CISA®—Certified Information Systems Auditor

CISA is the globally recognized gold standard for IS audit, control, and assurance, in demand and valued by leading global brands. It’s often a mandatory qualification for employment as an IT auditor. CISA holders have validated ability to apply a risk-based approach to planning, executing and reporting on audit engagements.

CISAs are recognized internationally as professionals with the assurance knowledge, skills, experience and credibility necessary to leverage standards, manage vulnerabilities, ensure compliance, offer solutions, validate controls and deliver value to the enterprise. The increased dependence on technology and information ensures that CISA certification-holders will continue to be in demand for assurance and security functions.

Early to mid-career professionals looking to gain recognition and enhanced credibility in interactions with internal and external stakeholders, regulators, and customers. Job roles include:

• IT Audit Directors/Managers/Consultants
• IT and Internal Auditors
• Compliance/Risk/Privacy Directors
• IT Directors/Managers/Consultants

• Process of Auditing Information Systems;
• Governance and Management of IT;
• Information Systems Acquisition, Development and Implementation;
• Information Systems Operations, Maintenance and Service Management;
• Protection of Information Assets

To qualify for CISA, you must have 5 years of information systems auditing, control, assurance or security work experience within the past 10 years of the application submission date.

If you do not meet the 5-year experience requirements you may also opt to submit waivers for experience (up to a maximum of 3 years) as it is specified in the CISA Application form.

Domain 1: Information Systems Auditing Process

 • IS Audit Standards, Guidelines and Codes of Ethics

• Risk-based Audit Planning

• Types of Audits and Assessments Execution

• Data Analytics

 • Reporting and Communication Techniques

 • Quality Assurance and Improvement of the Audit Process

 Domain 2: Governance and Management of IT, IT Governance and IT Strategy

• IT-related Frameworks

• Organizational Structure

• Laws, Regulations and Industry Standards Affecting the Organization IT Management

 • IT Resource Management

• IT Service Provider Acquisition and Management

• IT Performance Monitoring and Reporting

 • Quality Assurance and Quality Management of IT

Domain 3: Information Systems Acquisition, Development and Implementation Information Systems Acquisition and Development

• Project Governance and Management

• System Development Methodologies

• Testing Methodologies

• Post-implementation Review

 Domain 4: Information Systems Operations and Business Resilience Information Systems Operations

• System Interfaces

• Data Governance

 • Systems Performance Management

 • Problem and Incident Management

 • Change, Configuration, Release and Patch Management

• IT Service Level Management

• Database Management

Business Resilience

• Business Impact Analysis

• Data Backup, Storage and Restoration

 • Business Continuity Plan

 • Disaster Recovery Plans

 Domain 5: Information Asset Security Frameworks, Standards and Guidelines

 • Privacy Principles

• Identity and Access Managementt

• Data Encryption and Encryption-related Techniques

• Web-based Communication Technologies

• Mobile, Wireless and Internet-of-things Devices

Security Event Management

 • Security Awareness Training and Programs

 • Information System Attack Methods and Techniques

• Security Testing and Monitoring Tools and Techniques

• Incident Response Management

• Evidence Collection and Forensics

• Official ISACA training material:

Review Manual which is a comprehensive reference guide designed to help individuals prepare for the CISA exam and understand the roles and responsibilities of an information systems (IS) auditor.

QAE (Questions, Answers & Explanations) where each question and answer set includes in-depth explanations for each answer choice, allowing the learner to fully understand the rationale behind each correct—and incorrect—answer choice.

• Examination voucher

• Exam Duration : 4 Hours
• Exam Format : Multiple Choices
• Number of Questions : 150 Questions

For further information you can view the Exam Guide here

• For the self-study method, included in the price will be the Online Review Course and Exam voucher.