• Confirm your knowledge and experience. 
• Quantifies and markets your expertise. 
• Demonstrates that you have gained and maintained the level of knowledge required to meet the dynamic challenges of a modern enterprise. 
• Is globally recognized as the mark of excellence for the IS audit professional. 
• Combines the achievement of passing a comprehensive exam with recognition of work and educational experience, providing you with credibility in the marketplace. 
• Increases your value to your organization. 
• Gives you a competitive advantage over peers when seeking job growth. 
• Helps you achieve a high professional standard through ISACA’s requirements for continuing education and ethical conduct. 

Module 1: Information Systems Auditing Process

• Planning
  • IS Audit Standards, Guidelines, and Codes of Ethics
  • Types of Audits, Assessments, and Reviews
  • Risk-Based Audit Planning
  • Types of Controls and Considerations
• Execution
  • Audit Project Management
  • Audit Testing and Sampling Methodology
  • Audit Evidence Collection Techniques
  • Audit Data Analytics
  • Reporting and Communication Techniques
  • Quality Assurance and Improvement of Audit Process

Module 2: Governance and Management of IT

• IT Governance
• Laws, Regulations, and Industry Standards
  • Organisational Structure, IT Governance, and IT Strategy
  • IT Policies, Standards, Procedures and Practices
  • Enterprise Architecture and Considerations
  • Enterprise Risk Management
  • Privacy Program and Principles
  • Data Governance and Classification
• IT Management
  • IT Resource Management
  • IT Vendor Management
  • IT Performance Monitoring and Reporting
  • Quality Assurance and Quality Management of IT

Module 3: Information Systems Acquisition, Development and Implementation

• Information Systems Acquisition and Development
  • Project Governance and Management
  • Business Case and Feasibility Analysis
  • System Development Methodologies
  • Control Identification and Design
• Information Systems Implementation
  • System Readiness and Implementation Testing
  • Implementation Configuration and Release Management
  • System Migration, Infrastructure Deployment, and Data Conversion
  • Post-implementation Review

Module 4: Information Systems Operations and Business Resilience

• Information Systems Operations
  • IT Components
  • IT Asset Management
  • Job Scheduling and Production Process Automation
  • System Interfaces
  • Shadow IT and End-User Computing
  • Systems Availability and Capacity Management
  • Problem and Incident Management
  • IT Change, Configuration, and Patch Management
  • Operational Log Management
  • IT Service Level Management
  • Database Management
• Business Resilience
  • Business Impact Analysis
  • System and Operational Resilience
  • Data Backup, Storage, and Restoration
  • Business Continuity Plan
  • Disaster Recovery Plans

Module 5: Protection of Information Assets

• Information Asset Security and Control
  • Information Asset Security Frameworks, Standards, and Guidelines
  • Physical and Environmental Controls
  • Identity and Access Management
  • Network and End-Point Security
  • Data Loss Prevention
  • Data Encryption
  • Public Key Infrastructure
  • Cloud and Virtualised Environments
  • Mobile, Wireless, and Internet-of-Things Devices
• Security Event Management
  • Security Awareness Training and Programs
  • Information System Attack Methods and Techniques
  • Security Testing Tools and Techniques
  • Security Monitoring Tools and Techniques
  • Security Incident Response Management
  • Evidence Collection and Forensics

• Executives and professionals in IT. 
• Experts in information and operational risk management. 
• Specialists in IT infrastructure security. 
• Internal control. 
• IT audit.