rise's training catalog

RISE Training Catalog

Rise for Information Technology Services

“47th Office Building Section 1,

Street 90-North, New Cairo”

Email: [email protected]

Website: www.riseitadvisory.com

Learn from the best trainers and

audit, risk, fraud and security

experts who share their

experiences and real life

examples.

Develop new skills to enable you

to deliver an immediate return

from your training experience.

Gain access to vital information

and expertise in your industry.

Share new ideas, strategies and

perspectives with others through

interactive classroom discussions.

mailto:[email protected]

http://www.riseitadvisory.com/

RISE for Information Technology Services ــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــ

ــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــــ “47th Office Building Section 1,


www.riseitadvisory.com

Contents Course ID Course Name

CRT-CISA Certified Information System Auditor

CRT-CISM Certified Information System Manager

CRT-CRISC Certified in Risk and Information Systems Control

STD-COBIT5 COBIT 5 for Assurance: Improve your IT Assurance with COBIT 5

ITA - ITGC- 01 IT Audit For Non IT “IT General Control & Application Control”

ITA - SAP - 01 Auditing SAP Application

ITA - Oracle - 01 Auditing Oracle Application & Oracle Data Base

DA- ACL - 01 ACL: Data Analysis for Assurance Services

DA- ACL - 02 ACL: Fraud analysis techniques

DA- ACL - 03 ACL: Scripting Data Analysis Tasks

DA - IDEA - 01 IDEA: Data Analysis for Assurance Services

DA - IDEA - 02 IDEA: Fraud analysis techniques

DA - IDEA - 03 IDEA: Scripting Data Analysis Tasks





CISA Certified Information System Auditor

Duration: 48 H.

Prerequisite: None

1.The Process of Auditing Information Systems

ISACA IT Audit and Assurance Standards,

Guidelines and Tools and Techniques

Risk assessment in an audit context

Control Objectives related to information

systems

Audit planning and management techniques

Control Objectives and IS-Related Controls

Risk Assessment in an Audit Context

Audit Planning and Management Techniques

Reporting and Communication Techniques

Control Self-Assessment

2.CISA's Role in IT Governance

IT Governance Frameworks

IT strategy, policies, standards and procedures

Organizational structure roles and responsibilities

related to IT

Quality Management systems

Enterprise risk management

Process Improvement Models

Monitoring and Reporting IT Performance

Business impact analysis

Business continuity planning

3.CISA's Role in Systems and Infrastructure Life

Cycle Management

Benefits realization practices

Project governance mechanisms

Project management control frameworks,

practices and tools

Risk management practices

System development methodologies and tools

System migration and infrastructure deployment

practices

Post-implementation review objectives and

practices

4.CISA's Role in IT Service Delivery and

Support

Service level management practices

Operations management

Technology concepts related to networks,

system software and database management

systems

System resiliency tools and techniques

Database administration practices

Capacity planning and monitoring techniques

Problem and incident management practices

Disaster recovery plans and testing methods

5.CISA's Role in Protection of Information

Assets

Security controls

Security incidents

Logical access controls

Network security controls

Network and Internet security

Attack methods and techniques

Security testing techniques

Encryption related technologies

PKI components and digital signature

techniques

Security of mobile and wireless devices

Voice communications security

Data classification schemes

Physical access controls

Environmental protection devices

Process and procedures for information asset





CISM Certified Information System Manager

Duration: 48 H.

Prerequisite: None

1.Information Security Governance

Information Security Governance Overview

Effective Information Security Governance

Information Security Concepts and Technologies

Governance and Third-party Relationships

Information Security Governance Metrics

Information Security Strategy Objectives

Information Security Strategy Development

Strategy Resources

Strategy Constraints

Action Plan To-Implement Strategy

Implementing Security Governance

Action Plan Intermediate Goals

Information Security Program

2.Information Risk Management & Compliance

Risk Management Overview

Risk Management Strategy

Effective Information Security Risk Management

Information Security Risk Management Concepts

Implementing Risk Management

Risk Assessment and Analysis Methodologies

Integration With Life Cycle Processes

Security Control Baselines120

Risk Monitoring and Communication

Training and Awareness

3.Information Security Program Development

and Management

Information Security Program Management

Overview

Information Security Program Objectives.

Information Security Program Concepts

Scope and Charter of an Information Security

Program

The Information Security Management Framework

Information Security Framework Components

Defining an Information Security Program Road

Map

Information Security Infrastructure and

Architecture

Architecture Implementation

Security Program Management and Administrative

Activities

Security Program Services and Operational

Activities

Controls And Countermeasures

Security Program Metrics and Monitoring

Common Information Security Program

Challenges.

4.Information Security Incident Management

Incident Management Overview

Incident Response Procedures

Incident Management Organization.

Incident Management Resources.

Incident Management Objectives

Incident Management Metrics and Indicators.

Defining Incident Management Procedures

Current State of Incident Response Capability

Developing An Incident Response Plan

Business Continuity and Disaster Recovery

Procedures

Testing Incident Response and Business

Continuity/Disaster Recovery Plans

Executing Response And Recovery Plans

Post incident Activities and Investigation





CRISC Certified in Risk and Information System Control

Duration: 32 H.

Prerequisite: None

1.Risk Identification Assessment & Evaluation

Risk Management Process

Risk Governance

Guiding Principles for Effective Risk

Management

Risk Evaluation Process

Risk Assessment Process

Risk Identification Process

The Business Impact of IT Risk

Application Guidelines for Risk appetite and

Risk Tolerance

Risk Hierarchy

Risk Scenario

Risk Factors

Risk Analysis Process

Risk Analysis methods

Identifying and assessing IT risk

Adverse Impact of Risk Event

Business Impact Analysis

2.Risk Response

Risk Response Process

High level Risk Response Process

Risk Response Options

Risk Response process parameters

Risk Response Prioritization

Risk Response Prioritization options

Risk Response Prioritization Factors

Risk Mitigation Control Types

Risk Response Programs

3.Risk Monitoring

Risk Monitoring Process

Risk Indicators

Key Performance Indicators (KPIs)

Key Risk Indicators (KRIs)

Gathering KRI information / data

Maturity level Assessment

Changing Threat levels

Changes in Asset Value

Risk Reporting

4.Information Systems Control Design and

Implementation

Control

Control Categories

Control types

Control Types and Effects

Control Strength

Control Costs and Benefits

Total Cost of ownership for Controls

Software development life Cycle (SDLC) Process

HR Practices

5. Information Systems Control Monitoring and

Maintenance

IS Control Monitoring Process

IS Control Monitoring and Maintenance Process

Phases

Gathering Monitoring Data

Key Control Indicators (KCIs)

Select & Implement Automated Monitoring Tools

Monitoring Tools

Transaction Data Monitoring

Compliance Monitoring

Process Monitoring

Continuous Monitoring

Cause and Effect Diagram





STD – COBIT 5 COBIT 5 for Assurance: Improve your IT Assurance with COBIT 5

Duration: 24 H.

Prerequisite:

Introduction Assurance Defined

Three Party Relationship

Subject Matter

Suitable Criteria

Execution

Conclusion

The Assurance Process

Principles of providing assurance

Principle 1: Meeting Stakeholder Needs

Principle 2: Covering Enterprise End-to-end

Principle 3: Applying a Single Integrated

Framework

Principle 4: Enabling a Holistic Approach

Principle 5: Separating Governance From

Management

The Assurance Function Perspective

Introduction to Enablers

Enabler 1: Principles, Policies and Frameworks

o Principles, Policies and Frameworks Model

o Assurance-Related Principles, Policies and

Frameworks

o ISACA Code of Professional Ethics

Enabler 2: Processes

o The Process Model

o Processes Supporting the Assurance

Function

Enabler 3: Organizational Structures

o The Organizational Structures Model

o Assurance-related Organizational Structures

Enabler 4: Culture, Ethics and Behavior

o The Culture, Ethics and Behavior Model

Enabler 5: Information

o The Information Model

o Assurance-related Information Entities

Enabler 6: Services, Infrastructure and

Applications

o The Services, Infrastructure and

Applications Model

o Assurance-related Services, infrastructure

and Applications

Enabler 7: People, Skills and Competencies

o The People, Skills and Competencies Model

o Assurance-related Skills and Competencies

Providing Assurance over a Subject Matter

Core Assurance Processes

Introduction and Overview of the Assessment

Approach

Phase A - Determine Scope of the Assurance

Initiative

Phase B - Understand the Enablers, Set

Suitable Assessment Criteria and Perform the

Assessment

Phase C - Generic Approach for

Communicating on an Assurance Initiative

How COBIT 5 for Assurance relates to Other

Standards

ITAF 2nd Edition

International Professional Practices Framework

(IPPF) For Internal Auditing Standards 2013

Statement on Standards for Attestation

Engagement No 16 (SSAE 16)





ITA – ITGC -01 IT Audit For Non IT “IT General Control & Application Control”

Duration: 24 H.

Prerequisite: None

IT Systems overview:

People.

Hardware.

Software.

Network.

Data.

Storage.

Processes of an IT system.

Controls.

IT Risk

General IT Controls.

Access Security

Logical and physical access controls.

Segregation of duties of the IT functions.

System Development & Acquisition

System Development Life Cycle.

Testing of new systems and applications.

Change Controls

Change management procedures.

Migration changes into production.

Computer Operations

Backup and disaster recovery procedures.

Incident and problem management.

Processing of system jobs.

End user computing:

Test of controls related to end-user systems.

Application Controls.

Key concepts of application controls:

Definition of application controls.

Input, processing and output.

Authorized, accurate and complete.

Relationship between Application controls and

ITGC.

Typical types of application controls.





ITA - SAP -01 Auditing SAP Application

Duration: 32 H.

Prerequisite: None

Introduction to Enterprise Resource

Planning System & SAP ERP

Major SAP Modules

Navigating the SAP ERP System

Fundamental changes in Business Control

Strategic Risk management in SAP

Environment

Strategic Business Risks and Key Management

Controls

Application Security and Technical

Infrastructure

The Importance of Establishing a Control

Framework

ERP Audit Approach

Audit Impacts Arising from the implementation

of ERP

Recommended SAP ERP Audit Framework

Numbering Sequence for Risk, Controls and

Techniques

SAP ERP Revenue Business Cycle

Master Data Maintenance

Sales Order Processing

Shipping, Invoicing, Returns and Adjustments

Collecting and Processing Cash Receipts

Auditing the SAP ERP Revenue Business Cycle

Master data Maintenance

Sales Order Processing

Shipping, Invoicing, Returns and Adjustments

Collecting and Processing Cash Receipts

SAP ERP Expenditure business cycle

Master Data maintenance

Purchasing

Invoice Processing

Processing Disbursements

Auditing the SAP ERP Expenditure business

cycle

Master Data maintenance

Purchasing

Invoice Processing


SAP ERP Inventory Business Cycle


Raw Material Management

Producing and costing Inventory

Handling and shipping Finished Goods

Auditing the SAP ERP Inventory Business

Cycle


Raw Material Management

Producing and costing Inventory

Handling and shipping Finished Goods

Inventory Cycle Controls and Financial

Statements Assertions

SAP ERP Basis application Infrastructure

SAP ERP Architecture

SAP ERP Basis Application Infrastructure

The Implementation Guide and Organization

Management Model

The Profile Generator and Security

Administrator

Audit Implications

Auditing the SAP ERP Basis application

infrastructure

Implementation Guide

Authorization Documentation

Super-user Sap *

Default Users

SAP_All and SAP_New





ITA - SAP -01 Auditing Oracle Application

Duration: 32 H.

Prerequisite: None

Introduction to Oracle E-Business Suite and

ERP Systems

Overview

Oracle Software

Systems Software

Business Applications Software

Improved Business Insight

Adaptive Business Processes

Financial Applications

Strategic Risk Management in an Oracle

Environment

Business IT Risks and Key Management

Controls

Project Management

Business Process/Function

Business Process Reengineering: Key Controls

Application Security and Technical

Infrastructure

Data Conversion and Program Interfaces

The Importance of Establishing a Control

Framework

Establishing an Organizational Control

Framework

Defining the Control Framework for an ERP

Environment

ERP Audit Approach

Audit Impacts Arising from the

Implementation of ERP

Audit Skills Requirement

Audit Methodology

Nature and Timing of Audit Involvement

Extent of Audit Involvement

Audit Responsibilities

Adopting a Risk-Based Audit Approach

Oracle E-Business Suite Configuration

Concept and Testing Configurable Controls

Oracle E-Business Suite—Financial

Accounting Business Cycle

Introduction

Master Data Maintenance (Chart of Accounts)

Chart of Account Structure

Accounting Calendar

Multiple Reporting Currencies

Account Numbers

Auditing Oracle E-Business Suite—Financial

Accounting Business Cycle

Overview


Journal Processing

Reconciliation and Financial Reporting

Oracle E-Business Suite—Expenditure

Business Cycle

Overview


Purchasing

Purchase Requisitions

Purchase Orders

Auto - creation

Approved Supplier List

Distribution Sets

Oracle Setup Parameters

Document Types

Auditing Oracle E-Business Suite—

Expenditure Business Cycle

Overview


Techniques

Purchasing

Invoice Processing






DA – ACL – 01 Data Analysis for Assurance Services

Duration: 24 H.

Prerequisite: None

Take first look at ACL

Making effective business decisions

What can I use ACL for?

How does ACL read data?

How do I apply ACL to my project?

Organizing your project items

Viewing and modifying your tables

Changing the columns in a view

Adding a computed value as a column

Adding a computed value as a field

Sorting a view with Quick Sort

Getting answers from your data

Choosing the appropriate command

Viewing command results

Using filters to isolate records of interest

Applying view filters using Quick Filter

Searching for records

Reviewing the log of your past activities

Plan your project

Identifying the project objectives.

Identifying the technical requirements

Identifying analytical procedures

Acquire data for your project

Guidelines for acquiring data

Requesting files and layouts

Example of a request for data

Obtaining data from a server

Obtaining data from a PC

Access your data

Starting a new project in ACL

Creating tables to access your data

Accessing data with the wizard

Accessing data manually

Verify the integrity of your data

Counting records

Totaling numeric fields

Checking for validity errors

Analyze your data

Summarizing data

Producing a stratified summary

Producing aged summaries

Classifying records by a character field

Summarizing on character fields

Cross-tabulating character fields

Examining sequential data

Testing the sequential order of records

Testing for gaps and duplicates in sequential

data

Extracting and exporting records Extracting

data to a new table

Exporting data to another application

Sorting and indexing tables

Surveying your data

Generating descriptive statistics on numeric

fields

Generating summary statistics on numeric

fields

Working with multiple tables

Joining tables

Merging two tables

Using Extract-and-append

Adding notes to records

Sampling with ACL

Report your findings

Exporting Results

Designing and printing reports





DA – ACL – 02 Fraud Analysis Techniques

Duration: 24 H.

Prerequisite: DA – ACL – 01

Fraud Detection

Defining Fraud

Anomalies versus Fraud

Types of Fraud

Assess the Risk of Fraud

Fraud Detection

Recognizing Fraud

Anomalies versus Fraud within Data

Fraudulent Data Inclusions and Deletions

Benford’s Law

Identifying Anomalous Data.

Understanding Benford’s Law

Identifying Irregularities

Running Benford Analysis

Skimming and Cash Larceny

Skimming

Cash Larceny

Billing Schemes

Data and Data Familiarization

Relative Size Factor Test

Z-Score

Even Dollar Amounts

Same-Same-Same Test

Same-Same-Different Test

Payments without Purchase Orders Test

Length of Time between Invoice and

Payment Dates Test

Search for Post Office Box

Match Employee Address to Supplier

Duplicate Addresses in Vendor Master

Payments to Vendors Not in Master

Gap Detection of Check Number Sequences

Check-Tampering Schemes

Electronic Payments Fraud Prevention

Check Tampering

Data Analytical Tests

Payroll Fraud


Data Analysis

The Payroll Register

Payroll Master and Commission Tests

Non cash Misappropriations

Types of Non cash Misappropriations

Concealment of Non cash

Misappropriations

Data Analytics

Corruption

Bribery

Tender Schemes

Kickbacks, Illegal Gratuities, and

Extortion

Conflict of Interest


Concealment

Money Laundering

The Money-Laundering Process

Other Money Transfer Systems and New

Opportunities





DA – ACL – 03 Scripting Data Analysis Tasks

Duration: 16 H.

Prerequisite: DA – ACL - 01

Working with Scripts

Customizing the Script Editor

Creating and editing scripts in the Script

Editor

Creating scripts with the Script Recorder

Creating scripts from table history

Creating scripts from log entries

Running scripts

Copying scripts from another ACL project

Importing scripts

Importing scripts from

Exporting scripts

ACL Language Components

Language Statements structure

Main Functions

ACL Commands

DISPLAY Command

SET Command

DELETE Command

OPEN Command

Commands for Defining Relationships

Basic ACL Commands

IF Command

Pinpointing Suspect Transactions and Trends

Deleting Temporary Variables, Fields, and

Files

Subscripts

Special Uses for Subscripts

Repeating a Script

Error Trapping

Advanced ACL Scripting Techniques

GROUP Command

Simple GROUP

Conditional GROUP

Nested GROUP

LOOP and OFFSET

Applications Menu

Building an Application Menu

Creating Submenus

Testing and debugging scripts

Setting break points in scripts

Stepping through scripts

Creating interactive scripts

Finding and replacing text

Using Windows shortcuts to open ACL

projects and run scripts

Reserved keywords

Displaying variables in ACL project

Maintaining variables in ACL projects

Variables created by ACL commands

Adding or editing script notes





DA – IDEA – 01 Data Analysis for Assurance Services

Duration: 32 H.

Prerequisite: DA - IDEA - 01

Introduction to CAATs

Why CAATs

CAATs Definition and Applicability

What's IDEA?

Benefits of IDEA

Setting up IDEA Application

Data Analysis

Planning

Analytical Review

Import data

Verify data

Analyze data

Create outputs

Evaluate results and Report findings

Interpret and follow up

Document

Conclude on test objective

Key Functionalities:

Joining Files

Appending files

Gap/Duplicate field search

Summarization

Extraction

Editable fields

Adding virtual fields





DA – IDEA – 02 Fraud Analysis Techniques

Duration: 24 H.

Prerequisite: DA - IDEA - 02

Fraud Detection

Defining Fraud

Anomalies versus Fraud

Types of Fraud

Assess the Risk of Fraud

Fraud Detection

Recognizing Fraud

Anomalies versus Fraud within Data

Fraudulent Data Inclusions and Deletions

Benford’s Law

Identifying Anomalous Data.

Understanding Benford’s Law

Identifying Irregularities

Running Benford Analysis

Skimming and Cash Larceny

Skimming

Cash Larceny

Billing Schemes


Relative Size Factor Test

Z-Score

Even Dollar Amounts

Same-Same-Same Test

Same-Same-Different Test

Payments without Purchase Orders Test

Length of Time between Invoice and

Payment Dates Test

Search for Post Office Box

Match Employee Address to Supplier

Duplicate Addresses in Vendor Master

Payments to Vendors Not in Master

Gap Detection of Check Number

Sequences

Check-Tampering Schemes

Electronic Payments Fraud Prevention

Check Tampering


Payroll Fraud


Data Analysis

The Payroll Register

Payroll Master and Commission Tests

Non cash Misappropriations

Types of Non cash Misappropriations

Concealment of Non cash

Misappropriations

Data Analytics

Corruption

Bribery

Tender Schemes

Kickbacks, Illegal Gratuities, and

Extortion

Conflict of Interest


Concealment

Money Laundering

The Money-Laundering Process

Other Money Transfer Systems and New

Opportunities





DA – IDEA – 03 Scripting Data Analysis Tasks

Duration: 16 H.

Prerequisite: DA – IDEA - 01

Working with Scripts

Automation in IDEA

Working with Visual Script

Working with IDEA Script

Running Macros

Definition of Variable Types in IDEA Script

Language Statements structure

Main Functions

IDEA Commands

Commands for Defining Relationships

Basic IDEA Commands

IF Command

Pinpointing Suspect Transactions and Trends

The Need for Custom Functions

Using Custom Functions in IDEA

Deleting Temporary Variables, Fields, and Files

Subscripts

Special Uses for Subscripts

Repeating a Script

Error Trapping

LOOP and OFFSET

Building Custom Menu

Creating Submenus

Testing and debugging scripts

Setting break points in scripts

Stepping through scripts

Creating interactive scripts

Dialog Editor

Dialog Function

Dialog Box controls

OK and Cancel Buttons

List Boxes, Combo Boxes, and Drop Down

List Boxes

Check Boxes

Text Boxes and Static Text

Radio Buttons and Group Boxes

rise's training catalog

Documents