Gain the skill and confidence to help organizations protect
their most important assets.
Why Choose York?
Receive exclusive free membership to the Toronto Chapter of ISACA!
Our students enjoy enhanced professional development and access to invaluable career resources with this exclusive membership offer. Benefits include:
- Access to ISACA journal and other industry-relevant educational materials
- Networking opportunities with likeminded professionals
- Career support resources
Build real-world skills to plan and execute a full IT audit
Preparing for your Certified Information Systems Auditor (CISA) designation is a huge step toward your new career as an in-demand IT auditor. But knowledge alone isn’t enough to get hired.
To get the best jobs, you need to know how to fully execute an IT audit, with skill and confidence.
Created in collaboration with industry leaders, the 3 course Certificate in IT Audit Execution covers the 5 domains of the Certified Information Systems Auditor (CISA) body of knowledge. In addition, the innovative study format also gives you the opportunity to work on real-world case studies in collaboration with your peers. You’ll have the chance to practice the core job skills top employers demand when hiring IT auditors, like problem solving, negotiation and analytical thinking. You’ll also build meaningful relationships with course instructors and peers over the course of the program, creating a supportive learning environment.
You’ll gain in-depth IT audit knowledge and use current industry tools to:
- Recognize and apply appropriate IT audit best practices;
- Recognize and review compliance with appropriate laws and regulations;
- Implement the full IT audit lifecycle;
- Apply the CISA domains to an audit;
- Identify and assess risk;
- Apply auditing and assurance concepts;
- Assess ethical predicaments relevant to an audit;
- Develop effective relationships with stakeholders; and
- Apply innovative and critical approaches to audit challenges.
These learning outcomes, paired with your hands-on experience performing an IT audit, put you ahead of the pack for your next job by proving your applied expertise to potential employers. This program is a one-of-a-kind learning experience, designed to enhance your career with deep learning and position you for success in a field that’s sure to see continued growth.
“The Certificate in IT Audit Execution prepares students to not only pass their CISA exam, but to execute a full IT audit with confidence, in just 6 months. I wish a program like this existed when I was starting out in my career.”
- Arif Hameed, Senior Director, Client Security, Equifax (Advisory Council Member)
Who should take this program?
The Certificate in IT Audit Execution is ideal for anyone who currently works in IT Operations or as an Internal or External Auditor.
This program can enhance the careers of people with experience in:
… and related fields
We know that finding time for continuing education isn’t easy. We make it easier by offering a program that works around your commitments.
The Certificate in IT Audit Execution is a 6-month part-time program, taken mostly online. You’ll come to our Keele Campus in Toronto, ON for 3 weekends over the course of the entire program. This format allows you to easily balance your studies with your work and home life.
Finish in 6 months
By the end of the program, graduates will be able to:
- Recognize and apply the appropriate best practices to an IT Audit as outlined in standards including ITIL, COBIT and COSO;
- Implement the IT Audit lifecycle from planning, executing and reporting to management;
- Apply the Certified Information Security Auditor (CISA) domains to the IT Audit Lifecycle;
- Assess risk within the IT environment to determine if risk is being managed at an acceptable level;
- Apply auditing and assurance concepts to real-world case studies by examining controls implemented and providing recommendations on improvements;
- Assess various ethical predicaments as they pertain to the IT Audit profession;
- Examine compliance with laws and regulation, including SOX, PIPEDA and PCI;
- Develop effective internal and external relationships using influencing, communication and consultative skills;
- Apply innovative and critical approaches to challenges faced by an IT audit.
Principal Consultant, SNC Advisory Services Inc.
Nina is a recognized leader in IT risk and governance with over 20 years of experience. She is an experienced consultant working with business and IT processes, skilled in Internal Audit, IT internal and external audits. She has worked with various frameworks and standards including: ISO 27001, NIST, CSAE 3416, SSAE 16, SSAE 18, COSO, ITIL, COBIT, BCI, DRI performing business process design, analysis and improvement, risk analysis, system implementation and IT risk, governance and strategy engagements. Nina has been a CISA for over 15 years.
Director, Enterprise-Wide, IT Audit and QA
Gerard Francis is the Director of Enterprise-wide I&IT Auditing for the Government of Ontario. In this role, he provides strategic leadership for all information technology audits conducted across the Ontario Public Service. Gerard has developed a deep appreciation for technology risks facing governments around the world and the critical role IT Audit plays in helping to identify and mitigate them. The enterprise-wide audits conducted by his team cover all government sectors and address key I&IT risks in IT Governance, Cybersecurity, IT Investment Planning, Project Management and Delivery, Service Management and Information Management. Prior to moving into IT Audit, Gerard worked with a number of global financial organizations in the IT field. He has a passion for public service and has devoted the past 16 years of his career to protecting the interests of the people of Ontario.
Arif is an accomplished IT Risk, Cyber Security and IT Audit professional with 15 years’ experience in the financial services. With excellent analytical skills in uncovering issues through performance of a wide range of assessments including IT Risk/Control, IT Audit and Quality Assurance, Arif has a proven ability to influence multiple levels of key stakeholders in order to address risks in a timely and effective manner. Arif focuses on excellence in the development of IT control documentation, audit programs and test scripts.
Academic Advisor & Instructor: Certificate in Cyber Security, York University School of Continuing Studies
Gaurav Kumar is a security and risk management leader with one of the world’s largest management consulting companies. In his current role, Gaurav is responsible for helping client executives develop suitable security and risk management strategies that meet business needs, seeking to balance defensive and responsive strategic elements. For over 15 years, Gaurav has been helping businesses understand and proactively manage information technology risks by effectively acting as both a technical subject matter expert and a trusted business information security adviser. Gaurav has worked in all verticals of information security and risk management including access management, threat analysis, security monitoring and response, risk management, security assurance and governance, security consulting, and enterprise security program management.
Director of Internal Audit, York University
Ran Lewin is the Director of Internal Audit at York University, reporting to the President and the Board of Governors’ Finance & Audit Committee. He graduated with a B-Com Accounting Honours from the University of Johannesburg. After completing his accounting and auditing training at KPMG South Africa, he was seconded to Toronto. His audit clients have included companies listed on the South African and Canadian stock exchanges in the construction, IT and media sectors. In 2003 he joined York’s Internal Audit department and became its Director in 2012. He is a CPA-CA in Canada and South Africa, as well as a Certified Internal Auditor.
VP Risk, Performance and Technology, Richter
Asif specializes in governance, risk management, and cyber security for the private sector. He is a trusted advisor to his clients, from those on the front lines to the executive level. Asif uses a client-centric approach to addressing complex challenges and designs recommendations that are pragmatic and aligned to the culture of the organization. He has a passion for ensuring his clients succeed in meeting their strategic imperatives.
Asif is a Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), and received his MBA from the Queen’s Smith School of Business. Asif is currently serving as the ISACA Toronto Chapter President.
Senior Consultant Risk Advisory Services, Ernst Young LLP
Kartikeya is a Certified Information Systems Auditor (CISA) and Cisco Certified Networking Associate (CCNA), working as a Senior Consultant with EY Risk Assurance practice in Toronto, Canada. With over 5 years of work experience in the field of IT Audit, he has managed global internal audit clients and coordinated with global member firms of EY. He previously worked with EY India and EY US before joining EY Canada.
Zain Haq is an information systems, cyber security and IT audit professional. Currently, Zain is a cyber security Audit Manager with Manulife Financial, a multinational financial services organization headquartered in Toronto. Zain leads and delivers a mix of application security and management audits, business integrated audits and technology project risk reviews. Previously, Zain has worked with PricewaterhouseCoopers (PwC) where he lead and delivered various third-party assurance engagements for clients in different industries including telecommunications, technology service providers, financial services and asset management.
Zain is an alumnus of York University, having completed his BCom in accounting in 2010. Zain is a Chartered Professional Accountant, Chartered Accountant (CPA, CA) a Certified Information Systems Auditor (CISA).
Eric Anastacio has over 20 years in IT Audit experience. Eric started his career at PwC after completing his Bachelor’s in Commerce. During that time, Eric attained his CISA, CIA and CRMA designations. After that, Eric has held multiple positions with several organizations, including the Ontario Ministry of Finance and CIBC. Eric also holds a Masters in Education and has experience delivering IT Audit courses with emphasis on emerging technologies, such as Cyber Security and Cloud Computing.
Farid Patel is a Senior Auditor & Risk Professional with over 15 years of experience serving major financial institutions like Citigroup, Merrill Lynch, Royal Bank of Canada, Bank of Nova Scotia, Canadian Imperial Bank of Commerce, and Manulife Insurance Inc., while working with leading accounting firms like E&Y, KPMG and Deloitte & Touché Canada.
Farid, as a member of the Financial Institution Audit team within Enterprise Risk Services, has reviewed various banking operations such as Capital Market, Group Treasury, domestic banking etc. to identify internal controls, tested internal controls for design and operational effectiveness, and reported audit findings. Farid has also supported implementation and enhancement of Risk Management Vision through the review of Risk Management Policy and Programs, helped clients with implementation of Enterprise Risk Management (ERM) and Governance, Risk and Compliance (GRC) and supported in establishing or updating risk inventory/catalogue. He also has extensive experience training IT auditors.
ISACA®’s Certified Information Systems Auditor® (CISA®) certification instantly validates your skills and expertise in auditing, control and information security. It proves you can assess vulnerabilities, report on compliance and validate and enhance controls in an enterprise. That’s why hiring managers and clients look for it and why many businesses and government agencies require it.
Our Certificate in IT Audit Execution covers all 5 domains required for you to write the exam. This, combined with the applied knowledge you’ll gain through real-world case study work, will fully prepare you for your new career as an IT auditor.
- Planning the IT Audit
- Executing the IT Audit
- Reporting on the IT Audit
Course information is subject to change.
What if I don’t have any work experience in auditing or IT?
York U’s faculty of Liberal Arts & Professional Studies offers a Certificate in IT Auditing that’s geared specifically to current degree students who don’t have the work experience required to take our program. If that’s your situation, we recommend starting there!
|Fall 2019||Certificate in IT Audit Execution (Fall 2019)||$3,297.00||Register|