Hero Banner

Certified Information Systems Auditor (CISA)

Comprehensive training to prepare for the CISA Certification

We have trained over 750 organizations including:

Learn everything you need to know for succeeding in the CISA Exam

Get practice for the exam with 2 CISA practice tests

Course material created by ISACA Authorised Instructor

Comprehensive course with high success rates amongst past students

CISA is world renowned as the gold standard of achievement for IS audit control, assurance, and security professionals. This course is aimed at explaining all the key concepts that are necessary for a candidate appearing for the CISA Certification exam. 

Benefits of the CISA Course

  • Comprehensive course preparing candidates for the renowned CISA certification
  • Offers a broad view of key aspects of information systems auditing 
  • Brushes up all key concepts for those looking to build a career in auditing 

Highlights of the Course

  • 5 domains with multiple sections; Summary & Exam Tips as well as PDFs with each domain 
  • CISA Cheat Sheet for easy exam prep, 2 full CISA exam practice tests and downloadable study notes 
  • Access to course content for 12 months 


CISA Learning Objectives:

Upon completing the CISA training course, delegates will, with or without additional support, be able to: 

    • Develop and implement a risk-based IS audit strategy for the organisation.
    • Plan, conduct, communicate and advise on specific audits to ensure IT and business systems are protected and controlled. 
    • Implement Risk Management and Control practices. 
    • Describe evidence lifecycle management (collection, protection and chain of custody).
    • Discuss evolving auditing principles - CSA (Continuous self assessment and continuous audit techniques).
    • Discuss control frameworks (e.g. COBIT, COSO, ISO 27001) and control improvement models (e.g. CMM, BSCs). 
    • Evaluate IT Operations management, database administration practices, business continuity and disaster recovery capabilities.
    • Evaluate the use of change, configuration and release management practices to ensure production changes are adequately controlled.
    • Evaluate the design, implementation and monitoring of logical access controls, network infrastructure security controls, physical and environmental controls, encryption controls.

New call-to-action

Target audience

The CISA Certification is required for everyone who manages, monitors, or evaluates an organisation's information technology and business systems. Individuals may wish to become CISA certified depending on their own professional aspirations or personal ambitions. 

Further, delegates have the option to take as few or as many Intermediate qualifications as they require. The following is an indicative list of those who may want to undergo the course and sit for the CISA examination:  

  • IS/IT auditors/consultants
  • IT Compliance Managers
  • Chief Compliance Officers
  • Chief Risk & Privacy Officers
  • Security heads/directors
  • Security managers/architects


CISA Course Domains

Domain 1 - Information Systems Audit Process
  • Developing a risk-based IT audit strategy
  • Planning specific audits
  • Conducting audits to IS audit standards
  • Implementation of risk management and control practices
Domain 2 - IT Governance and Management
  • Effectiveness of IT Governance structure
  • IT organisational structure and human resources (personnel) management
  • Organisation’s IT policies, standards, and procedures
  • Adequacy of the Quality Management System
  • IT management and monitoring controls
  • IT resource investment
  • IT contracting strategies and policies
  • Management of organisations IT-related risks
  • Monitoring and assurance practices
  • Organisation business continuity plan
Domain 3 - Information Systems Acquisition, Development, and Implementation
  • Business case development for IS acquisition, development, maintenance, and retirement
  • Project management practices and controls
  • Conducting reviews of project management practices
  • Controls for requirements, acquisition, development, and testing phases
  • Readiness for Information Systems
  • Project Plan Reviewing
  • Post Implementation System Reviews
Domain 4: Information Systems Operations, Maintenance, and Support
  • Conduct periodic reviews of organisational objectives
  • Service level management
  • Third party management practices
  • Operations and end-user procedures
  • Process of information systems maintenance
  • Data administration practices that determine the integrity and optimisation of databases
  • Use of capacity and performance monitoring tools and techniques
  • Problem and incident management practices
  • Change, configuration, and release management practices
  • Adequacy of backup and restore provisions
  • Organisation’s disaster recovery plan in the event of a disaster
Domain 5: Protection of Information Assets
  • Information security policies, standards and procedures
  • Design, implementing, monitoring of system and logical security controls
  • Design, implementing, monitoring of data classification processes and procedures
  • Design, implementing, monitoring of physical access and environmental controls
  • Processes and procedures to store, retrieve, transport and dispose of information assets

Meet the Trainer 


Abhinav Goyal is an auditing and risk consulting expert with over 14 years Abhi Photoof experience with top investment banks and the Big 4 professional services firms. He has worked across the organisation’s three lines of defense, specializing in technology risk and controls. Abhinav has served in multiple roles as IT Internal Auditor, Cloud Security Consultant, Information Security Manager and IT External Auditor.  

With an MBA in Finance and a bachelor’s degree in Computer Science and Engineering with CISA/ CISSP/ ISO 27001 LA, Abhinav also has certifications like CISM, CRISC, CCSK to his credit.  Abhinav is also an avid CISSP/ CISA/ InfoSec blog writer. He is a professional trainer and is an APMG, BCS, PECB approved instructor. He enjoys the occasional speaking engagements and welcomes opportunities to share his experiences with a vision to giving back to the industry and community.

All trademarks, service marks, trade names, product names, service names and logos appearing on the site, or on printed or digital material are the property of their respective owners, including in Cyber Management Alliance Ltd. Any rights not expressly granted herein are reserved.

Certified Information Security Auditor - CISA Certification 

Find out more about our one day public courses or internal workshops, please complete the form below. 

  • callOr call us on:
  • +44 (0) 203 189 1422