Kegagalan dalam tata kelola serta pengendalian Sistem dan Teknologi Informasi (STI) masih menjadi tantangan serius bagi banyak organisasi. Laporan industri menunjukkan bahwa lemahnya kontrol dan pengawasan STI berkontribusi pada rendahnya nilai bisnis dari investasi TI, meningkatnya risiko operasional, serta ketidakpatuhan terhadap regulasi (Gartner, 2023). Kondisi ini menegaskan bahwa audit sistem informasi bukan sekadar aktivitas kepatuhan, melainkan kapabilitas strategis untuk memastikan TI mendukung tujuan bisnis dan pengelolaan risiko organisasi secara efektif.
Course ini dirancang sebagai program persiapan sertifikasi Certified Information Systems Auditor (CISA) yang menekankan keseimbangan antara pemahaman konseptual dan kesiapan menghadapi ujian. Materi course mencakup 5 domain, yaitu proses audit sistem informasi, tata kelola dan manajemen TI, akuisisi dan pengembangan sistem, operasi dan ketahanan bisnis, serta perlindungan aset informasi (ISACA, 2024). Model pembelajaran mengombinasikan pembahasan terstruktur setiap domain CISA, analisis skenario audit, serta drill latihan soal dan simulasi ujian secara intensif. Pendekatan ini membantu peserta memahami what, why, dan how audit sistem informasi dilakukan secara end-to-end, sekaligus meningkatkan kepercayaan diri dan ketepatan strategi dalam menghadapi ujian sertifikasi CISA.
OBJECTIVES
1. Memahami pengetahuan yang diperlukan untuk memberikan layanan audit sesuai dengan standar information systems (IS) audit
2. Memahami bahwa struktur organisasi dan proses yang diperlukan berada di tempat yang tepat untuk mencapai tujuan dan mendukung strategi perusahaan
3. Memahami bahwa praktek untuk sistem akuisisi telah sesuai dan memenuhi kebutuhan dan strategi suatu perusahaan
4. Memahami bahwa proses operasi, pemeliharaan, dan dukungan suatu sistem informasi memenuhi strategi dan tujuan organisasi
5. Memahami bahwa kebijakan keamanan, standar, prosedur dan pengendalian di suatu perusahaan itu menjamin kerahasiaan, integritas dan ketersediaan aset informasi
AUDIENCE
1. IS/IT Auditors
2. IS/IT Professionals
3. Security Professionals
4. IS/IT Managers
5. Finance Professionals
PREREQUISITES
Tidak ada training khusus yang dipersyaratkan
CONTENT
1. Information System Auditing Process
1.1. IS Audit Standards, Guidelines and Codes of Ethics
1.2. Business Processes
1.3. Types of Controls
1.4. Risk-based Audit Planning
1.5. Types of Audits and Assessments
1.6. Audit Project Management
1.7. Sampling Methodology
1.8. Audit Evidence Collection Techniques
1.9. Data Analytics
1.10. Reporting and Communication Techniques
1.11. Quality Assurance and Improvement of the Audit Process
2. Governance and Management of IT
2.1. IT Governance and IT Strategy
2.2. IT-related Frameworks
2.3. IT Standards, Policies, and Procedures
2.4. Organizational Structure
2.5. Enterprise Architecture
2.6. Enterprise Risk Management
2.7. Maturity Models
2.8. Laws, Regulations and Industry Standards Affecting the Organization
2.9. IT Resource Management
2.10. IT Service Provider Acquisition and Management
2.11. IT Performance Monitoring and Reporting
2.12. Quality Assurance and Quality Management of IT
3. Information Systems Acquisition, Development and Implementation
3.1. Project Governance and Management
3.2. Business Case and Feasibility Analysis
3.3. System Development Methodologies
3.4. Control Identification and Design
3.5. Testing Methodologies
3.6. Configuration and Release Management
3.7. System Migration, Infrastructure Deployment and Data Conversion
3.8. Post-implementation Review
4. Information Systems Operations and Business Resilience
4.1. Common Technology Components
4.2. IT Asset Management
4.3. Job Scheduling and Production Process Automation
4.4. System Interfaces
4.5. End-User Computing
4.6. Data Governance
4.7. Systems Performance Management
4.8. Problem and Incident Management
4.9. Change, Configuration, Release, and Patch Management
4.10. IT Service Level Management
4.11. Database Management
4.12. Business Impact Analysis (BIA)
4.13. System Resiliency
4.14. Data Backup, Storage, and Restoration
4.15. Business Continuity Plan (BCP)
4.16. Disaster Recovery Plans (DRPs)
5. Protection of Information Assets
5.1 Information Asset Security Frameworks, Standards, and Guidelines
5.2. Privacy Principles
5.3. Physical Access and Environmental Controls
5.4. Identity and Access Management
5.5. Network and End-point Security
5.6. Data Classification
5.7. Data Encryption and Encryption-related Techniques
5.8. Public Key Infrastructure (PKI)
5.9. Web-based Communication Technologies
5.10. Virtualized Environments
5.11. Mobile, Wireless, and Internet-of-Things (IOT) Devices
5.12. Security Awareness Training and Programs
5.13. Information System Attack Methods and Techniques
5.14. Security Testing Tools and Techniques
5.15. Security Monitoring Tools and Techniques
5.16. Incident Response Management
5.17. Evidence Collection and Forensics
Course Features
- Lectures 62
- Quizzes 8
- Duration 40 hours
- Skill level All levels
- Language Indonesia
- Students 104
- Certificate Yes
- Assessments Yes
Online
- Start Date 20 April 2026
- End Date 24 April 2026
- Cost Rp6.900.000,-
- Registered 1 Person
- Confirmed 1 Person Daftar
Offline
- Start Date 20 April 2026
- End Date 24 April 2026
- Cost Rp7.900.000,-
- Registered 0 Person
- Confirmed 0 Person Daftar
- 8 Sections
- 62 Lessons
- 40 Hours
- PERSIAPAN2
- 1. INFORMATION SYSTEM AUDITING PROCESS10
- 2.11.1. IS Audit Standards, Guidelines and Codes of Ethics
- 2.21.2. Types of Audits, Assessments and Reviews
- 2.31.3. Risk-based Audit Planning
- 2.41.4. Types of Controls and Considerations
- 2.51.5. Audit Project Management
- 2.61.6. Audit Testing and Sampling Methodology
- 2.71.7. Audit Evidence Collection Techniques
- 2.81.8. Audit Data Analytics
- 2.91.9. Reporting and Communication Techniques
- 2.101.10. Quality Assurance and Improvement of the Audit Process
- 2. GOVERNANCE AND MANAGEMENT OF IT11
- 3.12.1. Laws, Regulations and Industry Standards
- 3.22.2. Organizational Structure, IT Governance and IT Strategy
- 3.32.3. IT Policies, Standards, Procedures and Guidelines
- 3.42.4. Enterprise Architecture and Considerations
- 3.52.5. Enterprise Risk Management
- 3.62.6. Data Privacy Program and Principles
- 3.72.7. Data Governance and Classification
- 3.82.8. IT Resource Management
- 3.92.9. IT Vendor Management
- 3.102.10. IT Performance Monitoring and Reporting
- 3.112.11. Quality Assurance and Quality Management of IT
- 3. INFORMATION SYSTEMS ACQUISITION, DEVELOPMENT AND IMPLEMENTATION8
- 4.13.1. Project Governance and Management
- 4.23.2. Business Case and Feasibility Analysis
- 4.33.3. System Development Methodologies
- 4.43.4. Control Identification and Design
- 4.53.5. System Readiness and Implementation Testing
- 4.63.6. Implementation Configuration and Release Management
- 4.73.7. System Migration, Infrastructure Deployment and Data Conversion
- 4.83.8. Post-implementation Review
- 4. INFORMATION SYSTEMS OPERATIONS AND BUSINESS RESILIENCE16
- 5.14.1. IT Components
- 5.24.2. IT Asset Management
- 5.34.3. Job Scheduling and Production Process Automation
- 5.44.4. System Interfaces
- 5.54.5. End-User Computing and Shadow IT
- 5.64.6. Systems Availability and Capacity Management
- 5.74.7. Problem and Incident Management
- 5.84.8. IT Change, Configuration and Patch Management
- 5.94.9. Operational Log Management
- 5.104.10. IT Service Level Management
- 5.114.11. Database Management
- 5.124.12. Business Impact Analysis (BIA)
- 5.134.13. System and Operational Resilience
- 5.144.14. Data Backup, Storage, and Restoration
- 5.154.15. Business Continuity Plan (BCP)
- 5.164.16. Disaster Recovery Plans (DRPs)
- 5. PROTECTION OF INFORMATION ASSETS15
- 6.15.1. Information Asset Security Frameworks, Standards, and Guidelines
- 6.25.2. Physical and Environmental Controls
- 6.35.3. Identity and Access Management
- 6.45.4. Network and Endpoint Security
- 6.55.5. Data Loss Prevention
- 6.65.6. Data Encryption
- 6.75.7. Public Key Infrastructure
- 6.85.8. Cloud and Virtualized Environments
- 6.95.9. Mobile, Wireless and Internet of Things Devices
- 6.105.10. Security Awareness Training and Programs
- 6.115.11. Information System Attack Methods and Techniques
- 6.125.12. Security Testing Tools and Techniques
- 6.135.13. Security Monitoring Logs, Tools and Techniques
- 6.145.14. Security Incident Response Management
- 6.155.15. Evidence Collection and Forensics
- CISA EXAM SIMULATIONS6
- 7.1CISA Exam Simulation 160 Minutes50 Questions
- 7.2CISA Exam Simulation 260 Minutes50 Questions
- 7.3CISA Exam Simulation 360 Minutes50 Questions
- 7.4CISA Complete Exam Simulation A240 Minutes150 Questions
- 7.5CISA Complete Exam Simulation B240 Minutes150 Questions
- 7.6CISA Complete Exam Simulation C240 Minutes150 Questions
- PENUTUPAN2
