We may earn an affiliate commission when you visit our partners.
Whizlabs Instructor
Information System Auditing, Governance, and Management is the first course of Exam Prep: Certified Information Systems Auditor (CISA) Specialization. The course also explores enterprise governance frameworks, IT policies and standards, quality management practices, and enterprise architecture. Additionally, it covers IT resource management and regulatory compliance, providing a comprehensive foundation for professionals involved in IT audit, risk, and governance roles.
Read more
Information System Auditing, Governance, and Management is the first course of Exam Prep: Certified Information Systems Auditor (CISA) Specialization. The course also explores enterprise governance frameworks, IT policies and standards, quality management practices, and enterprise architecture. Additionally, it covers IT resource management and regulatory compliance, providing a comprehensive foundation for professionals involved in IT audit, risk, and governance roles.
Read more
Information System Auditing, Governance, and Management is the first course of Exam Prep: Certified Information Systems Auditor (CISA) Specialization. The course also explores enterprise governance frameworks, IT policies and standards, quality management practices, and enterprise architecture. Additionally, it covers IT resource management and regulatory compliance, providing a comprehensive foundation for professionals involved in IT audit, risk, and governance roles.
The course is divided into three modules, and Lessons and Video Lectures further segment each module. This course facilitates learners with approximately 2:00-2:30 Hours of Video lectures that provide both Theory and Hands-On knowledge. Also, Graded and Ungraded Quizzes are provided with every module to test the ability of learners.
- Module 1: Information System Auditing Process
- Module 2: Execution
- Module 3: Governance and Management of IT
This course is designed for IT auditors, audit managers, security professionals, and consultants. Their current job roles often involve assessing IT and business systems, managing risks, ensuring compliance, and implementing controls.
By the end of the course, learners will be able to:
- Evaluate & Test IT Controls Effectively.
- Utilize Key Audit Evidence & Analytics.
- Understand IT Governance & Compliance.
Register for this course and see more details by visiting:
OpenCourser.com/course/o57k1t/information
Here's a deal for you
Save money when you learn with a deal that may be relevant to this course.
All coupon codes, vouchers, and discounts are applied automatically unless otherwise noted.
Get offer
What's inside
Syllabus
Information System Auditing Process
Welcome to Week 1. Welcome to Week 2. This week, we’ll delve into the fundamentals of audit planning, starting with how to structure effective audit strategies and align them with organizational goals. We’ll explore various types of controls and gain a clear understanding of risk and its classifications. We’ll also examine risk response methodologies, including acceptance, mitigation, avoidance, and transference. Wrapping up the week, we’ll learn the key elements of risk-based audit planning, enabling you to prioritize audit efforts based on impact and likelihood.
Read more
Syllabus
Information System Auditing Process
Welcome to Week 1. Welcome to Week 2. This week, we’ll delve into the fundamentals of audit planning, starting with how to structure effective audit strategies and align them with organizational goals. We’ll explore various types of controls and gain a clear understanding of risk and its classifications. We’ll also examine risk response methodologies, including acceptance, mitigation, avoidance, and transference. Wrapping up the week, we’ll learn the key elements of risk-based audit planning, enabling you to prioritize audit efforts based on impact and likelihood.
Read more
Save this course
Create your own learning path.
Save this course to your list so you can find it easily later.
Save
Save
Activities
Coming soon
We're preparing activities for
Information System Auditing, Governance and Management.
These are activities you can do either before, during, or after a course.
Career center
Learners who complete Information System Auditing, Governance and Management will develop knowledge and skills
that may be useful to these careers:
Information System Auditor
Information System Auditor
An Information System Auditor is responsible for evaluating an organization's information technology infrastructure, applications, and operations to ensure security, compliance, and efficiency. This role involves assessing IT and business systems, managing risks, and implementing controls, aligning perfectly with the course's design for IT auditors. The Information System Auditing Governance and Management course directly addresses evaluating and testing IT controls effectively. Learners explore audit planning, risk classifications, and data analytics for strengthened audit outcomes, making this course essential for mastering the core competencies needed to excel as an Information System Auditor.
IT Governance Analyst
IT Governance Analyst
An IT Governance Analyst helps organizations establish and maintain frameworks, policies, and processes to align IT strategy with business objectives and ensure regulatory compliance. This role is crucial for managing and governing information technology. The Information System Auditing Governance and Management course provides an ideal foundation by exploring enterprise governance frameworks, IT policies and standards, and the creation and enforcement of IT standards. Understanding IT governance and compliance is a key learning objective, making this course highly relevant for anyone pursuing a career as an IT Governance Analyst.
Consultant Information Technology Audit
Consultant Information Technology Audit
A Consultant Information Technology Audit provides expert advice to organizations on improving their IT audit processes, risk management, and governance structures. Consultants are explicitly identified as a target audience for the course, highlighting its direct relevance. The Information System Auditing Governance and Management course offers a comprehensive foundation in the information system auditing process, execution, and governance and management of IT. This makes it an ideal resource for developing the expertise required to guide clients in evaluating IT controls and navigating regulatory compliance as a Consultant Information Technology Audit.
Information Technology Risk Manager
Information Technology Risk Manager
An Information Technology Risk Manager identifies, assesses, and mitigates risks to an organization's information systems and data, ensuring business continuity and security. The Information System Auditing Governance and Management course is fundamental for this career path, as it deeply explores risk and its classifications and various risk response methodologies including acceptance, mitigation, avoidance, and transference. It also covers risk based audit planning, enabling professionals to prioritize efforts based on impact and likelihood, which are critical skills for an Information Technology Risk Manager.
Information Technology Compliance Officer
Information Technology Compliance Officer
An Information Technology Compliance Officer ensures that an organization’s IT systems and processes adhere to relevant laws, regulations, and internal policies. This ensures an organization operates legally and ethically within the digital landscape. The Information System Auditing Governance and Management course is a perfect fit, providing a comprehensive understanding of regulatory compliance and the specific laws, regulations, and industry standards that influence IT governance. Learners gain insights into creating and enforcing IT standards, policies, and procedures to ensure operational consistency and compliance as an Information Technology Compliance Officer.
Information Security Analyst
Information Security Analyst
An Information Security Analyst protects an organization's computer systems and networks from threats by implementing security measures, monitoring for breaches, and responding to incidents. Security professionals are a target audience for this course, which aligns well with the foundational aspects of security. The Information System Auditing Governance and Management course helps build a solid understanding of how to evaluate and test IT controls effectively, manage risks, and ensure compliance, all of which are critical for an Information Security Analyst. The insights into enterprise architecture also support designing secure environments.
Quality Assurance Manager Information Technology
Quality Assurance Manager Information Technology
A Quality Assurance Manager Information Technology oversees and improves the quality of IT services, products, and processes through testing, standards, and best practices. The Information System Auditing Governance and Management course explicitly covers quality management practices, IT quality management standards, and quality assurance principles. This knowledge is directly applicable to establishing, monitoring, and improving IT quality frameworks. For a Quality Assurance Manager Information Technology, understanding IT controls and governance from this course helps ensure that quality processes are not only effective but also compliant and well managed.
Enterprise Architect
Enterprise Architect
An Enterprise Architect designs and defines the overall structure of an organization's IT systems, aligning them with business strategy and ensuring they are scalable, secure, and efficient. The Information System Auditing Governance and Management course directly delves into enterprise architecture, understanding how structured frameworks support scalable and secure IT environments. This course also explores aligning IT strategies with organizational objectives and creating IT standards, policies, and procedures, which are crucial for an Enterprise Architect to ensure robust and compliant architectural designs.
Internal Auditor
Internal Auditor
An Internal Auditor evaluates an organization's internal controls, corporate governance, and accounting processes. While often broader than IT, information systems form a critical component of modern internal audit functions. The Information System Auditing Governance and Management course directly addresses assessing IT and business systems, managing risks, and ensuring compliance. Its focus on the information system auditing process, control evaluation, and governance principles provides robust preparation for an Internal Auditor, particularly when specializing in technology driven audits.
Privacy Officer
Privacy Officer
A Privacy Officer is responsible for developing, implementing, and maintaining an organization's privacy policies and procedures, ensuring compliance with data protection laws and regulations. While not exclusively IT focused, privacy heavily relies on robust information systems and their governance. The Information System Auditing Governance and Management course covers regulatory compliance and various laws and industry standards, which are highly pertinent to privacy. Understanding IT controls and how to audit them effectively from this course is crucial for a Privacy Officer to ensure technology based privacy safeguards are in place and functioning correctly.
Data Governance Specialist
Data Governance Specialist
A Data Governance Specialist develops and implements policies and procedures for managing an organization's data assets, focusing on data quality, security, and compliance. Although the course name doesn't explicitly mention data, the principles of Governance and Management of IT are highly applicable. The Information System Auditing Governance and Management course helps build a foundation in IT policies and standards, regulatory compliance, and managing information and technology resources. These aspects are critical for a Data Governance Specialist to ensure that data is managed effectively, securely, and in adherence to relevant regulations.
Business Resiliency Analyst
Business Resiliency Analyst
A Business Resiliency Analyst develops and implements strategies to ensure an organization can withstand and recover from disruptive events, maintaining essential operations. Understanding risks and controls is paramount for this role. The Information System Auditing Governance and Management course explores risk and its classifications, along with various risk response methodologies. Furthermore, its coverage of IT governance, regulatory compliance, and enterprise architecture helps a Business Resiliency Analyst design robust IT environments and develop effective business continuity plans that are both secure and compliant with industry standards.
Chief Information Officer
Chief Information Officer
A Chief Information Officer is a senior executive who leads an organization's information technology strategy and operations, ensuring IT initiatives align with business goals. This role typically requires an advanced degree and extensive experience. The Information System Auditing Governance and Management course specifically addresses the governance and management of IT, aligning IT strategies with organizational objectives, and IT resource management. This understanding of audit, risk, and compliance principles is essential for a Chief Information Officer to make informed strategic decisions and maintain effective oversight.
Information Technology Project Manager
Information Technology Project Manager
An Information Technology Project Manager plans, executes, and closes IT projects, ensuring they meet objectives, deadlines, and budget. The Information System Auditing Governance and Management course may be useful for this role, as it explicitly covers audit project management, exploring how to structure and execute effective IT audits. Understanding IT governance, risk management, and compliance from this course helps an Information Technology Project Manager anticipate and mitigate project risks, incorporate necessary controls, and ensure projects align with organizational IT policies and standards from the outset.
Solutions Architect
Solutions Architect
A Solutions Architect designs and integrates IT solutions for specific business needs, translating requirements into technical specifications. This course may be helpful for a Solutions Architect by enhancing their understanding of enterprise architecture and alignment of IT strategies with organizational objectives. The Information System Auditing Governance and Management course's insights into IT standards, policies, procedures, and controls are deeply relevant to designing robust, secure, and compliant solutions. Understanding risk and governance principles helps ensure that proposed solutions are not only functional but also meet critical audit and compliance requirements.
For more career information including salaries, visit:
OpenCourser.com/course/o57k1t/information
Reading list
We've selected 23 books
that we think will supplement your
learning. Use these to
develop background knowledge, enrich your coursework, and gain a
deeper understanding of the topics covered in
Information System Auditing, Governance and Management.
This is the definitive guide produced by the official certifying body for the CISA exam. It covers all three modules of the course with absolute authority, serving as both a primary textbook and a long-term professional reference. It is essential for learners who wish to align their study of IT auditing and governance with international industry standards.
Highly popular alternative to the official manual, offering a more conversational tone while maintaining technical rigor. It provides excellent coverage of IT resource management and regulatory compliance, which are core components of Module 3. It is particularly valuable as a current reference for those preparing for professional certification alongside this course.
Frequently used as a university textbook, this book provides a comprehensive foundation for the Information System Auditing Process. It adds significant depth to the 'Execution' module by detailing specific audit procedures and control frameworks. It is an excellent resource for learners seeking a more academic and structured approach to IT governance.
This foundational reference tool for Module 3, focusing specifically on enterprise governance of information and technology. It outlines the globally recognized COBIT framework, which is central to the course's discussion on aligning IT strategies with organizational goals. It is more valuable as a technical reference than as a narrative read.
Focuses heavily on the practical execution of IT audits, providing the 'hands-on' knowledge mentioned in the course description. It includes detailed sections on sampling methodologies and data analytics, directly supporting the Week 2 syllabus. It useful tool for professionals who need to apply theoretical concepts to real-world audit projects.
Provides a thorough examination of risk-based audit planning and control testing, making it highly relevant to Modules 1 and 2. It offers practical insights into how to evaluate and test IT controls effectively, which primary learning objective of the course. It serves as a bridge between high-level governance and the technical details of system auditing.
This study guide is widely recognized for its clear explanations of complex IT auditing concepts and risk response methodologies. It is particularly helpful for providing background knowledge for learners who are new to the field of information systems. The book includes practice questions that mirror the graded quizzes found in the course.
Provides a simplified and practical guide to implementing the COBIT 2019 framework. It is an excellent supplement for Module 3, as it clarifies how to structure IT policies and standards to ensure operational consistency. It is more accessible than the raw ISACA standards while maintaining high professional relevance.
A deep dive into the data analytics portion of the Week 2 syllabus, this book explains how to leverage data to strengthen audit outcomes. It provides more breadth than the course video lectures on the topic of continuous auditing and real-time assurance. This vital reference for learners aiming to specialize in modern, data-driven audit techniques.
Provides the theoretical and practical framework for understanding Enterprise Architecture, a key topic in Module 3. It explains how structured frameworks support scalable and secure IT environments, adding significant depth to the course's high-level overview. It is best used as additional reading for those moving into management or architecture roles.
While general to internal auditing, this textbook is the gold standard for understanding audit planning and execution. It provides the foundational 'Theory' mentioned in the course description, particularly regarding risk-based audit planning and quality assurance. It is commonly used in academic institutions to prepare students for professional audit careers.
Save
Addresses the 'laws, regulations, and industry standards' segment of Module 3. It provides a comprehensive look at the legal landscape that influences IT governance and compliance, which key learning objective. It is highly valuable as a current reference for auditors who must ensure their organizations meet regulatory requirements.
This critical reference tool for any professional involved in IT audit and compliance. It provides the specific control catalogs that auditors use when evaluating and testing IT controls, as taught in Module 2. Although it government publication rather than a traditional book, its authority in the field of IT governance is unmatched.
A classic reference for the audit profession, this book covers the evolution of IT auditing and its role in modern business systems. It is highly relevant to the course's discussion of audit project management and quality management standards. It is more valuable as a comprehensive reference tool for long-term professional development than as a quick exam guide.
ITIL is the most widely used framework for IT service management and resource management, which are discussed in Module 3. provides background knowledge on IT standards and procedures that are essential for auditors to understand. It prerequisite for learners who want to understand the 'Management' side of Information System Management.
Focuses on the implementation of risk-based frameworks in a corporate setting. It supports the course's learning objective of understanding IT governance and compliance through a practical, business-centric lens. It is particularly useful for audit managers and consultants who need to explain risk concepts to non-technical stakeholders.
Provides a unique perspective on the skills required to execute effective audits, focusing on the auditor's professional journey. It adds breadth to the course by discussing the soft skills and project management aspects of the auditing process. It is useful additional reading for those looking to advance their career from staff auditor to audit manager.
As many modern information systems are cloud-based, this book provides essential modern context for the 'Execution' module. it explains how traditional audit evidence collection and testing change in a virtualized environment. It is highly recommended as additional reading to modernize the course's foundational auditing principles.
Save
Expands on the Week 2 topic of continuous auditing for real-time assurance. It provides detailed methodologies for implementing automated audit tools, which goes beyond the basic theory provided in the course lectures. It valuable reference for security professionals looking to implement more proactive monitoring controls.
This textbook provides a solid foundation in the technical aspects of IS auditing, including computer-assisted audit techniques (CAATs). It directly supports the 'Execution' module and the use of audit analytics. It is widely used in academic curricula and is excellent for building prerequisite knowledge in system controls.
Provides context for why IT governance is evolving in the digital age. It helps learners understand the organizational objectives that IT strategy must align with, as discussed in Module 3. It is valuable as high-level background reading for consultants and IT managers.
Save
A concise exam preparation book that focuses on the core domains tested in the CISA exam. It is highly relevant to the course's primary goal of exam preparation. It is best used as a final review tool after completing the course modules to reinforce key audit and governance concepts.
For more information about how these books relate to this course, visit:
OpenCourser.com/course/o57k1t/information
Share
Similar courses
Similar courses are unavailable at this time. Please try again later.
Effort
2 weeks of study, 2 hours/week
Level
Intermediate
Via
Coursera
Institution
Whizlabs
Instructor
Whizlabs Instructor
Session
October 27, 2025
- November 24, 2025
Language
English
Our mission
OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.
Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.
Find this site helpful? Tell a friend about us.
Affiliate disclosure
We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.
Your purchases help us maintain our catalog and keep our servers humming without ads.
Thank you for supporting OpenCourser.
© 2016 - 2025 OpenCourser