Training Week San Diego 

Browse All of Our Events »

Course Overview

Choose one of the following educational tracks to study during your training week.
Each track is led by subject-matter experts for a high-value learning experience.

Cybersecurity Fundamentals SOLD OUT
Fundamentals of IS Audit and Assurance
Foundations of IT Risk Management SOLD OUT


Cybersecurity Fundamentals SOLD OUT

Course Description

Why become a cyber security professional? The protection of information is a critical function for all enterprises. Cyber security is a growing and rapidly changing field, and it is crucial that the central concepts that frame and define this increasingly pervasive field are understood by professionals who are involved and concerned with the security implications of Information Technologies (IT). The CSX Fundamental Course is designed for this purpose, as well as to provide insight into the importance of cyber security, and the integral role of cyber security professionals. This course will also cover four key areas of cyber security: 1) cyber security architecture principles, 2) security of networks, systems, applications and data, 3) incident response, and 4) the security implications of the adoption of emerging technologies. Designed as a foundational course, it will also prepare learners for the CSX Fundamental Exam.

Level: Beginner to Intermediate

Learning Objectives

At the conclusion of the course, attendees will be able to:

  • Understand basic cyber security concepts and definitions
  • Apply cyber security architecture principles
  • Identify components of a cyber security architecture
  • Define network security architecture concepts including:
    • topology
    • protocols
    • components
    • principles
  • Understand malware analysis concepts and methodology
  • Recognize the methodologies and techniques for detecting host-and-network-based intrusions via intrusion detection technologies
  • Identify computer network defense (CND) and vulnerability assessment tools, including open source tools and their capabilities
  • Understand system hardening
  • Apply penetration testing principles, tools, and techniques
  • Define network systems management principles, models, methods, and tools
  • Understand remote access technology and systems administration concepts
  • Recognize the Unix command line
  • Distinguish system and application security threats and vulnerabilities
  • Recognize system lifecycle management principles, including software security and usability
  • Understand the local specialized system requirements for safety, performance, and reliability
  • Define types of incidents (categories, responses, and timelines for responses)
  • Outline disaster recovery and business continuity planning
  • Understand incident response and handling methodologies
  • Understand security event correlation tools, and how different file types can be used for atypical behavior
  • Recognize investigative implications of hardware, operating systems, and network technologies
  • Be aware of the basic concepts, practices, tools, tactics, techniques, and procedures for processing digital forensic data
  • Identify network traffic analysis methods
  • Recognize new and emerging information technology and information security technologies including:
    • The current threat landscape
    • Mobile devices
    • Cloud computing and storage

Target Audience
The target audience for this course includes:

  • Zero to three years cyber security experience.
  • Audit, risk, compliance, information security, government and legal professionals with a familiarity of basic IT/IS concepts who:
    • are new to cyber security
    • are interested in entering the field of cyber security
    • are interested in the ISACA Cybersecurity Certification
  • This course would be appropriate for students and recent graduates

A pre-assessment of attendees should gather information that will assist the instructor in determining the baseline knowledge of participants, as well as any necessary demographic information.  Results from the pre-assessment should be used to help focus lecture and activities to be most meaningful to all participants.  The pre-assessment should include questions regarding:

  • Level & years of IT experience / practical experience
  • Knowledge or experience regarding Information Security/Cybersecurity
  • Title/Role
  • Enterprise specifics:
    • Domestic or international
    • Size / # employees
    • Industry
    • Region (US / non-US)
  • Do they have a degree in cyber security or a related field (if so what)?
  • What university did they attend?

Back to top of page

Fundamentals of IS Audit & Assurance

Course Description

The Fundamentals of IS Audit and Assurance Course will introduce the essential components and steps needed to perform an information system (IS) audit, and gain a basic understanding of audit objectives and controls. To address the evolving role of the IS auditor within an enterprise and how it integrates into the audit function, the course will approach an audit from a business perspective, focusing on organizational risks that occur from the use of IT and how to mitigate them to provide assurance. This foundational-level course will also provide an overview of some IT audit tools and techniques used to plan, perform, and manage an IS audit.

Level: Beginner to intermediate

Learning Objectives

  • Learn basic IS audit and assurance concepts and the elements of the engagement
  • Understand IT Risk and related controls, and how they impact an enterprise and its information assets
  • Understand how IS audit and assurance ties into the overall governance process
  • Apply IS audit and assurance standards, guidelines, tools and techniques
  • Perform a risk-based IS audit:
    • Plan IS audit activities
    • Prepare, test and document results
    • Report results and communicate with stakeholders
    • Perform follow up and close activities
  • Understand the impact and considerations for local, state, country, international and industry regulations in determining the audit approach

Target Audience

  • Internal and external, IS and non-IS auditors
  • Assurance, risk and compliance professionals who need to understand technology related controls
  • IT Managers and Business Managers responsible for audit coordination and support
  • Any IT Professional who coordinates, supports, or is involved in assurance activities

Back to top of page

Foundations of IT Risk Management SOLD OUT

Course Description

Effective management of IT-related business risk has become an essential part of IT governance. A comprehensive understanding of how information technology affect business objectives is essential in today’s business environment. Leading the drive to help enterprises mitigate risks, ISACA has developed a fundamental IT Risk Management training course that is applicable to all IT and business professionals.

The IT Risk Management training course provides an in-depth view of IT related business risk management and the methodology that includes risk identification, evaluation and response. The course describes the principles of IT risk management, the responsibilities and accountability for IT risk, how to build risk awareness, and how to communicate risk scenarios, business impact and key risk indicators. Included in the course is the opportunity to create a business focused, process oriented and measurement driven risk response plan.

Learning Objectives

  • Describe the principles and methodology of IT risk management
  • Recognize how a strong framework can help achieve best practices in IT risk management (common language, good structure, sense of completeness, etc…)
  • Discuss aspects of risk culture and how they affect risk management
  • Define and describe overall environment (risk universe) that will be subject to IT risk management
  • Apply the concepts of IT risk management methodologies to realize business benefits and outcomes
  • Discuss risk appetite and risk tolerance concepts and how they are important for IT risk management
  • Discuss the concept of risk profile and how it can be used
  • Identify operational and implementation issues
  • Differentiate between loss, threat and vulnerability events
  • Determine what data to collect and where to collect it to monitor and respond to risk
  • Discuss several methods to describe impact and magnitude of IT events in business-related terms
  • Understand key risk indicators and key performance indicators
  • Enable an informed risk response
  • Describe risk responses suitable for different risk scenarios
  • Develop risk response plans for your enterprise

Target Audience

  • Business managers
  • Risk manager
  • Information security managers
  • IT managers

Back to top of page

COBIT 5: Strategies for Implementing IT Governance

Course Description

Learn how COBIT 5 is used to promote effective alignment of IT with business goals in the management of value delivery and risk mitigation. Integrating research by the IT Governance Institute (ITGI) and ISACA's COBIT education courses, this comprehensive program highlights IT issues, governance concepts, risk management and control. It uses the most current COBIT information, as well as supporting components and related tools, to provide guidance in implementing an IT governance process. Lecture, discussion, case studies and exercises are used to help the participant understand the proper techniques.

Level: Beginner to Intermediate

Learning Objectives

At the conclusion of this workshop, you will be able to:

  • Understand the major drivers for the development of a framework
  • Recognize the business benefits of using COBIT 5
  • Describe the COBIT 5 product architecture
  • Identify the IT management issues and challenges that affect enterprises
  • Define the 5 Key Principles of COBIT 5 for the governance and management of enterprise IT
  • Realize how COBIT 5 enables IT to be governed and managed in a holistic manner for the entire enterprise.
  • Understand the key concepts in a Process Capability Assessment and the key attributes of the COBIT 5 PAM (Process Assessment Model)
  • Recognize how the COBIT 5 processes and the Process Reference Model (PRM) help guide the creation of the 5 Principles and the 7 Governance and Management Enablers
  • Implement IT governance utilizing tools, publications and approaches identified in the COBIT 5 family of products
  • Utilize a case study to:
    • Understand the COBIT5 implementation model
    • Apply areas learned in the COBIT5 Foundation Course in a scenario format
    • Gain an appreciation for the utility and applicability of the various tools and techniques and how they can be used in your organizations

Target Audience

  • Users new to COBIT, who want to learn more about COBIT 5
  • All core IT professionals working in audit, assurance, risk, security and governance

Back to top of page

Course Duration: 4 days
CPE: up to 32
Course Hours: Tuesday-Friday, 8:30AM-5:00PM
Registration Hours: Tuesday, 7:30AM-12:00PM

Attendance at all ISACA Training Week Courses include the following:

  • 4-day instructor-led training course
  • Course materials
  • Continental breakfasts
  • Morning and afternoon coffee breaks
  • Lunches daily

Dinners, travel, hotel and parking accommodations are the responsibility of the attendee and are not included in the cost of the course registration.

Go Green

32 Hours
Earn up to 32 CPE Hours!

Early Bird Cost: $2,095 members / $2,295 nonmembers before 9 October 2018
Cost: $2,295 members / $2,495 nonmembers
Cancellation Deadline: 6 November 2018

Register Now



Payment Methods

Choose one of these easy ways to pay

  1. Pay online at
  2. Mail your payment to: ISACA, 1055 Paysphere Circle, Chicago, IL 60674 USA
  3. Bank Wires—send electronic payments in US dollars to:
    Bank of America, 135 S. LaSalle St., Chicago, IL 60603
    ABA #0260-0959-3
    ISACA Account #22-71578
    S.W.I.F.T. code BOFAUS3N
    [Please include attendee’s name and ISACA Training Week on the Advice of Transfer.]

ISACA offers discounts to organizations sending 4 or more employees to a single event. Please contact the ISACA Training & Education Department for more details at +1.847.660.5543 or

Event Registration Policy

NOTE: Registration is contingent upon full payment of the registration fee. To guarantee registration, course fees must be received two weeks before the course begins. It may take 10 or more business days for a wire transfer or mailed check to reach ISACA, so please plan accordingly. Course materials are not guaranteed to those who register on site or fail to submit payment two weeks prior to the event.

Cancellation Policy

All cancellations must be received by the published deadline to receive a refund of registration fees. A cancellation charge of US $295 will be subtracted from conference refunds, and US $50 per workshop from workshop refunds. No refunds can be given after the cancellation deadline above. Attendee substitution is permitted at any time until the conference. If a nonmember is substituting a member, then there will be additional nonmember fees. If attendee has already received the materials for the course, they will not qualify for a refund or credit.

If, for any reason, ISACA must cancel a course or event, liability is limited solely to the registration fees paid. ISACA is not responsible for other expenses incurred, including travel and accommodation fees. For more information regarding administrative policies, please contact ISACA.
Phone: +1.847.660.5505
Fax: +1.847.253.1443

Continuing Professional Education Credits

To maintain ISACA certifications, certification holders are required to earn 120 CPE credit hours over a 3-year period in accordance with ISACA’s continuing professional education (CPE) policy. Attendees can earn up to 32 CPE credits by attending the four-day ISACA Training Week Course. ISACA training week courses are Group Live and do not require any advanced preparation.

Disclaimer Policy

ISACA reserves the right to alter or delete items from the program in the event of unforeseen circumstances. Material has been prepared for the professional development of ISACA members and others in the IT audit, control, security, and governance community. Neither the presenters nor ISACA can warrant that the use of material presented will be adequate to discharge the legal or professional liability of the members in the conduct of their practices. All materials used in the preparation and delivery of presentations on behalf of ISACA are original materials created by the speakers, or otherwise are materials which the speakers have all rights and authority to use and/or reproduce in connection with such presentation and to grant the rights to ISACA as set forth in speaker agreement. Subject to the rights granted in the speaker agreement, all applicable copyrights, trade secrets, and other intellectual property rights in the materials are and remain with the speakers.

Please note: Unauthorized recording, in any form, of presentations and workshops is prohibited.

Not a member of ISACA? Join today!

When you register for the conference as a nonmember, the difference between member and nonmember conference fees can be applied towards ISACA membership. This means you can become a member at the international and chapter level for little to no additional cost; it just depends on your local chapter dues. To take advantage of this great offer, click on the "Click here to join now" link in your conference registration shopping cart. For more information about ISACA membership, visit the web site at or contact the membership department at

Permission to be Photographed

By attending this event, the registrant grants permission to be photographed during the event. The resultant photographs may be used by ISACA for future promotion of ISACA’s educational events on ISACA’s web site and/or in printed promotional materials, and by attending this event, the registrant consents to any such use. The registrant understands any use of the photographs will be without remuneration. The registrant also waives any right to inspect or approve the aforementioned use of any photographs now or in the future.


Business casual is appropriate for all training events.


Obtaining a VISA is solely the responsibility of the registrant. Please contact the local government of the host country for details. Once a paid registration is received, a letter of invitation will be provided by ISACA, on request.

Course Location

Hilton San Diego Mission Valley
901 Camino del Rio S
San Diego, CA 92108

The host hotel has reached capacity for this event. We are pleased to offer an ISACA room rate at the Springhill Suites. There are limited number of rooms available so please book now!

Book Your Group Rate for Isaca Overflow Rooms

SpringHill Suites San Diego Mission Valley
Room Rate: $159.00




Please Contact ISACA's Learning Solutions Department:
Fax: +1.847.253.1443