CITP Exam Review Course

Learning outcomes

• Identify the key areas of information security, including strategy, policies and procedures, control environments, and business continuity and disaster recovery.
• Differentiate fundamental knowledge of various IT governance frameworks.
• Recognize logical access at the various levels of the “stack.”
• Identify the internal control structure of design, implementation, monitoring, detection, and reporting.
• Determine the major threat vectors for systems, including cyber adversaries, the cybercrime economy, and various types of attacks
• Identify data breaches and their impact on information privacy.
• Determine how to manage system vulnerabilities.
• Apply the SOC for Cybersecurity report, including report content, target users, and use of the report in conjunction with an entity’s overall cybersecurity risk mitigation strat
• Recall the information lifecycle, from identification of system information through destruction, and the various types of infrastructures and ERPs to support data
• Indicate how data is collected and manipulated, including consolidation, cleaning, transformation, reduction, and processing
• Identify the governance of data including objectives, strategy, and policies
• Differentiate the various types of data analytics, the tools and procedures to perform an analysis, and the methods of reporting and performance indicators
• Apply predictive analytics, including the various models, techniques, applications, and deployment
• Apply the integration of analytics in the audit process, including risks and assertions, and continuous assurance
• Differentiate the various forms of technology disruptors, including cloud tech, IoT, and AI
• Identify how to use data integration (ETL, EAI and EDR) as well as data warehousing (Active, OLAP, ROLAP, MOLAP, HOLAP, and DOLAP)
• Recognize the objectives, strategic planning, implementation, and management of the IT function within an organization, as well as mitigation of risk
• Apply the management of value, resources, and performance in relation to key components and best practices of the IT function
• Differentiate various IT frameworks, including COSO and COBIT, and apply the integration of frameworks with IT assessments
• Determine key control areas for IT assessments, including ITGCs, application, business process, and change management controls
• Identify the purposes for SOC reporting, the users of SOC reports, and the responsibilities of user auditors