In this comprehensive video, we dive into CISA Domain 2: Governance & Management of IT for the 2025 exam, breaking down crucial aspects like IT governance, regulatory compliance, data privacy, and enterprise risk management. This domain is essential for 27 exam questions and represents 18% of the CISA certification, and understanding it deeply is key to acing the exam.
00:00 - 01:23 - Introd
01:23 - 02:21 - Quest
03:01 - 05:33 - (GRC)
05:33 - 10:32 - What does GRC stands for?
10:32 - 15:01 - Integration
15:01 - 18:28 - Why GRC is required in the Organization?
18:28 - 21:42 - IT Governance Overview
21:42 - 26:30 - Laws, Regulations and Industry Standards
26:30 - 28:29 - Key Regulations Laws by the Country
28:29 - 29:57 - IT Audit
29:57 - 33:32 - IT Governance
33:32 - 34:21 - First Part Summary
34:21 - 36:14 - Regulatory Compliance
36:14 - 38:40 - (GRC)
38:40 - 39:15 - Implementation of GRC
39:15 - 39:41 - Second
39:41 - 41:35 - Corporate Governance
41:35 - 43:39 - Importance of Corporate Governance
43:39 - 43:55 - Third Summary
43:55 - 46:36 - (EGIT)
46:36 - 47:57 - EGIT Implementation & Framework
47:57 - 49:26 - EGIT vs. IT Management
49:26 - 50:00 - Key Issues in EGIT
50:00 - 51:03 - Role of Audit in
51:03 - 53:50 - Three Lines
53:50 - 54:44 - Good Practices
54:44 - 55:11 - Summary
55:11 - 52:28 - Information Security
58:28 - 01:02:18 - Components
01:02:18 - 01:05:21 - Practical Example
01:05:21 - 01:11:08 - How things works in the Organization
01:11:08 - 01:13:53 - Information Security Development
01:13:53 - 01:15:37 - What is Management
01:15:37 - 01:16:46 - Planning
01:16:46 - 01:17:48 - Organization
01:17:48 - 01:20:33 - information Security Governance Framework
01:20:33 - 01:21:53 - Information Security Governance
01:21:53 - 01:22:18 - Governance & Security
01:22:18 - 01:22:54 - Summary
01:22:54 - 01:25:22 - IT Strategic Planning
01:25:22 - 01:26:29 - IT Strategy
01:26:29 - 01:28:53 - Business Intelligence (BI)
01:28:53 - 01:29:35 - Key Benefits of BI
01:29:35 - 01:30:18 - BI in IT Audits
01:30:18 - 01:30:57 - Summary
01:30:57 - 01:35:03 - Data Architecture and Enterprise Data Flow (EDFA)
01:35:03 - 01:36:52 - IT Strategy vs. IT Steering Committee
01:36:52 - 01:38:01 - IT Steering Committee
01:38:01 - 01:38:34 - IT Organization Structure
01:38:34 - 01:40:18 - Data Ownership and Responsibilities
01:40:18 - 01:41:02 - Data Users and Authorization
01:41:02 - 01:43:47 - Outsourcer Management
01:43:47 - 01:44:48 - Key Point
01:43:48 - 01:45:30 - Roles
01:45:30 - 01:46:44 - Database Security
01:46:44 - 01:47:48 - Roles
01:47:48 - 01:48:06 - Separation of Duties (SoD)
01:48:06 - 01:49:53 - Risks of Inadequate SoD
01:49:53 - 01:50:55 - Potential IT Governance
01:50:55 - 01:52:09 - Reviewing IT Documentation
01:52:09 - 01:53:21 - IT Policies, Standards and Procedures
01:53:21 - 01:54:26 - Information Security Policy
01:54:26 - 01:55:13 - Infosec Policy
01:55:13 - 01:55:51 - Standards, Procedures and Guidelines
01:55:51 - 02:00:07 - Enterprise Architecture
02:00:07 - 02:02:03 - (ERM)
02:02:43 - 02:03:47 - (ERM)
02:03:47 - 02:04:07 - It Risk Management
02:04:07 - 02:05:03 - Risk Response strategies
02:05:03 - 02:06:26 - Privacy Documentation
02:06:26 - 02:07:01 - How Privacy Notices
02:07:01 - 02:08:10 - Privacy Notice
02:08:10 - 02:09:01 - Data Privacy
02:09:01 - 02:10:13 - Documentation
02:10:13 - 02:11:17 - Training Documentation
02:11:17 - 02:11:37 - Data Incident Register
02:11:37 - 02:12:06 - Privacy Audits and Compliance
02:12:06 - 02:14:10 - Transborder
02:14:43 - 02:15:00 - Questions
02:15:05 - 02:16:22 - IT Resource Management
02:16:22 - 02:16:47 - Value of the IT Investments
02:16:47 - 02:17:53 - IT Portfolio Management
02:17:53 - 02:18:32 - IT Management Practices
02:18:32 - 02:20:41 - HR Practices
02:20:41 - 02:23:16 - Change Management
02:23:16 - 02:24:32 - Financial Management Practices
02:24:32 - 02:25:09 - Software Expenses vs Capitalization
02:25:09 - 02:27:46 - Cloud Governance
02:27:46 - 02:28:51 - Governance in Outsourcing
02:28:51 - 02:29:31 - Cloud Security
02:29:31 - 02:30:16 - Business Alignment
02:30:16 - 02:30:46 - IS Auditor’s Role
02:20:46 - 02:32:15 - Third-Party Service Delivery
02:32:15 - 02:32:58 - Changes to Third - Party Service
02:32:58 - 02:33:50 - IT Performance Monitoring
02:33:50 - 02:36:37 - KPI, KCI and KRI
02:36:37 - 02:37:23 - (KPI’s)
02:37:23 - 02:37:55 -(KRI’s)
02:37:55 - 02:38:41 - Performance Optimization
02:38:41 - 02:39:23 - Critical Success Factors (CSFs)
02:39:23 - 02:43:32 - (BSC)
02:43:32 - 02:44:34 - QA) vc l (QC)
02:44:34 - 02:45:04 - IT Quality Management
CISA Domain 1:https://www.youtube.com/watch?v=NfYB5_AnlTg&t=1s
CISA Domain 2 : https://www.youtube.com/watch?v=oP5rzeEbn8g
CISA Domain 3 : https://www.youtube.com/watch?v=0MtFtGnDRt4
CISA Domain 4 :https://youtu.be/60yKNUND2MQ
CISA Domain 5 Part 1 : https://youtu.be/0GtLPwY_cUk
CISA Domain 5 Part 2 : https://youtu.be/CO4KhMWJMjg
#isaca #cybersecurity #cisa