The CISA credential is an internationally recognized qualification that signifies expertise in IS security auditing. Accredited by the American National Standards Institute, the CISA credential requires consultants to undergo a comprehensive examination administered by the ISACA professional group. Progent can provide the services of a CISA-qualified security engineer able to assist companies in the areas of information systems audit process, IT administration, systems and infrastructure lifecycle, IT service delivery, safeguarding information assets, and business continuity preparedness. Progent's security engineers can provide expert services in these areas remotely anywhere in the U.S. or onsite at select cities throughout the country. With affordable rates and world-class expertise, Progent offers small and mid-size businesses the same level of network security and information protection once reserved for only the largest IT organizations.
Progent's CISA-certified security audit experts can help your company enhance information security through a variety of services in key areas covered by Certified Information Systems Auditor qualification program. Progent can help you with any or all of these services:
Information System Audit Process
Progent can provide IS audit services in accordance with IS audit standards, guidelines, and best practices to assist your company in ensuring that your information technology and business systems are protected and controlled. Services available from Progent include:
Information Technology Governance
- Develop and implement a risk-based IS audit strategy for your company in compliance with IS audit standards, guidelines and best practices.
- Plan specific audits to ensure that your IT and business systems are protected and controlled.
- Conduct audits in accordance with IS audit standards, guidelines and best practices to meet your planned audit objectives.
- Communicate emerging issues, potential risks, and audit results to your key stakeholders.
- Advise on the implementation of risk management and control practices within your company.
Progent can help ensure that your company has the structure, policies, accountability, mechanisms, and monitoring practices in place to achieve the requirements of business-wide governance of IT.
Systems and Infrastructure Lifecycle
- Assess the effectiveness of your IT governance structure to ensure adequate board control over the decisions, directions, and performance of IT so that it supports your company’s strategies and objectives.
- Review your IT organizational structure and employee management to ensure that they support your company’s strategies and objectives.
- Evaluate your IT strategy and the process for its development, approval, implementation, and maintenance to ensure that it supports your company’s strategies and objectives.
- Examine your company’s IT policies, standards, and procedures as well as the processes for their development, approval, implementation, and maintenance to ensure that they support your IT strategy and comply with regulatory and legal requirements.
- Analyze management practices to ensure compliance with your company’s IT strategy, policies, standards, and procedures.
- Evaluate IT resource investment, use, and allocation practices to ensure their alignment with your company’s strategies and objectives.
- Analyze IT contracting strategies and policies and contract management practices to ensure that they support your business strategies and objectives.
- Evaluate your risk management practices to ensure that your company’s IT related risks are properly managed.
- Assess monitoring and assurance practices to ensure your executive management team receives sufficient and timely information about IT performance.
Progent can help make sure that your management practices for the development/acquisition, testing, implementation, maintenance, and disposal of systems and infrastructure will meet your company’s objectives.
IT Service Delivery and Support
- Evaluate the business case for proposed system developments/acquisitions to ensure that they meet your company’s business goals.
- Analyze your project management framework and project governance practices to ensure that your business objectives are achieved in a cost-effective manner while managing risks to your company.
- Perform reviews to ensure that a project is progressing in accordance with your project plans, is adequately supported by documentation, and is accurately reported in status updates.
- Review proposed control mechanisms for systems and/or infrastructure during specification, development/acquisition, and testing to ensure that they will provide safeguards and comply with your company’s policies and other requirements.
- Assess the processes by which your systems and/or infrastructure are developed/acquired and tested to ensure that the deliverables meet your company’s objectives.
- Evaluate the readiness of your system and/or infrastructure for implementation and migration into production.
- Perform post-implementation review of systems and/or infrastructure to ensure that they meet your company’s objectives and are subject to effective internal control.
- Perform periodic reviews of systems and/or infrastructure to ensure that they continue to meet your company’s objectives and are subject to effective internal control.
- Analyze the process by which your systems and/or infrastructure are maintained to ensure the continued support of your company’s objectives and are subject to effective internal control.
- Evaluate the process by which your systems and/or infrastructure are disposed of to ensure that they comply with your company’s policies and procedures.
Progent can help provide assurance that your IT service management practices will ensure the delivery of the level of services required to meet your company’s objectives.
Protection of Information Assets
- Review your service level management practices to ensure that the level of service from internal and external service providers is defined and managed.
- Assess your operations management to ensure that IT support functions effectively meet your business needs.
- Evaluate your data administration practices to ensure the integrity and optimization of databases.
- Analyze your use of capacity and performance monitoring tools and techniques to ensure that IT services meet your company’s objectives.
- Evaluate your change, configuration, and release management practices to ensure that changes made to your company’s production environment are adequately controlled and documented.
- Examine your problem and incident management practices to ensure that incidents, problems, or errors are recorded, analyzed, and resolved in a timely manner.
- Evaluate the functionality of your IT infrastructure (e.g., network components, hardware, system software) to ensure that it supports your company’s objectives.
Progent can make sure that your security architecture (policies, standards, procedures, and controls) preserves the confidentiality, integrity, and availability of information assets.
Business Continuity and Disaster Recovery
- Analyze the design, implementation, and monitoring of logical access controls to ensure the confidentiality, integrity, availability and authorized use of your information assets.
- Evaluate your network infrastructure security to ensure confidentiality, integrity, availability and authorized use of your network and the information transmitted.
- Assess the design, implementation, and monitoring of your environmental controls to prevent or minimize loss.
- Review the design, implementation, and monitoring of your physical access controls to ensure that your information assets are adequately safeguarded.
- Evaluate the processes and procedures your company uses to store, retrieve, transport, and dispose of confidential information assets.
Progent can help ensure that in the event of a disruption your business continuity and disaster recovery processes will ensure the timely resumption of your IT services while minimizing the impact on your business.
Additional Industry Certifications Earned by Progent's Security Engineers
- Evaluate the adequacy of your backup and restore provisions to ensure the availability of information required to resume processing.
- Examine your company’s disaster recovery plan to ensure that it enables the recovery of your IT processing capabilities in the event of a disaster.
- Assess your company’s business continuity plan to ensure your ability to continue essential business operations during the period of an IT disruption.
In addition to providing the assistance of security experts with CISA Certified Information Systems Auditor credentials, Progent also offers the expertise of CISM-certified security management consultants, CISSP-certified cybersecurity experts, CISSP-ISSAP-certified security architecture professionals, GIAC-certified information assurance consultants, and CRISC-certified risk management consultants.
For more information about Progent's computer security consulting, telephone Progent at 800-993-9400 or refer to Contact Progent.