CISA

Audit planning and risk-based strategy · Audit execution and evidence · Sampling and analytics · Reporting and follow-up · IS audit standards and ethics

IT governance frameworks · IT strategy and policies · Organizational structure and roles · Enterprise risk management · IT resource and portfolio management

Project management and SDLC · Requirements and feasibility · Application controls · Testing and implementation · Post-implementation review

IT operations and service management · Database and infrastructure management · Business continuity planning · Disaster recovery · Incident and problem management

Information security frameworks · Identity and access management · Network and endpoint security · Data classification and encryption · Security event monitoring and response