Course description

CISA training leads to the understanding and practice of auditing, governance, protection and controlling of information systems. Upon completion of the training, delegates will know and understand:
  • the audit function and its role in an organisation;
  • goals and objectives of IT audit and its role in internal control system;
  • importance of ISACA IS Audit and Assurance Standards and Guidelines;
  • techniques of audit planning and audit performance, gathering of audit-related information and audit evidence;
  • risk / audit relationship;
  • how to survey IS controls;
  • audit and evaluation of the effectiveness of IT internal control system (IT function management, operation and support);
  • the basics of information risk management and audit of information security;
  • the use of ISACA and industry audit tools and resources;
  • how to prepare for CISA exam.

Course content

The course contents associated with our CISA training consist of five domains. Each domain defines key audit tasks and skillset required to execute such tasks. Domain 1 – The process of auditing information systems
  • IT-audit: definition, basic concepts, goals and objectives;
  • Overview of standards, tools and approaches used in IT audit;
  • Risk assessment within audit process;
  • Techniques of planning and management of the audit process;
  • Collection of the information and audit evidence.
Domain 2 – Governance and Management of IT
  • IT strategy, policies, standards and procedures;
  • Risk management within organisation;
  • IT governance, organisational structure and segregation of duties;
  • Maturity and process improvement models;
  • IS management practices;
  • Business continuity planning;
Domain 3 – System and Infrastructure Lifecycle Management
  • Project management practices;
  • Methodology and tools for software development;
  • Configuration and releases management;
  • Data migration and information systems implementation;
  • Goals and practices of system launch quality assessment.
Domain 4 – Information systems operations, maintenance and support
  • Practices in IT services management and operational management;
  • Planning and capacity management;
  • Problems and indent management;
  • Disaster recovery planning and plans testing.
Domain 5 – Protection of Information Assets
  • Information security controls;
  • Access management;
  • IT infrastructure security;
  • Physical security.

Course Objectives

  • The Process of Auditing Information Systems
  • Governance & Management of IT
  • Information Systems Acquisition, Development, and Implementation
  • Information Systems Operations, Maintenance, and Support
  • Protection of Information Assets

Target audience

  • Information Security Officers
  • IT Security Auditor
  • System Auditor

Location / Delivery

  • Classroom

Start date

  • November 18, 2019


  • 5 days


  • £1,000.00 £1,200.00