We may earn an affiliate commission when you visit our partners.
Pearson
Register for this course and see more details by visiting:
OpenCourser.com/course/q9casw/cisa
Here's a deal for you
Save money when you learn with a deal that may be relevant to this course.
All coupon codes, vouchers, and discounts are applied automatically unless otherwise noted.
Get offer
What's inside
Syllabus
Save this course
Create your own learning path.
Save this course to your list so you can find it easily later.
Save
Save
Activities
Coming soon
We're preparing activities for
CISA Certified Information Systems Auditor: Unit 1.
These are activities you can do either before, during, or after a course.
Career center
Learners who complete CISA Certified Information Systems Auditor: Unit 1 will develop knowledge and skills
that may be useful to these careers:
Information Systems Auditor
Information Systems Auditor
An Information Systems Auditor plays a vital role in evaluating an organization's information technology infrastructure and processes to ensure they are secure, efficient, and compliant with regulations. This course directly aligns with the core responsibilities of an Information Systems Auditor, providing foundational knowledge in auditing concepts and their critical role in enhancing organizational security. Learners will gain an understanding of audit project management and effective data sampling techniques, which are crucial for conducting thorough system audits. The emphasis on applying industry-standard frameworks and helping organizations improve information security practices makes this an ideal stepping stone into this career.
IT Auditor
IT Auditor
An IT Auditor focuses on reviewing and assessing an organization's information technology systems, applications, and operations. This role is crucial for identifying vulnerabilities, ensuring data integrity, and verifying compliance. This course offers a robust introduction to the fundamental concepts of auditing and its critical importance in organizational security, directly relevant to an IT Auditor's daily tasks. Learners will acquire knowledge of audit project management and data sampling techniques, essential for executing effective IT audits. Furthermore, the course's focus on helping organizations improve their information security practices prepares individuals to make tangible contributions in an IT Auditor capacity.
Cybersecurity Auditor
Cybersecurity Auditor
A Cybersecurity Auditor specializes in evaluating an organization's cybersecurity posture, identifying weaknesses, and ensuring adherence to security policies and industry best practices. This course is highly relevant for aspiring Cybersecurity Auditors, as it deepens understanding of auditing's critical role in enhancing organizational security. Learners will explore audit project management and practical data sampling techniques, which are indispensable for conducting comprehensive cybersecurity assessments. The curriculum's emphasis on applying industry-standard frameworks and empowering individuals to help organizations improve their overall information security practices is particularly beneficial for a career as a Cybersecurity Auditor.
Governance Risk and Compliance Specialist
Governance Risk and Compliance Specialist
A Governance Risk and Compliance Specialist integrates and manages an organization's governance practices, risk management processes, and compliance requirements. This course provides a foundational understanding of auditing, which is central to all three pillars of GRC. Learners will delve into the critical role of audits in enhancing organizational security and identifying risks, enabling them to contribute effectively to GRC strategies. The course's emphasis on audit project management and the application of industry-standard frameworks directly supports the structured and methodical approach required for a Governance Risk and Compliance Specialist to build and maintain robust organizational oversight.
Information Security Consultant
Information Security Consultant
An Information Security Consultant advises organizations on strategies to protect their information assets, often involving assessments, policy development, and implementation of security controls. This course is highly beneficial for an Information Security Consultant. It equips individuals with fundamental auditing concepts and an understanding of auditing's critical role in enhancing organizational security. Consultants regularly perform assessments that mirror audit activities. Knowledge of audit project management, effective data sampling techniques, and applying industry-standard frameworks directly translates into the ability to assess client environments effectively and recommend robust improvements to their information security practices.
Compliance Officer
Compliance Officer
A Compliance Officer ensures that an organization adheres to applicable laws, regulations, and internal policies, often with a significant focus on data privacy and information security mandates. This course provides a structured approach to understanding how audits verify adherence to these standards. Learners will grasp the fundamental concepts of auditing and its critical role in enhancing organizational security, which is paramount for a Compliance Officer. The application of industry-standard frameworks, as taught, is directly relevant to navigating complex regulatory landscapes and establishing robust compliance programs within an organization.
Vendor Risk Management Specialist
Vendor Risk Management Specialist
A Vendor Risk Management Specialist assesses and mitigates the risks associated with third-party vendors, particularly concerning their information security practices and compliance. This course is highly relevant, as it provides fundamental concepts of auditing and its critical role in enhancing organizational security. For a Vendor Risk Management Specialist, applying effective data sampling techniques and industry-standard frameworks, as taught in this course, is crucial for evaluating vendor controls and ensuring they meet organizational and regulatory requirements. This expertise enables specialists to effectively audit vendor security postures and help improve their information security practices.
Risk Management Analyst
Risk Management Analyst
A Risk Management Analyst identifies, assesses, and mitigates potential risks to an organization's assets and operations, often with a significant focus on information technology risks. This course offers a strong foundation for this role by introducing basic concepts of auditing and understanding risks. Learners will gain insights into the critical importance of audits in identifying vulnerabilities and their role in enhancing organizational security. The curriculum's discussion of audit project management and applying industry-standard frameworks directly supports the structured approach a Risk Management Analyst takes to evaluate and manage risks across an enterprise.
Internal Auditor
Internal Auditor
An Internal Auditor provides independent, objective assurance and consulting services designed to add value and improve an organization's operations. While internal auditing covers various domains, an understanding of IT and information security is increasingly vital. This course introduces the basic concepts of auditing and its critical role in enhancing organizational security, directly applicable to an Internal Auditor's work. It helps build a foundation in audit project management and effective data sampling techniques, which are universal auditing skills. Furthermore, the ability to help organizations improve information security practices is a valuable asset for any Internal Auditor in today's digital landscape.
Data Protection Officer
Data Protection Officer
A Data Protection Officer (DPO) oversees an organization's data protection strategy and implementation to ensure compliance with privacy regulations like GDPR. This course provides crucial insights into how audits verify compliance and enhance security around sensitive data. Learners will understand the critical role of audits in enhancing organizational security—a direct concern for data protection. The course's focus on industry-standard frameworks and helping organizations improve their information security practices directly supports a DPO's responsibility to establish robust data protection controls and ensure ongoing adherence to privacy mandates.
Information Security Analyst
Information Security Analyst
An Information Security Analyst is responsible for protecting an organization's computer systems and networks from cyber threats. This includes monitoring for security breaches, implementing security measures, and responding to incidents. While not solely an auditing role, the principles learned in this course are highly valuable. The course's focus on the fundamental concepts of auditing and its critical role in enhancing organizational security provides a crucial perspective for an Information Security Analyst. Understanding how audits identify risks and improve security practices offers a holistic view, complementing technical skills by enabling analysts to build more secure systems and processes.
Chief Information Security Officer
Chief Information Security Officer
A Chief Information Security Officer (CISO) is a senior-level executive responsible for an organization's comprehensive information and data security strategy. This role typically requires extensive experience, often including an advanced degree. This course provides a fundamental understanding of auditing concepts and their critical role in enhancing organizational security, which is a key pillar of a CISO's leadership. While a CISO primarily focuses on strategy, familiarity with audit project management, data sampling, and industry-standard frameworks helps in overseeing audit processes and ensuring the organization's security posture is rigorously evaluated and continually improved, driving strategic security initiatives.
Security Program Manager
Security Program Manager
A Security Program Manager oversees and coordinates multiple cybersecurity initiatives and projects, ensuring they align with an organization's security strategy and objectives. This course provides a foundational understanding of auditing and its critical role in enhancing organizational security. For a Security Program Manager, knowing how audits identify risks and assess the effectiveness of security controls is essential for designing and implementing robust security programs. The course's emphasis on audit project management and applying industry-standard frameworks directly contributes to the ability to manage security initiatives in a structured, compliant, and continuously improving manner, driving program success.
IT Project Manager
IT Project Manager
An IT Project Manager guides technology initiatives from conception to completion, often encompassing complex security implementations or compliance upgrades. While primarily focused on delivery, understanding audit processes is invaluable. This course may be useful by providing a module on audit project management, alongside knowledge of effective data sampling and industry-standard frameworks. This directly equips an IT Project Manager to lead security-focused projects more effectively, helping them embed security best practices, anticipate compliance requirements, and ensure project outcomes contribute positively to enhancing organizational security, making them a more well-rounded and security-aware project lead.
Security Operations Center Analyst
Security Operations Center Analyst
A Security Operations Center Analyst monitors, detects, analyzes, and responds to cybersecurity incidents. While primarily operational, understanding the broader security landscape and audit requirements is valuable. This course may be useful by providing an understanding of the critical role of audits in enhancing organizational security. This perspective can help an SOC Analyst appreciate why certain security controls are in place and how their operational activities contribute to overall audit readiness and compliance. The insights into risks and industry-standard frameworks can also inform their threat detection and response strategies, linking their daily work to broader security assurance goals.
For more career information including salaries, visit:
OpenCourser.com/course/q9casw/cisa
Reading list
We haven't picked any books for this reading list yet.
This textbook provides a comprehensive overview of risk management for information systems. It covers all aspects of risk management, from risk identification and assessment to risk mitigation and monitoring.
This professional association provides a wide range of resources on information systems auditing and control. ISACA's publications, conferences, and training courses are essential resources for anyone working in this field.
Save
This framework is designed to help organizations govern and manage their information and technology. COBIT provides a comprehensive set of best practices that can be used to improve the effectiveness and efficiency of information systems auditing and control.
This handbook provides a comprehensive overview of information security management. It covers all aspects of information security, from security planning and strategy to security operations and incident response.
This study guide is designed to help candidates prepare for the Certified Information Systems Auditor (CISA) exam. It covers all the topics that are tested on the exam, including information systems auditing, control, and security.
This publication provides guidance on how to conduct security assessments of information systems. NIST SP 800-53 is used by organizations of all sizes to assess their security risks and to develop appropriate security controls.
This standard provides guidance on how to audit service organizations. SAS 70 is used by organizations that provide services to other organizations, such as cloud computing providers and data centers.
Provides a comprehensive overview of information systems auditing. It covers all aspects of auditing, from planning and risk assessment to reporting and follow-up. The book is written in a clear and concise style, and it valuable resource for anyone working in the field of information systems auditing.
This classic textbook provides a comprehensive overview of the auditing process. It covers all aspects of auditing, from planning and risk assessment to reporting and follow-up.
Is written for internal auditors who want to learn more about IT auditing. It covers all the essential elements, including: planning, risk assessment, internal control evaluation, testing, reporting, and follow-up.
Presents a comprehensive overview of the principles and techniques of IT auditing. It covers all the essential elements, including: planning, risk assessment, internal control evaluation, testing, reporting, and follow-up.
Valuable resource for IT auditors. It covers a wide range of topics, including: IT governance, risk management, internal controls, and IT audit techniques.
Provides a concise and comprehensive overview of how to audit information systems. It covers all the essential elements, including: planning, risk assessment, internal control evaluation, testing, reporting, and follow-up.
Practical guide to IT auditing. It covers all the essential elements, including: planning, risk assessment, internal control evaluation, testing, reporting, and follow-up.
Contains the ITIL v3 framework developed by AXELOS. It valuable resource for IT auditors who want to understand how to manage IT services.
Save
Contains the COBIT 5 framework developed by ISACA. It valuable resource for IT auditors who want to understand how to govern and manage enterprise IT.
Provides guidance on how to manage IT risk. It covers all the essential elements, including: risk assessment, risk mitigation, and risk monitoring.
Save
Provides guidance on how to audit big data environments. It covers all the essential elements, including: risk assessment, control testing, and reporting.
Gives you a broad overview of what IT auditing is, the value that it brings, the different techniques and approaches that you can take, and how to set up your own IT audit function within your organization.
Provides a practical guide to risk management, including risk identification, assessment, and mitigation. It valuable resource for anyone who wants to learn more about risk management or improve their risk management skills.
For more information about how these books relate to this course, visit:
OpenCourser.com/course/q9casw/cisa
Share
Similar courses
Similar courses are unavailable at this time. Please try again later.
Effort
2 hours 30 minutes
Level
Intermediate
Via
Coursera
Institution
Pearson
Instructor
Pearson
Session
October 27, 2025
- November 10, 2025
Language
English
Transcript
English
Our mission
OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.
Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.
Find this site helpful? Tell a friend about us.
Affiliate disclosure
We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.
Your purchases help us maintain our catalog and keep our servers humming without ads.
Thank you for supporting OpenCourser.
© 2016 - 2025 OpenCourser