Mastering CISA Domain 2: Governance & Management of IT for 2025

In this comprehensive video, we dive into CISA Domain 2: Governance & Management of IT for the 2025 exam, breaking down crucial aspects like IT governance, regulatory compliance, data privacy, and enterprise risk management. This domain is essential for 27 exam questions and represents 18% of the CISA certification, and understanding it deeply is key to acing the exam. 00:00 - 01:23 - Introd 01:23 - 02:21 - Quest 03:01 - 05:33 - (GRC) 05:33 - 10:32 - What does GRC stands for? 10:32 - 15:01 - Integration 15:01 - 18:28 - Why GRC is required in the Organization? 18:28 - 21:42 - IT Governance Overview 21:42 - 26:30 - Laws, Regulations and Industry Standards 26:30 - 28:29 - Key Regulations Laws by the Country 28:29 - 29:57 - IT Audit 29:57 - 33:32 - IT Governance 33:32 - 34:21 - First Part Summary 34:21 - 36:14 - Regulatory Compliance 36:14 - 38:40 - (GRC) 38:40 - 39:15 - Implementation of GRC 39:15 - 39:41 - Second 39:41 - 41:35 - Corporate Governance 41:35 - 43:39 - Importance of Corporate Governance 43:39 - 43:55 - Third Summary 43:55 - 46:36 - (EGIT) 46:36 - 47:57 - EGIT Implementation & Framework 47:57 - 49:26 - EGIT vs. IT Management 49:26 - 50:00 - Key Issues in EGIT 50:00 - 51:03 - Role of Audit in 51:03 - 53:50 - Three Lines 53:50 - 54:44 - Good Practices 54:44 - 55:11 - Summary 55:11 - 52:28 - Information Security 58:28 - 01:02:18 - Components 01:02:18 - 01:05:21 - Practical Example 01:05:21 - 01:11:08 - How things works in the Organization 01:11:08 - 01:13:53 - Information Security Development 01:13:53 - 01:15:37 - What is Management 01:15:37 - 01:16:46 - Planning 01:16:46 - 01:17:48 - Organization 01:17:48 - 01:20:33 - information Security Governance Framework 01:20:33 - 01:21:53 - Information Security Governance 01:21:53 - 01:22:18 - Governance & Security 01:22:18 - 01:22:54 - Summary 01:22:54 - 01:25:22 - IT Strategic Planning 01:25:22 - 01:26:29 - IT Strategy 01:26:29 - 01:28:53 - Business Intelligence (BI) 01:28:53 - 01:29:35 - Key Benefits of BI 01:29:35 - 01:30:18 - BI in IT Audits 01:30:18 - 01:30:57 - Summary 01:30:57 - 01:35:03 - Data Architecture and Enterprise Data Flow (EDFA) 01:35:03 - 01:36:52 - IT Strategy vs. IT Steering Committee 01:36:52 - 01:38:01 - IT Steering Committee 01:38:01 - 01:38:34 - IT Organization Structure 01:38:34 - 01:40:18 - Data Ownership and Responsibilities 01:40:18 - 01:41:02 - Data Users and Authorization 01:41:02 - 01:43:47 - Outsourcer Management 01:43:47 - 01:44:48 - Key Point 01:43:48 - 01:45:30 - Roles 01:45:30 - 01:46:44 - Database Security 01:46:44 - 01:47:48 - Roles 01:47:48 - 01:48:06 - Separation of Duties (SoD) 01:48:06 - 01:49:53 - Risks of Inadequate SoD 01:49:53 - 01:50:55 - Potential IT Governance 01:50:55 - 01:52:09 - Reviewing IT Documentation 01:52:09 - 01:53:21 - IT Policies, Standards and Procedures 01:53:21 - 01:54:26 - Information Security Policy 01:54:26 - 01:55:13 - Infosec Policy 01:55:13 - 01:55:51 - Standards, Procedures and Guidelines 01:55:51 - 02:00:07 - Enterprise Architecture 02:00:07 - 02:02:03 - (ERM) 02:02:43 - 02:03:47 - (ERM) 02:03:47 - 02:04:07 - It Risk Management 02:04:07 - 02:05:03 - Risk Response strategies 02:05:03 - 02:06:26 - Privacy Documentation 02:06:26 - 02:07:01 - How Privacy Notices 02:07:01 - 02:08:10 - Privacy Notice 02:08:10 - 02:09:01 - Data Privacy 02:09:01 - 02:10:13 - Documentation 02:10:13 - 02:11:17 - Training Documentation 02:11:17 - 02:11:37 - Data Incident Register 02:11:37 - 02:12:06 - Privacy Audits and Compliance 02:12:06 - 02:14:10 - Transborder 02:14:43 - 02:15:00 - Questions 02:15:05 - 02:16:22 - IT Resource Management 02:16:22 - 02:16:47 - Value of the IT Investments 02:16:47 - 02:17:53 - IT Portfolio Management 02:17:53 - 02:18:32 - IT Management Practices 02:18:32 - 02:20:41 - HR Practices 02:20:41 - 02:23:16 - Change Management 02:23:16 - 02:24:32 - Financial Management Practices 02:24:32 - 02:25:09 - Software Expenses vs Capitalization 02:25:09 - 02:27:46 - Cloud Governance 02:27:46 - 02:28:51 - Governance in Outsourcing 02:28:51 - 02:29:31 - Cloud Security 02:29:31 - 02:30:16 - Business Alignment 02:30:16 - 02:30:46 - IS Auditor’s Role 02:20:46 - 02:32:15 - Third-Party Service Delivery 02:32:15 - 02:32:58 - Changes to Third - Party Service 02:32:58 - 02:33:50 - IT Performance Monitoring 02:33:50 - 02:36:37 - KPI, KCI and KRI 02:36:37 - 02:37:23 - (KPI’s) 02:37:23 - 02:37:55 -(KRI’s) 02:37:55 - 02:38:41 - Performance Optimization 02:38:41 - 02:39:23 - Critical Success Factors (CSFs) 02:39:23 - 02:43:32 - (BSC) 02:43:32 - 02:44:34 - QA) vc l (QC) 02:44:34 - 02:45:04 - IT Quality Management CISA Domain 1:https://www.youtube.com/watch?v=NfYB5_AnlTg&t=1s CISA Domain 2 : https://www.youtube.com/watch?v=oP5rzeEbn8g CISA Domain 3 : https://www.youtube.com/watch?v=0MtFtGnDRt4 CISA Domain 4 :https://youtu.be/60yKNUND2MQ CISA Domain 5 Part 1 : https://youtu.be/0GtLPwY_cUk CISA Domain 5 Part 2 : https://youtu.be/CO4KhMWJMjg #isaca #cybersecurity #cisa