improvement Models 00:00:42
    42. Maturity and Process Improvement Models 00:00:38
    43. Lesson 6: IT Investment and Allocation Practices 00:01:34
    44. IT Investment and Allocation Practices Part1 00:00:15
    45. IT Investment and Allocation Practices Part2 00:00:49
    46. IT Investment and Allocation Practices Part3 00:00:25
    47. IT Investment and Allocation Practices Part4 00:01:23
    48. Implement IT Portfolio Management 00:00:48
    49. IT Portfolio Management Versus Balanced Scorecard 00:00:30
    50. Lesson 7: Policies and Procedures 00:00:11
    51. Policies Part1 00:00:43
    52. Policies Part2 00:02:32
    53. Policies Part3 00:01:20
    54. Information Security Policy Part1 00:00:58
    55. Information Security Policy Part2 00:01:33
    56. Information Security Policy Part3 00:00:31
    57. Information Security Policy Part4 00:02:52
    58. Information Security Policy Part5 00:01:36
    59. Information Security Policy Part6 00:00:29
    60. Information Security Policy Part7 00:01:04
    61. Procedures Part1 00:02:30
    62. Procedures Part2 00:01:32
    63. Lesson 8: Risk Management 00:02:02
    64. Risk Management 00:03:27
    65. Developing a Risk Management Program 00:02:37
    66. Risk Management Process Part1 00:00:59
    67. Risk Management Process Part2 00:01:56
    68. Risk Management Process Part3 00:02:28
    69. Risk Management Process Part4 00:01:59
    70. Risk Management Process Part5 00:02:20
    71. Risk Management Process Part6 00:01:00
    72. Risk Analysis Methods Part1 00:00:14
    73. Risk Analysis Methods Part2 00:02:15
    74. Risk Analysis Methods Part3 00:00:48
    75. Risk Analysis Methods Part4 00:05:31
    76. Risk Analysis Methods Part5 00:03:50
    77. Lesson 9: IS Management Practices 00:00:24
    78. Human Resource Management Part1 00:00:17
    79. Human Resource Management Part2 00:02:24
    80. Human Resource Management Part3 00:04:09
    81. Human Resource Management Part4 00:04:14
    82. Human Resource Management Part5 00:01:26
    83. Human Resource Management Part6 00:03:47
    84. Human Resource Management Part7 00:02:52
    85. Human Resource Management Part8 00:04:15
    86. Human Resource Management Part9 00:01:46
    87. Human Resource Management Part10 00:01:17
    88. Human Resource Management Part11 00:01:49
    89. Human Resource Management Part12 00:02:03
    90. Human Resource Management Part13 00:00:54
    91. Human Resource Management Part14 00:01:55
    92. Organizational Change Management 00:02:23
    93. Financial Management Practices 00:02:32
    94. Quality Management Part1 00:00:57
    95. Quality Management Part2 00:02:48
    96. Quality Management Part3 00:01:56
    97. Information Security Management 00:00:49
    98. Performance Optimization Part1 00:01:27
    99. Performance Optimization Part2 00:03:26
    100. Performance Optimization Part3 00:00:21
    101. Lesson 10: IS Organizational Structure and Responsibilities 00:00:54
    102. IS Roles and Responsibilities Part1 00:02:29
    103. IS Roles and Responsibilities Part2 00:01:33
    104. IS Roles and Responsibilities Part3 00:01:17
    105. Segregation of Duties 00:00:36
    106. Segregation of Duties Controls Part1 00:02:34
    107. Segregation of Duties Controls Part2 00:03:12
    108. Compensating Controls for Lack of Segregation 00:04:34
    109. Lesson 11: Auditing IT Governance Structure and Implementation 00:01:06
    110. Reviewing Documentation Part1 00:00:50
    111. Reviewing Documentation Part2 00:00:54
    112. Reviewing Contractual Commitments 00:03:55
    113. Lesson 12: Business Continuity Planning Part1 00:06:13
    114. Business Continuity Planning Part2 00:01:11
    115. Business Continuity Planning Part3 00:01:51
    116. IS Business Continuity Planning 00:00:54
    117. Disasters and Other Disruptive Events Part1 00:02:26
    118. Disasters and Other Disruptive Events Part2 00:02:02
    119. Business Continuity Planning Process 00:03:20
    120. Business Continuity Policy 00:01:13
    121. Business Impact Analysis Part1 00:01:38
    122. Business Impact Analysis Part2 00:00:46
    123. Classification of Operations and Criticality Analysis 00:00:58
    124. Development of Business Continuity Plans 00:02:31
    125. Other Issues and Plan Development 00:00:49
    126. Components of a BCP Part1 00:01:15
    127. Components of a BCP Part2 00:02:08
    128. BCP Testing Part1 00:01:43
    129. BCP Testing Part2 00:01:30
    130. BCP Testing Part3 00:00:33
    131. BCP Maintenance 00:00:54
    132. Summary of BCP 00:00:42
    133. Module 02 Review 00:02:26
  4. Module 03 - Information Systems Acquisition, Development and Implementation
    1. Lesson 1: Business Realization Part1 00:01:10
    2. Business Realization Part2 00:01:28
    3. Portfolio/Program Management Part1 00:00:36
    4. Portfolio/Program Management Part2 00:01:06
    5. Portfolio/Program Management Part3 00:00:44
    6. Portfolio/Program Management Part4 00:00:38
    7. Portfolio/Program Management Part5 00:00:58
    8. Business Case Development and Approval Part1 00:01:12
    9. Business Case Development and Approval Part2 00:00:52
    10. Benefits Realization Techniques 00:01:37
    11. Lesson 2: Project Management Structure 00:00:39
    12. Project Context and Environment 00:00:35
    13. Project Organizational Forms Part1 00:00:14
    14. Project Organizational Forms Part2 00:00:50
    15. Project Communication and Culture 00:01:29
    16. Project Objectives Part1 00:00:41
    17. Project Objectives Part2 00:00:35
    18. Project Objectives Part3 00:00:47
    19. Roles and Responsibilities of Groups and Individuals Part1 00:00:50
    20. Roles and Responsibilities of Groups and Individuals Part2 00:01:20
    21. Roles and Responsibilities of Groups and Individuals Part3 00:00:27
    22. Lesson 3: Project Management Practices 00:00:47
    23. Initiation of a Project 00:00:20
    24. Project Planning 00:02:01
    25. Example of Project Management for New Software 00:01:44
    26. Software Size Estimation 00:01:08
    27. Lines of Source Code 00:00:41
    28. Function Point Analysis (FPA) 00:00:37
    29. Function Points 00:00:51
    30. Cost Budgets 00:00:59
    31. Software Cost Estimation 00:00:45
    32. Scheduling and Establishing the Timeframe 00:00:39
    33. Critical Path Methodology 00:01:22
    34. Gantt Charts 00:00:52
    35. Program Evaluation Review Technique (PERT) 00:00:45
    36. Time Box Management 00:00:51
    37. General Project Management 00:00:19
    38. Project Controlling Part1 00:00:21
    39. Project Controlling Part2 00:00:41
    40. Management of Resource Usage 00:00:38
    41. Management of Risk Part1 00:00:36
    42. Management of Risk Part2 00:00:38
    43. Closing a Project 00:00:39
    44. Lesson 4: Business Application Development Part1 00:00:41
    45. Business Application Development Part2 00:01:07
    46. Business Application Development Part3 00:00:19
    47. Business Application Development Part4 00:02:14
    48. Business Application Development Part5 00:00:51
    49. Traditional SDLC Approach 00:00:56
    50. SDLC Phases 00:00:24
    51. SDLC 00:01:12
    52. Integrated Resource Management Systems Part1 00:01:08
    53. Integrated Resource Management Systems Part2 00:00:50
    54. Integrated Resource Management Systems Part3 00:00:30
    55. Description of SDLC Phases Part1 00:01:04
    56. Description of SDLC Phases Part2 00:01:45
    57. Description of SDLC Phases Part3 00:01:53
    58. Description of SDLC Phases Part4 00:01:17
    59. Description of SDLC Phases Part5 00:00:45
    60. Description of SDLC Phases Part6 00:01:08
    61. Description of SDLC Phases Part7 00:00:46
    62. Description of SDLC Phases Part8 00:01:09
    63. Description of SDLC Phases Part9 00:00:51
    64. Description of SDLC Phases Part10 00:01:11
    65. Description of SDLC Phases Part11 00:02:57
    66. Description of SDLC Phases Part12 00:01:08
    67. Description of SDLC Phases Part13 00:01:41
    68. Description of SDLC Phases Part14 00:01:17
    69. Description of SDLC Phases Part15 00:01:02
    70. Description of SDLC Phases Part16 00:00:51
    71. Description of SDLC Phases Part17 00:00:11
    72. Description of SDLC Phases Part18 00:01:42
    73. Description of SDLC Phases Part19 00:01:23
    74. Description of SDLC Phases Part20 00:01:41
    75. Description of SDLC Phases Part21 00:01:09
    76. Description of SDLC Phases Part22 00:01:44
    77. Description of SDLC Phases Part23 00:01:38
    78. Risks Associated with Software Development Part1 00:01:27
    79. Risks Associated with Software Development Part2 00:00:38
    80. Lesson 5: Business Application Systems 00:00:13
    81. Electronic Commerce 00:00:28
    82. E-Commerce Models 00:01:13
    83. E-Commerce Architectures 00:00:55
    84. E-Commerce Risks 00:00:51
    85. E-Commerce Requirements 00:00:48
    86. E-Commerce Audit and Control Issues or Best Practices 00:00:33
    87. Components of PKI 00:02:20
    88. Electronic Data Interchange 00:00:52
    89. General Requirements of EDI 00:00:50
    90. Traditional EDI 00:01:13
    91. Web Based EDI 00:00:43
    92. EDI Risks and Controls 00:01:03
    93. Controls in EDI Environment Part1 00:00:38
    94. Controls in EDI Environment Part2 00:00:41
    95. Controls in EDI Environment Part3 00:00:44
    96. Controls in EDI Environment Part4 00:00:44
    97. E-Mail 00:00:55
    98. E-Mail Security Issues 00:01:37
    99. Standards for E-Mail Security Part1 00:00:39
    100. Standards for E-Mail Security Part2 00:00:56
    101. Standards for E-Mail Security Part3 00:01:29
    102. Point-Of-Sale Systems (POS) 00:00:53
    103. Electronic Banking Part1 00:01:58
    104. Electronic Banking Part2 00:00:40
    105. Risk Management Challenges in E-Banking 00:00:52
    106. Risk Management Controls for E-Banking Part1 00:00:55
    107. Risk Management Controls for E-Banking Part2 00:00:20
    108. Electronic Finance 00:00:41
    109. Payment Systems 00:00:21
    110. Electronic Money Model 00:00:17
    111. Electronic Checks Model 00:00:28
    112. Electronic Transfer Model 00:00:11
    113. Electronic Funds Transfer 00:00:28
    114. Controls in an EFT Environment Part1 00:00:43
    115. Controls in an EFT Environment Part2 00:00:48
    116. Automated Teller Machines Part1 00:00:48
    117. Automated Teller Machines Part2 00:00:55
    118. Image Processing Part1 00:01:10
    119. Image Processing Part2 00:01:15
    120. Business Intelligence 00:01:12
    121. Decision Support System (DSS) 00:00:32
    122. DSS Frameworks 00:00:29
    123. Customer Relation Management (CRM) 00:00:27
    124. Supply Chain Management (SCM) 00:01:12
    125. Lesson 6: Alternative Forms of Software Project Organization Part1 00:00:27
    126. Alternative Forms of Software Project Organization Part2 00:00:24
    127. Alternative Forms of Software Project Organization Part3 00:00:49
    128. Agile Development 00:00:28
    129. Prototyping 00:00:37
    130. Rapid Application Development (RAD) 00:01:01
    131. Lesson 7: Alternative Development Methods 00:00:48
    132. Data Oriented System Development 00:00:37
    133. Object Oriented System Development Part1 00:01:35
    134. Object Oriented System Development Part2 00:02:13
    135. Component-Based Development 00:02:30
    136. Web-Based Application Development 00:01:36
    137. Software Reengineering 00:00:12
    138. Reverse Engineering 00:01:20
    139. Lesson 8: Infrastructure Development/Acquisition Practices Part1 00:00:30
    140. Infrastructure Development/Acquisition Practices Part2 00:00:35
    141. Infrastructure Development/Acquisition Practices Part3 00:01:04
    142. Project Phases of Physical Architecture Analysis Part1 00:01:20
    143. Project Phases of Physical Architecture Analysis Part2 00:00:27
    144. Planning Implementation of Infrastructure Part1 00:00:29
    145. Planning Implementation of Infrastructure Part2 00:00:28
    146. Critical Success Factors 00:00:22
    147. Hardware Acquisition 00:00:52
    148. Acquisition Steps Part1 00:01:01
    149. Acquisition Steps Part2 00:00:50
    150. System Software Acquisition 00:00:27
    151. System Software Implementation 00:00:16
    152. System Software Change Control Procedures 00:00:29
    153. Lesson 9: Information Systems Maintenance Practices 00:00:55
    154. Change Management Process Overview 00:00:38
    155. Deploying Changes 00:01:04
    156. Documentation 00:00:51
    157. Testing Changed Programs 00:00:31
    158. Auditing Program Changes 00:00:46
    159. Emergency Changes 00:02:28
    160. Change Exposures (Unauthorized Changes) 00:01:10
    161. Configuration Management Part1 00:00:55
    162. Configuration Management Part2 00:00:36
    163. Lesson 10: System Development Tools And Productivity Aids 00:00:32
    164. Code Generators 00:00:17
    165. Computer Aided Software Engineering Part1 00:01:07
    166. Computer Aided Software Engineering Part2 00:00:36
    167. Computer Aided Software Engineering Part3 00:00:32
    168. Fourth-Generation Languages (4GL) Part1 00:01:05
    169. Fourth-Generation Languages (4GL) Part2 00:01:21
    170. Lesson 11: Business Process Reengineering And Process Change Projects 00:01:05
    171. Business Process Reengineering And Process Change Projects Continued 00:00:49
    172. Benchmarking Process Part1 00:00:35
    173. Benchmarking Process Part2 00:00:32
    174. The Benchmarking Process 00:00:55
    175. ISO 9126 00:00:46
    176. Software Capability Maturity Model 00:02:31
    177. ISO 15504 00:00:42
    178. Lesson 12: Application Controls 00:00:39
    179. Inputs Controls Part1 00:01:04
    180. Inputs Controls Part2 00:00:40
    181. Inputs Controls Part3 00:00:29
    182. Inputs Controls Part4 00:00:41
    183. Processing Procedures And Controls 00:01:10
    184. Processing Controls 00:00:36
    185. Data File Control Procedures 00:00:39
    186. Output Controls Part1 00:00:11
    187. Output Controls Part2 00:00:35
    188. Business Process Control Assurance 00:00:49
    189. Lesson 13: Auditing Application Controls Part1 00:00:31
    190. Auditing Application Controls Part2 00:00:46
    191. Risk Assessment Model To Analyze Application Controls 00:01:00
    192. Observing And Testing User Performing Procedures 00:00:50
    193. Data Integrity Testing 00:00:49
    194. Example Of Referential And Relational Integrity 00:04:26
    195. Data Integrity In Online Transaction Processing Systems 00:02:08
    196. Test Application Systems 00:00:16
    197. Continuous Online Auditing 00:00:33
    198. Online Auditing Techniques 00:01:19
    199. Lesson 14: Auditing Systems Development, Acquisition And Maintenance 00:01:08
    200. Project Management 00:00:40
    201. Feasibility Study 00:00:34
    202. Requirements Definition 00:00:41
    203. Software Acquisition Process 00:00:39
    204. Detailed Design And Development 00:00:51
    205. Testing 00:00:42
    206. Implementation Phase 00:00:43
    207. Post Implementation Review 00:00:46
    208. System Change Procedures And The Program Migration Process 00:00:37
    209. Module 03 Review 00:01:23
  5. Module 04 - Information Systems Operations, Maintenance and Support
    1. Module 04 Introduction 00:00:48
    2. Lesson 1: Information Systems Operations 00:00:27
    3. Management of IS Operations 00:00:46
    4. Service Management Part1 00:00:34
    5. Service Management Part2 00:01:09
    6. Service Management Part3 00:00:43
    7. Service Management Part4 00:00:31
    8. Service Management Part5 00:00:23
    9. Service Level Part1 00:00:53
    10. Service Level Part2 00:00:24
    11. Infrastructure Operations 00:00:38
    12. Scheduling Part1 00:00:22
    13. Scheduling Part2 00:01:05
    14. Monitoring Use of Resources 00:00:32
    15. Process of Incident Handling 00:00:25
    16. Problem Management 00:00:58
    17. Detection, Documentation, Control, Resolution and Reporting of Abnormal Conditions 00:01:06
    18. Support/Helpdesk Part1 00:01:15
    19. Support/Helpdesk Part2 00:00:54
    20. Change Management Process Part1 00:00:43
    21. Change Management Process Part2 00:00:40
    22. Release Management Part1 00:00:53
    23. Release Management Part2 00:01:15
    24. Information Security Management 00:00:40
    25. Media Sanitization 00:01:37
    26. Lesson 2: Information Systems Hardware 00:00:33
    27. Computer Hardware Components and Architecture 00:01:10
    28. Common Enterprise Backend Devices 00:01:37
    29. Specialized Devices 00:01:10
    30. Risks 00:00:44
    31. Security Control 00:01:01
    32. Radiofrequency Identification 00:00:33
    33. RFID Applications 00:00:45
    34. RFID Risks 00:00:48
    35. RFID Security Control 00:00:38
    36. Hardware Maintenance Program 00:01:09
    37. Hardware Monitoring Procedures 00:00:54
    38. Capacity Management Part1 00:00:57
    39. Capacity Management Part2 00:01:00
    40. Lesson 3: IS Architecture and Software Part1 00:01:47
    41. IS Architecture and Software Part2 00:01:14
    42. Operating Systems 00:00:54
    43. Software Integrity Issues Part1 00:01:48
    44. Software Integrity Issues Part2 00:00:30
    45. Activity Logging and Reporting Options 00:01:15
    46. Data Communication Software 00:00:53
    47. Data Management 00:00:43
    48. File Organization 00:01:15
    49. Database Management Systems Part1 00:00:44
    50. Database Management Systems Part2 00:00:40
    51. Example of Data in DBMS 00:06:02
    52. DBMS Architecture 00:00:56
    53. DBMS Metadata Architecture 00:00:52
    54. Database Structure 00:01:10
    55. Relational Database 00:00:47
    56. Database Models 00:03:35
    57. Relational Database Model 00:05:10
    58. Database Controls 00:02:20
    59. Tape and Disk Management Systems 00:00:21
    60. Utility Programs 00:00:55
    61. Software Licensing Issues Part1 00:01:51
    62. Software Licensing Issues Part2 00:01:07
    63. Software Licensing Issues Part3 00:01:06
    64. Digital Rights Management 00:01:07
    65. Lesson 4: Network Infrastructure 00:01:37
    66. Enterprise Network Architecture 00:00:37
    67. Types of Networks 00:04:03
    68. Network Services 00:01:59
    69. Network Standards and Protocols 00:01:09
    70. OSI Architecture 00:01:16
    71. OSI Layers 00:10:46
    72. Application of the OSI Model in Network Architectures 00:00:49
    73. Local Area Network 00:00:21
    74. Network Physical Media Specifications 00:02:58
    75. Implementation of WANs 00:00:59
    76. LAN Media Access Technologies 00:02:28
    77. LAN Components 00:03:10
    78. OSI Layer Diagram 00:07:43
    79. LAN Technology Selection Criteria 00:00:47
    80. Wide Area Networks Part1 00:02:26
    81. Wide Area Networks Part2 00:03:10
    82. WAN Devices 00:02:05
    83. WAN Technologies 00:02:41
    84. Wireless Networks 00:00:52
    85. Wireless Wide Area Networks 00:00:33
    86. Wireless Local Area Networks Part1 00:00:37
    87. Wireless Local Area Networks Part2 00:02:24
    88. Wireless Security 00:01:44
    89. Wireless Application Protocol 00:00:34
    90. Risks of Wireless Communications Part1 00:00:17
    91. Risks of Wireless Communications Part2 00:01:38
    92. World Wide Web Services 00:01:15
    93. General Internet Terminology 00:03:34
    94. Network Administration and Control 00:00:54
    95. Network Performance Metrics 00:01:47
    96. Network Management Issues 00:01:25
    97. Network Management Tools 00:01:45
    98. Client/Server Technology Part1 00:00:41
    99. Client/Server Technology Part2 00:01:38
    100. Client/Server Technology Part3 00:00:52
    101. Client/Server Technology Part4 00:01:35
    102. Client/Server Technology Part5 00:00:45
    103. Lesson 5: Disaster Recovery Planning 00:00:25
    104. Recovery Point Objective and Recovery Time Objective Part1 00:01:05
    105. Recovery Point Objective and Recovery Time Objective Part2 00:00:44
    106. Recovery Strategies Part1 00:01:07
    107. Recovery Strategies Part2 00:00:11
    108. Recovery Strategies Part3 00:02:33
    109. Application Disaster Recovery Methods Part1 00:01:04
    110. Application Disaster Recovery Methods Part2 00:00:52
    111. Data Storage Disaster Recovery Methods 00:00:37
    112. Telecommunication Networks Disaster Recovery Methods 00:00:24
    113. Methods for Network Protection 00:01:40
    114. Development of Disaster Recovery Plans 00:00:40
    115. Organization and Assignment Of Responsibilities Part1 00:00:53
    116. Organization and Assignment Of Responsibilities Part2 00:00:42
    117. Organization and Assignment Of Responsibilities Part3 00:00:09
    118. Backup and Restoration 00:00:21
    119. Off-Site Library Controls 00:01:25
    120. Types of Backup Devices and Media Part1 00:00:15
    121. Types of Backup Devices and Media Part2 00:00:29
    122. Periodic Backup Procedures 00:00:26
    123. Frequency of Rotation 00:01:03
    124. Backup Schemes 00:01:45
    125. Module 04 Review 00:01:02
  6. Module 05 - Protection of Information Assets
    1. Module 05 Introduction 00:01:30
    2. Lesson 1: Importance Of Information Security 00:01:19
    3. Key Elements of Information Security Management 00:01:07
    4. Information Security Management Roles and Responsibilities 00:00:15
    5. Inventory and Classification of Information Assets Part1 00:00:54
    6. Inventory and Classification of Information Assets Part2 00:01:47
    7. System Access Permission Part1 00:03:04
    8. System Access Permission Part2 00:02:37
    9. Mandatory and Discretionary Access Controls 00:02:43
    10. Privacy Management Issue and the Role of IS Auditors Part1 00:00:42
    11. Privacy Management Issue and the Role of IS Auditors Part2 00:00:37
    12. Critical Success Factors to Information Security Management 00:00:55
    13. Information Security and External Parties 00:01:16
    14. Identification of Risks Related to External Parties 00:01:09
    15. Addressing Security When Dealing with Customers 00:02:55
    16. Addressing Security and Third-Party Agreements Part1 00:00:41
    17. Addressing Security and Third-Party Agreements Part2 00:00:43
    18. Human Resources Security and Third Parties Part1 00:01:37
    19. Human Resources Security and Third Parties Part2 00:01:26
    20. Computer Crime Issues and Exposures Part1 00:02:45
    21. Computer Crime Issues and Exposures Part2 00:02:26
    22. Types of Computer Crimes Part1 00:01:36
    23. Types of Computer Crimes Part2 00:03:44
    24. Peer to Peer, Instant Messaging, Data Leakage and Web-Based Technologies 00:02:21
    25. Security Incident Handling and Response Part1 00:02:06
    26. Security Incident Handling and Response Part2 00:01:32
    27. Lesson 2: Logical Access 00:00:25
    28. Logical Access Exposures 00:00:43
    29. Familiarization with the Enterprise IT Environment 00:00:20
    30. Paths of Logical Access 00:01:03
    31. General Points of Entry 00:00:17
    32. Logical Access Control Software 00:00:41
    33. Identification and Authentication 00:01:52
    34. Features of Passwords Part1 00:01:09
    35. Features of Passwords Part2 00:02:20
    36. Identification and Authentication Best Practices 00:03:09
    37. Token Devices, One-Time Passwords 00:01:35
    38. Management of Biometrics 00:02:47
    39. Single Sign-On Part1 00:01:35
    40. Single Sign-On Part2 00:01:06
    41. Authorization Issues 00:00:38
    42. Access Control Lists 00:00:45
    43. Logical Access Security Administration 00:01:01
    44. Remote Access Security Part1 00:01:41
    45. Remote Access Security Part2 00:01:08
    46. Common Connectivity Methods Part1 00:02:33
    47. Common Connectivity Methods Part2 00:00:21
    48. Remote Access Using PDAs 00:01:54
    49. Access Issues with Mobile Technology 00:02:13
    50. Access Rights to System Logs 00:01:04
    51. Tools for Audit Trail Analysis 00:00:55
    52. Use of Intrusion Detection 00:01:32
    53. Storing, Retrieving, Transporting and Disposing of Confidential Information 00:02:42
    54. Lesson 3: Network Infrastructure Security 00:00:44
    55. LAN Security 00:00:37
    56. Virtualization 00:00:43
    57. Client/Server Security Part1 00:01:24
    58. Client/Server Security Part2 00:02:21
    59. Client/Server Security Part3 00:00:53
    60. Wireless Security Threats and Risks Mitigation Part1 00:00:33
    61. Wireless Security Threats and Risks Mitigation Part2 00:00:56
    62. Internet Threats and Security 00:02:06
    63. Network Security Threats 00:03:13
    64. Internet Security Control Audits 00:03:00
    65. Firewall Security Systems 00:03:52
    66. Common Attacks Against a Firewall 00:01:46
    67. Examples of Firewall Implementation 00:01:56
    68. Intrusion Detection 00:02:09
    69. Describing IDS and IPS Deployment 00:02:38
    70. Encryption Part1 00:00:48
    71. Encryption Part2 00:02:29
    72. Uses of Encryption 00:01:39
    73. Viruses 00:01:49
    74. Technical Controls Against Viruses 00:00:21
    75. AV Software 00:01:24
    76. Voice Over IP 00:01:18
    77. Private Branch Exchange 00:01:05
    78. Lesson 4: Auditing Information Security Management Framework Part1 00:00:20
    79. Auditing Information Security Management Framework Part2 00:00:43
    80. Auditing Logical Access 00:00:45
    81. Techniques for Testing Security 00:01:39
    82. Lesson 5: Auditing Network Infrastructure Security 00:01:11
    83. Auditing Remote Access 00:01:29
    84. Network Penetration Test 00:02:56
    85. Types of Penetration Tests 00:01:53
    86. Full Network Assessment Reviews 00:00:41
    87. Development and Authorization of Network Changes 00:00:39
    88. Unauthorized Changes 00:01:00
    89. Computer Forensics 00:01:33
    90. Chain of Evidence 00:02:19
    91. Lesson 6: Environmental Exposures and Controls Part1 00:00:04
    92. Environmental Exposures and Controls Part2 00:02:26
    93. Lesson 7: Physical Access Exposures and Controls 00:00:15
    94. Physical Access Exposures 00:01:01
    95. Physical Access Controls 00:02:04
    96. Auditing Physical Access 00:01:28
    97. Lesson 8: Mobile Computing Part1 00:00:13
    98. Mobile Computing Part2 00:01:31
    99. Module 05 Review 00:01:07
    100. Course Closure 00:02:45