What is the DISA Certification course by ICAI?
DISA stands for Information Systems Audit course offered by the Institute of Chartered Accountants of India (ICAI). It is a post-qualification course that focuses on providing an in-depth understanding of various aspects of information systems audit such as IT governance, information security, IT infrastructure, and software development.
The ISA course is designed for Chartered Accountants who are interested in developing expertise in the field of information systems audit. The course duration is typically around 100 hours and covers both theoretical and practical training.
Upon completion of the ISA course, candidates can obtain certification from the ICAI, which enhances their career opportunities in the field of information systems audit.
The certification is recognized by various regulatory bodies, including the Reserve Bank of India, the Securities and Exchange Board of India, and the Comptroller and Auditor General of India.
DISA 3.0 Study materials
Module-1 – Information Systems Audit Process
Module 3 – System Development, Acquisition, Implementation and Maintenance Application System Audit
Module 4 – Information Systems Operations and Management
Module 5 – Protection of Information Assets
Module 6 – Emerging Technologies
DISA 3.0 Syllabus
Information Systems Audit 3.0 Course
Module-1: Information Systems Audit Process
Chapter 1: Concepts of IS Audit
Chapter 2: IS Audit in phases
Chapter 3: Computer-Assisted Audit Tools and Techniques
Chapter 4: Application Controls Review
Chapter 5: Application controls review- Specialised systems
Chapter 6: IT Enabled Services
Module-2: Governance and Management of Enterprise Information
Technology, Risk Management, Compliance & BCM Section
Chapter 1: Concepts of Governance and Management of
Information Systems
Chapter 2: GRC Frameworks and Risk Management Practices
- GRC Frameworks (including COBIT 2019, ISO 27001, ISO 31000, ISO 38500:2015)
- Enterprise Risk Management
- Risk Management in COBIT 2019
- Categories of Risks
- Elements of Risk Management
- Developing Strategies for Information Risk Management
- Risk Management Process (Identification, Evaluation, Determine Likelihood of Risk Prioritization, Risk Response, Risk Monitoring)
- Compliance in Cobit 2019
- Information Technology Act 2000
- General Data Protection Regulation (GDPR)
- The Personal Data Protection Bill, 2019
Chapter 3: Key Components of A Governance System
Chapter 4: Performance Management Systems
Chapter 5: Business Continuity Management
Module-3: System Development, Acquisition, Implementation and Maintenance Application System Audit
Chapter 1: Project Management for SDLC
Chapter 2: SDLC – Need, Benefits, and Phases
Chapter 3: Software Testing and Implementation
Chapter 4: Application Controls
Module-4: Information Systems Operations and Management
Chapter 1: Information Systems Management
Chapter 2: Information Systems Operations
Chapter 3: Software Operations & Management
Chapter 4: Incident Response and Management
Module-5: Protection of Information Assets [Important]
Chapter 1: Introduction to Protection of Information Assets
- Risk Response – Information Security Objectives
- Threat Modelling Tools
- Cyber/ Computer Attacks
- Information Systems Controls
- Risk and Control Ownership
- Periodic Review and Monitoring of Risk and Controls
- Role of IS Auditor in Information Risk Management
Chapter 2: Administrative Controls of Information Assets
Chapter 3: Physical and Environmental Controls
Chapter 4: Logical Access Controls
Chapter 5: Network Security Controls
Module-6: Emerging Technologies [Important]
Chapter 1: Artificial Intelligence
Chapter 2: Blockchain
Chapter 3: Cloud Computing
Chapter 4: Data Analytics
Chapter 5: Internet of Things (IoT)
Chapter 6: Robotic Process Automation
Module learning objectives:
Understand the concept of Artificial Intelligence, Blockchain, cloud computing, IoT, and Robotic process automation and their impact on the CA profession. Risks in emerging technologies, the approach of governance and controls in these EI technologies.