Training Week Philadelphia 

 Training Week 

4-7 June 2018 | Philadelphia, PA, USA

ISACA's industry-leading training week program features the most in-demand IT Assurance, Security, Governance and Risk topics.

Browse All of Our Events »

Course Overview

Choose one of the following educational tracks to study during your training week.
Each track is led by subject-matter experts for a high-value learning experience.

Cybersecurity Fundamentals
Fundamentals of IS Audit and Assurance
Foundations of IT Risk Management
Governance of Enterprise IT

Cybersecurity Fundamentals

Course Description

Why become a cyber security professional? The protection of information is a critical function for all enterprises. Cyber security is a growing and rapidly changing field, and it is crucial that the central concepts that frame and define this increasingly pervasive field are understood by professionals who are involved and concerned with the security implications of Information Technologies (IT). The CSX Fundamental Course is designed for this purpose, as well as to provide insight into the importance of cyber security, and the integral role of cyber security professionals. This course will also cover four key areas of cyber security: 1) cyber security architecture principles, 2) security of networks, systems, applications and data, 3) incident response, and 4) the security implications of the adoption of emerging technologies. Designed as a foundational course, it will also prepare learners for the CSX Fundamental Exam.

Level: Beginner – intermediate

Learning Objectives

At the conclusion of the course, attendees will be able to:

  • Understand basic cyber security concepts and definitions
  • Apply cyber security architecture principles
  • Identify components of a cyber security architecture
  • Define network security architecture concepts including:
    • topology
    • protocols
    • components
    • principles
  • Understand malware analysis concepts and methodology
  • Recognize the methodologies and techniques for detecting host-and-network-based intrusions via intrusion detection technologies
  • Identify computer network defense (CND) and vulnerability assessment tools, including open source tools and their capabilities
  • Understand system hardening
  • Apply penetration testing principles, tools, and techniques
  • Define network systems management principles, models, methods, and tools
  • Understand remote access technology and systems administration concepts
  • Recognize the Unix command line
  • Distinguish system and application security threats and vulnerabilities
  • Recognize system lifecycle management principles, including software security and usability
  • Understand the local specialized system requirements for safety, performance, and reliability
  • Define types of incidents (categories, responses, and timelines for responses)
  • Outline disaster recovery and business continuity planning
  • Understand incident response and handling methodologies
  • Understand security event correlation tools, and how different file types can be used for atypical behavior
  • Recognize investigative implications of hardware, operating systems, and network technologies
  • Be aware of the basic concepts, practices, tools, tactics, techniques, and procedures for processing digital forensic data
  • Identify network traffic analysis methods
  • Recognize new and emerging information technology and information security technologies including:
    • The current threat landscape
    • Mobile devices
    • Cloud computing and storage

Target Audience
The target audience for this course includes:

  • Zero to three years cyber security experience.
  • Audit, risk, compliance, information security, government and legal professionals with a familiarity of basic IT/IS concepts who:
    • are new to cyber security
    • are interested in entering the field of cyber security
    • are interested in the ISACA Cybersecurity Certification
  • This course would be appropriate for students and recent graduates

A pre-assessment of attendees should gather information that will assist the instructor in determining the baseline knowledge of participants, as well as any necessary demographic information.  Results from the pre-assessment should be used to help focus lecture and activities to be most meaningful to all participants.  The pre-assessment should include questions regarding:

  • Level & years of IT experience / practical experience
  • Knowledge or experience regarding Information Security/Cybersecurity
  • Title/Role
  • Enterprise specifics:
    • Domestic or international
    • Size / # employees
    • Industry
    • Region (US / non-US)
  • Do they have a degree in cyber security or a related field (if so what)?
  • What university did they attend?

Back to top of page

Fundamentals of IS Audit & Assurance

Course Description

The Fundamentals of IS Audit and Assurance Course will introduce the essential components and steps needed to perform an information system (IS) audit, and gain a basic understanding of audit objectives and controls. To address the evolving role of the IS auditor within an enterprise and how it integrates into the audit function, the course will approach an audit from a business perspective, focusing on organizational risks that occur from the use of IT and how to mitigate them to provide assurance. This foundational-level course will also provide an overview of some IT audit tools and techniques used to plan, perform, and manage an IS audit.

Level: Beginner to intermediate

Learning Objectives

  • Learn basic IS audit and assurance concepts and the elements of the engagement
  • Understand IT Risk and related controls, and how they impact an enterprise and its information assets
  • Understand how IS audit and assurance ties into the overall governance process
  • Apply IS audit and assurance standards, guidelines, tools and techniques
  • Perform a risk-based IS audit:
    • Plan IS audit activities
    • Prepare, test and document results
    • Report results and communicate with stakeholders
    • Perform follow up and close activities
  • Understand the impact and considerations for local, state, country, international and industry regulations in determining the audit approach

Target Audience

  • Internal and external, IS and non-IS auditors
  • Assurance, risk and compliance professionals who need to understand technology related controls
  • IT Managers and Business Managers responsible for audit coordination and support
  • Any IT Professional who coordinates, supports, or is involved in assurance activities

Back to top of page

Foundations of IT Risk Management

Course Description

Effective management of IT-related business risk has become an essential part of IT governance. A comprehensive understanding of how information technology affect business objectives is essential in today’s business environment. Leading the drive to help enterprises mitigate risks, ISACA has developed a fundamental IT Risk Management training course that is applicable to all IT and business professionals.

The IT Risk Management training course provides an in-depth view of IT related business risk management and the methodology that includes risk identification, evaluation and response. The course describes the principles of IT risk management, the responsibilities and accountability for IT risk, how to build risk awareness, and how to communicate risk scenarios, business impact and key risk indicators. Included in the course is the opportunity to create a business focused, process oriented and measurement driven risk response plan.

Learning Objectives

  • Describe the principles and methodology of IT risk management
  • Recognize how a strong framework can help achieve best practices in IT risk management (common language, good structure, sense of completeness, etc…)
  • Discuss aspects of risk culture and how they affect risk management
  • Define and describe overall environment (risk universe) that will be subject to IT risk management
  • Apply the concepts of IT risk management methodologies to realize business benefits and outcomes
  • Discuss risk appetite and risk tolerance concepts and how they are important for IT risk management
  • Discuss the concept of risk profile and how it can be used
  • Identify operational and implementation issues
  • Differentiate between loss, threat and vulnerability events
  • Determine what data to collect and where to collect it to monitor and respond to risk
  • Discuss several methods to describe impact and magnitude of IT events in business-related terms
  • Understand key risk indicators and key performance indicators
  • Enable an informed risk response
  • Describe risk responses suitable for different risk scenarios
  • Develop risk response plans for your enterprise

Target Audience

  • Business managers
  • Risk manager
  • Information security managers
  • IT managers

 Back to top of page

Governance of Enterprise IT

Course Description

This course will introduce IT professionals with current or prospective managerial responsibilities to relevant frameworks, best practices, and processes used to support the governance of enterprise IT, and provide insight into the value that governance brings to an enterprise. This foundational-level course will explore the risks that can be encountered if sound IT governance practices are not implemented. Course participants will also learn about sustaining governed practices, and the primary issues addressed with a change to existing business philosophy and current IT processes.

Recently, the Governance of Enterprise IT course won a 2014 APEX Award of Excellence for publication in the Education and Training category. We are proud to provide our learners with proven courses that have been recognized for their communication, effectiveness, and excellence!

Level: Beginner to intermediate

Learning Objectives

  • Describe the value IT contributes to an enterprise in clear terms
  • Differentiate between Enterprise Governance, Governance of Enterprise IT (GEIT) and management of IT and their importance to an enterprise
  • Identify key challenges and benefits of GEIT (i.e. linking business objectives to IT objectives) as they relate to their organization/industry
  • Apply governance principles to real life case studies
  • Be able to map specific IT goals to enterprise goals
  • Recognize how drivers, inhibitors, and enablers affect the successful implementation of GEIT
  • Apply a systematic approach to the implementation of GEIT
  • Identify relevant frameworks, best practices and processes use to support the governance of enterprise IT
  • Define key leadership roles and responsibilities for implementing GEIT
  • Be able to create a business case for implementing governance using relevant frameworks and best practices
  • Be able to perform a self-assessment using applicable benchmarks using a Process Capability Model
  • Understand how to interpret and use applicable GEIT metrics

Target Audience

  • IT professionals who are new to Governance of Enterprise IT (GEIT)
  • IT auditors and consultants
  • Security and risk professionals
  • Enterprise leadership

 Back to top of page

32 Hours
Earn up to 32 CPE Hours!

Course Duration: 4 days
CPE: up to 32
Course Hours: Monday-Thursday, 8:30AM-5PM
Registration Hours: Monday, 7:30AM-12PM

Attendance at all ISACA Training Week Courses include the following:

  • 4-day instructor-led training course
  • Course materials
  • Continental breakfasts
  • Morning and afternoon coffee breaks
  • Lunches daily

Dinners, travel, hotel and parking accommodations are the responsibility of the attendee and are not included in the cost of the course registration.

Go Green

Early Bird Cost: $2,095 members / $2,295 nonmembers before 9 April 2018
Cost: $2,295 members / $2,495 nonmembers
Cancellation Deadline: 7 May 2018

Register Now

Payment Methods

Choose one of these easy ways to pay

  1. Pay online at
  2. Mail your payment to: ISACA, 1055 Paysphere Circle, Chicago, IL 60674 USA
  3. Bank Wires—send electronic payments in US dollars to:
    Bank of America, 135 S. LaSalle St., Chicago, IL 60603
    ABA #0260-0959-3
    ISACA Account #22-71578
    S.W.I.F.T. code BOFAUS3N
    [Please include attendee’s name and ISACA Training Week on the Advice of Transfer.]

ISACA offers discounts to organizations sending 4 or more employees to a single event. Please contact the ISACA Training & Education Department for more details at +1.847.660.5543 or

Event Registration Policy

NOTE: Registration is contingent upon full payment of the registration fee. To guarantee registration, course fees must be received two weeks before the course begins. It may take 10 or more business days for a wire transfer or mailed check to reach ISACA, so please plan accordingly. Course materials are not guaranteed to those who register on site or fail to submit payment two weeks prior to the event.

Cancellation Policy

All cancellations must be received by the published deadline to receive a refund of registration fees. A cancellation charge of US $295 will be subtracted from conference refunds, and US $50 per workshop from workshop refunds. No refunds can be given after the cancellation deadline above. Attendee substitution is permitted at any time until the conference. If a nonmember is substituting a member, then there will be additional nonmember fees. If attendee has already received the materials for the course, they will not qualify for a refund or credit.

If, for any reason, ISACA must cancel a course or event, liability is limited solely to the registration fees paid. ISACA is not responsible for other expenses incurred, including travel and accommodation fees. For more information regarding administrative policies, please contact ISACA.
Phone: +1.847.660.5505
Fax: +1.847.253.1443

Continuing Professional Education Credits

To maintain ISACA certifications, certification holders are required to earn 120 CPE credit hours over a 3-year period in accordance with ISACA’s continuing professional education (CPE) policy. Attendees can earn up to 32 CPE credits by attending the four-day ISACA Training Week Course. ISACA training week courses are Group Live and do not require any advanced preparation.

ISACA is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website:

National Registry of CPE Sponsors
150 Fourth Ave North
Suite 700
Nashville, Tennessee 37219-2417

Disclaimer Policy

ISACA reserves the right to alter or delete items from the program in the event of unforeseen circumstances. Material has been prepared for the professional development of ISACA members and others in the IT audit, control, security, and governance community. Neither the presenters nor ISACA can warrant that the use of material presented will be adequate to discharge the legal or professional liability of the members in the conduct of their practices. All materials used in the preparation and delivery of presentations on behalf of ISACA are original materials created by the speakers, or otherwise are materials which the speakers have all rights and authority to use and/or reproduce in connection with such presentation and to grant the rights to ISACA as set forth in speaker agreement. Subject to the rights granted in the speaker agreement, all applicable copyrights, trade secrets, and other intellectual property rights in the materials are and remain with the speakers.

Please note: Unauthorized recording, in any form, of presentations and workshops is prohibited.

Not a member of ISACA? Join today!

When you register for the conference as a nonmember, the difference between member and nonmember conference fees can be applied towards ISACA membership. This means you can become a member at the international and chapter level for little to no additional cost; it just depends on your local chapter dues. To take advantage of this great offer, click on the "Click here to join now" link in your conference registration shopping cart. For more information about ISACA membership, visit the web site at or contact the membership department at

Permission to be Photographed

By attending this event, the registrant grants permission to be photographed during the event. The resultant photographs may be used by ISACA for future promotion of ISACA’s educational events on ISACA’s web site and/or in printed promotional materials, and by attending this event, the registrant consents to any such use. The registrant understands any use of the photographs will be without remuneration. The registrant also waives any right to inspect or approve the aforementioned use of any photographs now or in the future.


Business casual is appropriate for all training events.


Obtaining a VISA is solely the responsibility of the registrant. Please contact the local government of the host country for details. Once a paid registration is received, a letter of invitation will be provided by ISACA, on request.

Course Location 

The Inn At Penn A Hilton Hotel
3600 Sansom St
Philadelphia, PA 19104


A Limited number of rooms have been reserved at the following location:

Homewood Suites by Hilton University City
4109 Walnut Street
Philadelphia, PA 19104

Tap Here to Make Your Reservation!

Rate: $249.00
Cut Off: 18 May 2018