All Episodes
Displaying 21 - 40 of 105 in total
Episode 21: Overview of Domain 2 – Management of IT
Domain 2 doesn’t stop at governance—it also expects you to understand IT management practices. This episode introduces the key responsibilities of IT leaders, includin...
Episode 22: Laws, Regulations, and Industry Standards
The CISA exam expects you to recognize and apply legal, regulatory, and industry-specific requirements to audit scenarios. This episode explores major compliance drive...
Episode 23: Organizational Structure, IT Governance, and IT Strategy
A solid grasp of organizational structure is key to evaluating IT governance. This episode walks you through reporting lines, governance committees, roles like CIO and...
Episode 24: IT Policies, Standards, Procedures, and Practices
Policies and standards form the backbone of IT governance, and this episode helps you understand how auditors evaluate their design, communication, and enforcement. Yo...
Episode 25: Enterprise Architecture and Considerations
Enterprise Architecture (EA) connects IT design to business strategy, and the CISA exam wants you to evaluate how well it supports organizational goals. In this episod...
Episode 26: ERM Frameworks and Principles
Enterprise Risk Management (ERM) is a key pillar of IT governance. This episode explains risk frameworks like COSO ERM and ISO 31000 and shows how auditors evaluate th...
Episode 27: ERM Implementation and Evaluation Examples
Building on the last episode, we now focus on how ERM is implemented and assessed. Through audit-relevant examples, you’ll learn how to evaluate risk ownership, review...
Episode 28: Privacy Program and Principles
Data privacy is no longer optional—it’s a regulatory and reputational imperative. This episode covers privacy frameworks, laws, and controls auditors must assess durin...
Episode 29: Data Governance Program Fundamentals
Governance doesn’t stop at systems—it includes data. This episode explores how data is owned, classified, and controlled across the enterprise. You’ll learn how to eva...
Episode 30: Practical Data Classification Techniques and Compliance
Data classification is a key input to effective security and compliance auditing. In this episode, you’ll learn how to evaluate classification policies, review labelin...
Episode 31: IT Resource Management
Resource management is foundational to IT governance, and the CISA exam tests your ability to evaluate how organizations allocate, monitor, and optimize people, hardwa...
Episode 32: IT Vendor Management
Managing third-party risk is a key topic on the CISA exam, and this episode dives into how to audit vendor selection, onboarding, performance evaluation, and contract ...
Episode 33: IT Performance Monitoring and Reporting
Audit success depends on knowing how to evaluate IT performance. This episode explains how key performance indicators (KPIs) and reports are used to measure service de...
Episode 34: Quality Assurance and Quality Management of IT
The CISA exam expects candidates to understand how IT quality is planned, implemented, and improved over time. This episode covers quality assurance policies, continuo...
Episode 35: Overview of Domain 3 – Information Systems Acquisition, Development & Implementation
Domain 3 focuses on the controls and governance involved in acquiring and implementing IT solutions. This episode provides a strategic overview of project governance, ...
Episode 36: Project Governance and Management
Project governance ensures IT initiatives deliver value and align with business goals. This episode covers how auditors evaluate project oversight, milestone tracking,...
Episode 37: Business Case and Feasibility Analysis
Before a project begins, auditors must evaluate whether it’s justified. This episode focuses on auditing business case development, feasibility assessments, and benefi...
Episode 38: Waterfall and Traditional SDLC
Understanding the traditional software development lifecycle is essential for CISA candidates. This episode explains each phase of the waterfall model and the correspo...
Episode 39: Agile, DevOps, and Modern SDLC Approaches
Agile and DevOps are increasingly popular in IT development, and the CISA exam expects you to understand how to audit these environments. This episode explains how con...
Episode 40: Control Identification and Design
Strong control design starts early in the system lifecycle. In this episode, you'll learn how auditors assess whether appropriate controls have been identified and des...