Certified Information Systems Auditor CISA (Part 4 of 5): Operations and Support

The goal of this course is to talk about operations maintenance and support practices and the expected level of service delivered. The purpose is for the CISA to be able to understand and provide assurance and to meet the strategic objectives of the organization. This course contains the following lessons:

Lesson 1:

• Management of IS Operations
• Control Functions
• IT Services
• Service Level
• Infrastructure Operations
• Scheduling
• Monitor Resource Usage
• Problem Management
• Abnormal Conditions
• Access to Logs
• Support/Helpdesk
• Change Management Process
• Release Management
• Information Security Management
• Media Sanitization.

Lesson 2:

• Computer Hardware Components and Architecture
• Common Enterprise Backend Devices
• Specialized Devices
• Risks
• Security Control
• RFID
• RFID Risks
• RFID Security Control
• Hardware Maintenance Program
• Hardware Monitoring Procedures
• Capacity Management
• Capacity Management Continued.

Lesson 3:

• IS Architecture and Software
• Operating Systems
• Software Integrity Issues
• Activity Logging and Reporting Options
• Data Communication Software
• Database Management
• Database Management Continued
• Example of Data in DBMS
• DBMS Architecture
• Data Definition Language
• Database Structures
• Relational Database
• Database Models
• Relational Database Model
• Data Integrity Controls
• Tape and Disk Management Systems
• Utility Programs
• Software Licensing Issues
• Software Licensing Issues Continued
• Digital Rights Management.

Lesson 4:

• Enterprise Network Architecture
• Types of Networks
• LAN Components
• Network Standards and Protocols
• OSI Architecture
• OSI Layers
• Application to Network Architecture
• LAN Media Access Technologies
• OSI Layer Diagram.

Lesson 5:

• LAN Technology Selection Criteria
• Wide Area Networks
• WAN Message Transmission Techniques
• WAN Devices
• Point-to-Point Protocol
• Wireless WANs and LANs
• Wireless Security
• Risks of Wireless Communications
• World Wide Web Services
• General Internet Terminology
• Network Controls
• Network Management Issues and Tools
• Client/Server Technology
• Client/Server Technology Continued
• Risks of Middleware.

Lesson 6:

• RPO and RTO
• Recovery Strategies
• Hot and Cold Sites
• Disaster Recovery Methods
• Redundancy
• Development of Disaster Recovery Plans
• Organization and Assignment of Responsibilities
• Backup and Restoration
• Offsite Storage
• Types of Backup Devices and Media
• Periodic Backup Procedures and Rotation Frequency
• Backup Scheme.