On-Site Training Course Descriptions

Save on travel costs. ISACA can provide high-quality On-Site Training at the location that is the most convenient and cost-effective to your enterprise.

Education
- Conferences
- Online Learning
- Training
  - Training Week
  - eLearning Campus
  - On-Site Training
    - Instructor Biographies
    - ISACA On-Site Training
    - On-Site Training Course Descriptions
  - Exam Review Courses
  - Training Courses Instructor Profiles
- COBIT Education
- Browse All Events
- Sponsorship and Exhibit Opportunities
- Call for Papers

ISACA Brings the Training to You

“Many companies have cut travel budgets, but still need continuing education for their employees. ISACA’s onsite courses will provide employees with the training they need and eliminate staff transportation costs.” —Don Caniglia, ISACA instructor, CISA, CISM, CGEIT

On-Site Training offers a variety of courses, designed for IT audit, assurance, control, security and governance professionals delivered by experienced, trainers, conference speakers and presenters.

Don't See What You Need?

Consult with an ISACA accredited trainer to customize a current course to your enterprise's specific needs. For more information, contact onsitetraining@isaca.org.

Fundamentals of IT Audit and Assurance (FITAA)

Download Course Outline

The role of the auditor has evolved from focusing solely on management to becoming responsible for the controls that provide the proper governance of an enterprise’s most valuable asset—information.

This comprehensive program, aligned with the Certified Information Systems Auditor (CISA) job practice areas, will provide more than just a basic understanding of the controls and objectives. This course will enhance understanding of the necessary tools and techniques, illustrate why they are needed, and show how they should be used to optimize the assessment and assurance process.

Please note: This is not a CISA review course.

After completing this course the participant will be able to:

Provide stakeholders assurance that the enterprise’s information is properly protected
Assure that the correct controls are in place and effective in order to achieve business goals
Have more than just a basic understanding of the controls and objectives
Understand organizational risks and how to mitigate them to provide assurance

Level: New to IT auditing (up to two years of experience).

Prerequisites: None.

Who Should Attend:

New IT auditors
Financial and operational auditors seeking a better understanding of IT controls
Auditors and accountants needing to understand IT controls for compliance reporting
IT professionals seeking to understand assurance and/or assessment processes
Those aspiring to attain the CISA designation

IT Audit and Assurance Practices (ITAAP)

Download Course Outline

Building on information presented in the Fundamentals of IT Audit and Assurance, this course is a practice-based program that uses lecture, class interaction and case studies. Since it is aligned with the CISA job practice areas and ISACA’s IS Auditing Standards, Guidelines and Procedures, the course is of great value to professionals preparing for the CISA examination.

The course focuses on areas of IT management and governance practices; systems development, acquisition and maintenance activities; business continuity and contingency planning; data management and information asset protection; regulatory compliance; IT infrastructures; and performance- and service-level delivery. Process steps will be developed and/or provided for each focus area, including identification of the control objectives, audit planning, program development and report generation.

Please note: This is not a CISA review course.

After completing this course the participant will be able to:

Develop a risk assessment process and related mitigation strategies
Develop an audit or internal assessment plan
Develop effective and results-oriented assurance practices on which management can rely
Level: Intermediate (at least two years of experience)

Prerequisite: The Fundamentals of IT Assurance and Audit course; or understanding of IT and assurance concepts.

Who Should Attend:

Experienced IT auditors who need an in-depth understanding of assurance practices
Assurance professionals and financial and operational auditors who need an understanding of IT
IT professionals who need an understanding of selfassessment practices and processes
IT or assurance professionals looking for methods to identify, measure and test risk
Security professionals who need to understand how to test and measure security controls
Those aspiring to attain the CISA designation
Current CISAs

Information Security Management

Download Course Outline

Information is much more accessible and available today. Similarly, the risks and security threats associated with information have increased, not only in number, but also in complexity. This program is designed specifically for information security professionals who have, or aspire to have, information security management responsibilities. Participants will learn how to develop and manage a capability to respond to and recover from disruptive and destructive information security events.

The course focuses on the five content areas of the Certified Information Security Manager (CISM) job practice:

Information security governance
Risk management
Information security program development
Information security management>
Response management

Please note: This is not a CISM review course.

After completing this course the participant will be able to:

Ensure that an enterprise’s information is protected
Have the expertise needed to reduce risk and protect the enterprise
Design, develop, implement and manage an effective security management program
Establish and maintain an IT governance framework aligned with business objectives
Identify and manage information security risks

Level: Intermediate (3 or more years of experience)

Prerequisites: Knowledge and understanding of information security architecture and technology. Previous managerial experience is helpful but not required.

Who Should Attend:

Information security practitioners
Information security consultants
Information security managers
Security professionals, including those aspiring to attain the CISM designation

COBIT: Strategies for Implementing IT Governance

Download Course Outline

Enterprises today are learning that strong relationships between business goals and supporting processes are imperative to effectively obtain, maintain and sustain organizational success. In order to be successful, business goals and IT goals must be aligned as they drive these processes. This course discusses how COBIT is used to promote effective alignment of IT with business goals in the management of value delivery and risk mitigation.

Integrating research by the IT Governance Institute (ITGI) and current COBIT educational courses offered by ISACA, this comprehensive COBIT training program highlights IT issues, governance concepts, risk management and control. The course uses ISACA’s the most current COBIT and Val IT information, as well as supporting components and related tools to provide guidance in implementing an IT governance process. Lecture, discussion, case studies and exercises are used to help the participant understand the proper techniques.

After completing this course the participant will be able to:

Define successful enterprise governance of IT and IT governance principles, and integrate these principles into enterprise governance of IT
Understand ISACA’s approach to IT governance implementation using the COBIT framework
Know practical implementation factors and how to sustain IT governance implementation
Discuss IT control and assurance practices
Identify IT issues and the related business impacts
Apply the framework(s) in practice, and discuss COBIT’s relationship to other frameworks and standards
Create meaningful measures and integrate management feedback in performance measurement frameworks

Level: Intermediate

Prerequisites:

Previous IT governance, assurance/audit, security and/or management experience
An understanding of the concepts, terminology, approaches, methodologies and techniques to govern the IT environment

Managerial experience will be beneficial, but is not required.

Who Should Attend:

Anyone who needs and uses IT in support of their success
IT professionals and business managers responsible for organizational information systems and security
IT professionals and business managers responsible for implementing Enterprise Governance of IT
IT assurance and audit professionals
Business and IT professionals
Current or aspiring Certified in the Governance of Enterprise IT (CGEIT) holders

Governance of Enterprise IT

Download Course Outline

This Training Week course will assist in the development of a governance strategy to provide effective processes that can bring and help sustain value, while effectively managing risk to, and in, an organization. This course will help clarify the questions asked within enterprises, and explain the value that governance brings to the enterprise, and the risks that can be encountered if IT governance practices are not implemented. The course will also explain how to sustain governed practices, and the primary issues to be addressed with the change to the existing business philosophy and current IT processes.

In this course, you will learn more about:

Value and risk practices necessary for business success
Potential tools and capabilities needed to implement enterprise governance
Constraints to achieving governance success
The need to govern IT as a business resource and measure its success in those terms
Measures to validate governance success

Level: Intermediate

Prerequisites:

Previous IT governance, assurance/audit, security and/or management experience
An understanding of the concepts, terminology, approaches, methodologies and techniques to govern the IT environment
Managerial experience will be beneficial, but is not required

Who Should Attend:

IT management looking for more efficient and effective practices to support the business
Managers responsible for IT investments
Compliance and Information Security professionals
Senior IT management looking for more efficient and effective practices in managing resources including IT resources
Organizational strategic managers

IT Risk Management

Download Course Outline

Effective management of business risk has become an essential component of IT governance. Leading the drive to help enterprises mitigate risks, ISACA has developed an IT enterprise risk management (ERM) framework, Risk IT.

The IT Risk Management Training Week course provides an in‐depth review of the Risk IT framework and the process model that includes risk governance, risk evaluation, and risk response. The course describes the principles of IT risk management, the responsibilities and accountability for IT risk, how to build up awareness, and how to communicate risk scenarios, business impact and key risk indicators. Included in the course is an explanation of how Risk IT relates to COBIT and an examination of the implementation and operational issues of ISACA’s Risk IT framework.

After completing this course you will be able to:

Describe the principles of IT risk management

List the components of ISACA’s Risk IT framework

Apply the concepts of the model to realize its full business benefits and outcomes

Explain how the Risk IT framework relates to COBIT

Evaluate implementation and operational issues

Integrate IT risk management with ERM

Establish and maintain a common risk‐view and make risk‐aware business decisions

Maintain an operational risk profile, assess and respond to risk

Collect event data, monitor risk and report exposures and opportunities

Recognize how the Risk IT framework can help achieve best practices in IT risk management

Develop risk plans for your organization

Additional Courses

COBIT Foundation Course

Learn how COBIT addresses the need for sound IT governance practices and find out how to use COBIT for the maximum benefit to your enterprise. Through case studies and practical examples that explain the COBIT framework, control objectives, control practices and management guidelines, you will discover how the components of COBIT relate to your organization. At the completion of this course, students may take the optional COBIT Foundation Exam, and upon successful completion be awarded the COBIT Foundation Certificate.This may be arranged as part of the On-Site Training Course or taken independently online at ISACA’s eLearning Campus.

Implementing Governance of Enterprise IT Using COBIT

This interactive training illustrates the implementation of the COBIT framework for supporting Governance of Enterprise IT. It will provide a step through approach of the full life cycle of COBIT by identifying needs through the implementation process to enable governance of IT in support of the business strategies, and then return to continual processes in repeating these practices. It is a case study driven training illustrating the necessary practices to be successful in its implementation.

At the completion of the course, participants passing the optional COBIT Implementation Exam will be awarded the COBIT Implementation Certificate.

Using COBIT in IT Assurance and Audit

Download Course Outline

This training will increase your understanding of the core concepts and the relationship between control, IT assurance and IT governance, as well as the core concepts of an assessment of the effectiveness of controls. The training includes the core concepts of COBIT and how COBIT can be used to conduct IT assurance engagements and support assurance activities. Learn how to link the business and IT goals to support the organization along with documenting and communicating the business impact of control weaknesses.


What is CISA	What is CISM	What is CGEIT	What is CRISC
Benefits of CISA	Benefits of CISM	Benefits of CGEIT	Benefits of CRISC
How to Become Certified	How to Become Certified	How to Become Certified	How to Become Certified
Register for the Exam	Register for the Exam	Register for the Exam	Register for the Exam
Prepare for the Exam	Prepare for the Exam	Prepare for the Exam	Prepare for the Exam
Taking the Exam	Taking the Exam	Taking the Exam	Taking the Exam
Apply for Certification	Apply for Certification	Apply for Certification	Apply for Certification
Maintain Your CISA	Maintain Your CISM	Maintain Your CGEIT	Maintain Your CRISC

World Congress: INSIGHTS	Training Week	Webinars
North America CACS	eLearning Campus	Virtual Conferences
EuroCACS / ISRM	On-Site Training
Governance, Risk and Control	Exam Review Courses	COBIT EDUCATION
North America ISRM
Latin America CACS / ISRM
Oceania CACS
Asia-Pacific CACS / ISRM


COBIT 5 Home
Product Family
Training & Accreditation
Licensing
Join the Conversation
News
Recognition
FAQs