Certified Information Systems Auditor Prep Course (CISA)


The ISACA Certified Information Systems Auditor (CISA) certification has become the gold standard of excellence is IS auditing, control, and security.  The CISA certification is also one of the most difficult to achieve, so attending a prep course is essential.

The CISA exam is offered three times each year (June, September, and December), consists of 200 multiple-choice questions, and is focused on the five domains defined by ISACA.  Please note that students apply and schedule the CISA Certification Exam directly with ISACA.

Target Audience

IS audit, control, assurance, and security professionals, including IT consultants, auditors, managers, security policy writers, privacy officers, information security officers, network administrators, security device administrators, and security engineers, who have five years 


Systems administration experience, familiarity with TCP/IP, and an understanding of UNIX, Linux, and Windows. This advanced course also requires intermediate-level knowledge of the security concepts covered in our Security+ Prep Course.

Course Objectives

In-depth coverage of the five domains required to pass the CISA exam:

  • The Process of Auditing Information Systems
  • Governance and Management of IT
  • Information Systems Acquisition, Development, and Implementation
  • Information Systems Operations, Maintenance, and Support
  • Protection of Information Assets

Course Outline

Module 1: Testing-Taking Tips and Study Techniques

  • Preparation for the CISA Exam
  • Submitting Required Paperwork
  • Resources and Study Aids
  • Passing the Exam the First Time
Module 2: The Audit Process
  • Risk
  • Audit
  • Standards and Guidelines
Moduel 3: IT Governance
  • Best Practices
  • Management Practices
  • Roles and Responsibilities
Module 4: Lifecycle Management
  • Project Management
  • Business Application Development
  • Information Systems Maintenance Practices
Module 5: System Infrastructure Control
  • Auditing Application Controls
  • Application System Development
  • Business Application Systems
Module 6: Information Systems Hardware and Architecture
  • Information Systems Operations
  • Information Systems Hardware
  • SDLC
  • Databases
Module 7: Information Systems Used for IT Delivery and Support
  • OSI
  • TCP/IP Model
  • Routers/Switches/Hubs
  • Firewalls
  • Wireless
  • WAN Technologies - X.25/Frame Relay/PPP/ISDN/DSL/Cable
Module 8: Protection of Logical Assets
  • CIA
  • Roles and Responsibilities - RACI
  • Asset Management
  • Taxonomy - Information Classification
  • Risk Management
  • Policies, Procedures, Standards, Guidelines, Baselines
  • Knowledge Transfer - Awareness, Training, Education
Module 9: Physical Security
  • Environmental Protection Practices
  • Physical Authentication
  • Policies and Procedures
Module 10: Business Continuity and Disaster Recovery
  • BIA Policy
  • BIA Roles and Teams
  • Data Backups, Vaulting, Journaling, Shadowing
  • Alternate Sites
  • Emergency Response
  • Required Notifications
  • BIA Tests
Module 11: Review and Q&A Session
  • Final Review and Test Prep

SLI Main Menu