Training Week Scottsdale 

 Training Week 

4-7 December 2017 | Scottsdale, AZ, USA

ISACA's industry-leading training week program features the most in-demand IT Assurance, Security, Governance and Risk topics.

Browse All of Our Events »

Course Overview

Choose one of the following educational tracks to study during your training week.
Each track is led by subject-matter experts for a high-value learning experience.

Cybersecurity Fudamentals SOLD OUT
Fundamentals of IS Audit and Assurance
Foundations of IT Risk Management
COBIT 5: Strategies for Implementing IT Governance

Cybersecurity Fundamentals SOLD OUT

Course Description

Why become a cybersecurity professional? The protection of information is a critical function for all enterprises. Cybersecurity is a growing and rapidly changing field, and it is crucial that the central concepts that frame and define this increasingly pervasive field are understood by professionals who are involved and concerned with the security implications of Information Technologies (IT). The CSX Fundamental Course is designed for this purpose, as well as to provide insight into the importance of cybersecurity, and the integral role of cybersecurity professionals. This course will also cover four key areas of cybersecurity: 1) cybersecurity architecture principles, 2) security of networks, systems, applications and data, 3) incident response, and 4) the security implications of the adoption of emerging technologies. Designed as a foundational course, it will also prepare learners for the CSX Fundamental Exam.

Level: Beginner to Intermediate

Learning Objectives

At the conclusion of the course, attendees will be able to:

  • Understand basic cybersecurity concepts and definitions
  • Apply cybersecurity architecture principles
  • Identify components of a cybersecurity architecture
  • Define network security architecture concepts including:
    • topology
    • protocols
    • components
    • principles
  • Understand malware analysis concepts and methodology
  • Recognize the methodologies and techniques for detecting host-and-network-based intrusions via intrusion detection technologies
  • Identify computer network defense (CND) and vulnerability assessment tools, including open source tools and their capabilities
  • Understand system hardening
  • Apply penetration testing principles, tools, and techniques
  • Define network systems management principles, models, methods, and tools
  • Understand remote access technology and systems administration concepts
  • Recognize the Unix command line
  • Distinguish system and application security threats and vulnerabilities
  • Recognize system lifecycle management principles, including software security and usability
  • Understand the local specialized system requirements for safety, performance, and reliability
  • Define types of incidents (categories, responses, and timelines for responses)
  • Outline disaster recovery and business continuity planning
  • Understand incident response and handling methodologies
  • Understand security event correlation tools, and how different file types can be used for atypical behavior
  • Recognize investigative implications of hardware, operating systems, and network technologies
  • Be aware of the basic concepts, practices, tools, tactics, techniques, and procedures for processing digital forensic data
  • Identify network traffic analysis methods
  • Recognize new and emerging information technology and information security technologies including:
    • The current threat landscape
    • Mobile devices
    • Cloud computing and storage

Target Audience

The target audience for this course includes:

  • Zero to three years cybersecurity experience.
  • Audit, risk, compliance, information security, government and legal professionals with a familiarity of basic IT/IS concepts who:
    • are new to cybersecurity
    • are interested in entering the field of cybersecurity
    • are interested in the ISACA Cybersecurity Certification
  • This course would be appropriate for students and recent graduates

A pre-assessment of attendees should gather information that will assist the instructor in determining the baseline knowledge of participants, as well as any necessary demographic information.  Results from the pre-assessment should be used to help focus lecture and activities to be most meaningful to all participants.  The pre-assessment should include questions regarding:

  • Level & years of IT experience / practical experience
  • Knowledge or experience regarding Information Security/Cybersecurity
  • Title/Role
  • Enterprise specifics:
    • Domestic or international
    • Size / # employees
    • Industry
    • Region (US / non-US)
  • Do they have a degree in cybersecurity or a related field (if so what)?
  • What university did they attend?

 Back to top of page

Fundamentals of IS Audit & Assurance

Course Description

The Fundamentals of IS Audit and Assurance Course will introduce the essential components and steps needed to perform an information system (IS) audit, and gain a basic understanding of audit objectives and controls. To address the evolving role of the IS auditor within an enterprise and how it integrates into the audit function, the course will approach an audit from a business perspective, focusing on organizational risks that occur from the use of IT and how to mitigate them to provide assurance. This foundational-level course will also provide an overview of some IT audit tools and techniques used to plan, perform, and manage an IS audit.

Level: Beginner to Intermediate

Learning Objectives

  • Learn basic IS audit and assurance concepts and the elements of the engagement
  • Understand IT Risk and related controls, and how they impact an enterprise and its information assets
  • Understand how IS audit and assurance ties into the overall governance process
  • Apply IS audit and assurance standards, guidelines, tools and techniques
  • Perform a risk-based IS audit:
    • Plan IS audit activities
    • Prepare, test and document results
    • Report results and communicate with stakeholders
    • Perform follow up and close activities
  • Understand the impact and considerations for local, state, country, international and industry regulations in determining the audit approach

Target Audience

  • Internal and external, IS and non-IS auditors
  • Assurance, risk and compliance professionals who need to understand technology related controls
  • IT Managers and Business Managers responsible for audit coordination and support
  • Any IT Professional who coordinates, supports, or is involved in assurance activities

 Back to top of page

Foundations of IT Risk Management

Course Description

Effective management of IT-related business risk has become an essential part of IT governance. A comprehensive understanding of how information technology affect business objectives is essential in today’s business environment. Leading the drive to help enterprises mitigate risks, ISACA has developed a fundamental IT Risk Management training course that is applicable to all IT and business professionals.

The IT Risk Management training course provides an in-depth view of IT related business risk management and the methodology that includes risk identification, evaluation and response. The course describes the principles of IT risk management, the responsibilities and accountability for IT risk, how to build risk awareness, and how to communicate risk scenarios, business impact and key risk indicators. Included in the course is the opportunity to create a business focused, process oriented and measurement driven risk response plan.

Level: Beginner

Learning Objectives

  • Describe the principles and methodology of IT risk management
  • Recognize how a strong framework can help achieve best practices in IT risk management (common language, good structure, sense of completeness, etc…)
  • Discuss aspects of risk culture and how they affect risk management
  • Define and describe overall environment (risk universe) that will be subject to IT risk management
  • Apply the concepts of IT risk management methodologies to realize business benefits and outcomes
  • Discuss risk appetite and risk tolerance concepts and how they are important for IT risk management
  • Discuss the concept of risk profile and how it can be used
  • Identify operational and implementation issues
  • Differentiate between loss, threat and vulnerability events
  • Determine what data to collect and where to collect it to monitor and respond to risk
  • Discuss several methods to describe impact and magnitude of IT events in business-related terms
  • Understand key risk indicators and key performance indicators
  • Enable an informed risk response
  • Describe risk responses suitable for different risk scenarios
  • Develop risk response plans for your enterprise

Target Audience

  • Business managers
  • Risk manager
  • Information security managers
  • IT managers

 Back to top of page

COBIT 5: Strategies for Implementing IT Governance

Course Description

Learn how COBIT 5 is used to promote effective alignment of IT with business goals in the management of value delivery and risk mitigation. Integrating research by the IT Governance Institute (ITGI) and ISACA's COBIT education courses, this comprehensive program highlights IT issues, governance concepts, risk management and control. It uses the most current COBIT information, as well as supporting components and related tools, to provide guidance in implementing an IT governance process. Lecture, discussion, case studies and exercises are used to help the participant understand the proper techniques.

Level: Beginner to Intermediate

Learning Objectives

At the conclusion of this workshop, you will be able to:

  • Understand the major drivers for the development of a framework
  • Recognize the business benefits of using COBIT 5
  • Describe the COBIT 5 product architecture
  • Identify the IT management issues and challenges that affect enterprises
  • Define the 5 Key Principles of COBIT 5 for the governance and management of enterprise IT
  • Realize how COBIT 5 enables IT to be governed and managed in a holistic manner for the entire enterprise.
  • Understand the key concepts in a Process Capability Assessment and the key attributes of the COBIT 5 PAM (Process Assessment Model)
  • Recognize how the COBIT 5 processes and the Process Reference Model (PRM) help guide the creation of the 5 Principles and the 7 Governance and Management Enablers
  • Implement IT governance utilizing tools, publications and approaches identified in the COBIT 5 family of products
  • Utilize a case study to:
    • Understand the COBIT5 implementation model
    • Apply areas learned in the COBIT5 Foundation Course in a scenario format
    • Gain an appreciation for the utility and applicability of the various tools and techniques and how they can be used in your organizations

Target Audience

  • Users new to COBIT, who want to learn more about COBIT 5
  • All core IT professionals working in audit, assurance, risk, security and governance

 Back to top of page

32 Hours
Earn up to 32 CPE Hours!

Course Duration: 4 days
CPE: up to 32
Course hours: Monday-Thursday, 8:30AM-5PM
Registration hours: Monday, 7:30AM-12PM

Attendance at all ISACA Training Week Courses include the following:

  • 4-day instructor-led training course
  • Course materials
  • Continental breakfasts
  • Morning and afternoon coffee breaks
  • Lunches daily

Dinners, travel, hotel and parking accommodations are the responsibility of the attendee and are not included in the cost of the course registration.

Go Green

Early Bird Cost: $2,095 members / $2,295 nonmembers before 12 October 2017
Cost: $2,295 members / $2,495 nonmembers
Cancellation Deadline: 30 October 2017

Payment Methods

Choose one of these easy ways to pay

  1. Pay online at
  2. Mail your payment to: ISACA, 1055 Paysphere Circle, Chicago, IL 60674 USA
  3. Bank Wires—send electronic payments in US dollars to:
    Bank of America, 135 S. LaSalle St., Chicago, IL 60603
    ABA #0260-0959-3
    ISACA Account #22-71578
    S.W.I.F.T. code BOFAUS3N
    [Please include attendee’s name and ISACA Training Week on the Advice of Transfer.]

Event Registration Policy

Registration submissions for this event are not processed, and a seat is not confirmed or reserved, until full payment is received. All submissions not paid in full will be placed on a waitlist and priority will be given to paid registrants in a payment first-come, first-serve basis. Space is limited, so it is highly recommended that payment is provided at the time of submission to guarantee a seat within all related events.

Registration rate is determined based on the date payment is received by ISACA HQ and current membership status. Please plan accordingly, as it may take 10 or more business days for a wire transfer or mailed check to reach ISACA. Should we receive payment after a registration rate deadline, your account will be adjusted to reflect the current due amount. Entrance to the event is contingent upon full payment.

Course materials are not guaranteed to those who register on site or fail to submit payment two weeks prior to the event.

Cancellation Policy

If your plans change and you won’t be able to attend this course, contact us by phone, fax or e-mail to cancel your registration. All cancellations must be received by the cancellation deadline to receive a refund of registration fees. A cancellation charge of US $150 will be subtracted from refunds. No refunds can be given after the cancellation deadline. Attendee substitution is permitted at any time until the event. If, for any reason, ISACA must cancel a course or event, liability is limited solely to the registration fees paid. ISACA is not responsible for other expenses incurred, including travel and accommodation fees. For more information regarding administrative policies, please contact ISACA’s Training & Education Department at

Continuing Professional Education Credits

To maintain ISACA certifications, certification holders are required to earn 120 CPE credit hours over a 3-year period in accordance with ISACA’s continuing professional education (CPE) policy. Attendees can earn up to 32 CPE credits by attending the four-day ISACA Training Week Course. ISACA training week courses are Group Live and do not require any advanced preparation.

ISACA is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website:

National Registry of CPE Sponsors
150 Fourth Ave North
Suite 700
Nashville, Tennessee 37219-2417

Disclaimer Policy

ISACA reserves the right to alter or delete items from the program in the event of unforeseen circumstances. Material has been prepared for the professional development of ISACA members and others in the IT audit, control, security, and governance community. Neither the presenters nor ISACA can warrant that the use of material presented will be adequate to discharge the legal or professional liability of the members in the conduct of their practices. All materials used in the preparation and delivery of presentations on behalf of ISACA are original materials created by the speakers, or otherwise are materials which the speakers have all rights and authority to use and/or reproduce in connection with such presentation and to grant the rights to ISACA as set forth in speaker agreement. Subject to the rights granted in the speaker agreement, all applicable copyrights, trade secrets, and other intellectual property rights in the materials are and remain with the speakers.

Please note: Unauthorized recording, in any form, of presentations and workshops is prohibited.

Not a member of ISACA? Join today!

When you register for the event as a nonmember, the difference between member and nonmember event fees can be applied towards ISACA membership. This means you can become a member at the international and chapter level for little to no additional cost; it just depends on your local chapter dues. To take advantage of this great offer, click on the "Click here to join now" link in your event registration shopping cart. For more information about ISACA membership, visit the web site at or contact the membership department at

Permission to be Photographed

By attending this event, the registrant grants permission to be photographed during the event. The resultant photographs may be used by ISACA for future promotion of ISACA’s educational events on ISACA’s web site and/or in printed promotional materials, and by attending this event, the registrant consents to any such use. The registrant understands any use of the photographs will be without remuneration. The registrant also waives any right to inspect or approve the aforementioned use of any photographs now or in the future.


Business casual is appropriate for all training events.


Obtaining a VISA is solely the responsibility of the registrant. Please contact the local government of the host country for details. Once a paid registration is received, a letter of invitation will be provided by ISACA, on request.

Course location

The Scott Resort & Spa | Classic Hotels & Resorts
4925 N Scottsdale Rd
Scottsdale, AZ 85251


ISACA 2017 Training Week
We have a rate of $189 with The Scott.