Certified Information Systems Auditor (CISA)

Show your expertise and demonstrate your skills by applying a risk-based approach to audit planning, implementation and reporting.

Course duration

Five days

Course objectives

CISA certification qualifies professionals to evaluate IT and business systems, apply risk management to audit assignments, and ensure that IT solutions are aligned with organisational requirements. It covers IS audits, IT governance, system development, operations management and information security.

Course overview

Certified Information Systems Auditor (CISA) certification is internationally recognised and represents a standard for anyone tasked with auditing, controlling, monitoring and evaluating an organisation’s IT and business systems. The course is aimed at mid-career professionals and enables them to showcase their expertise and demonstrate their skills by applying a risk-based approach to the planning, implementing and reporting audit assignments. CISA training is beneficial for ensuring that IT solutions align with organisational requirements and objectives.

The course focuses on five main areas: IS audit process; IT governance and management; IS acquisition, development and implementation; IS operations, maintenance and support; and protection of information assets. These areas are divided into subareas covering various topics, including risk analysis, internal controls, IT governance, project management, security policy and disaster recovery.

The course provides an appropriate balance between theory and discussion to ensure that participants understand the concepts and apply them effectively.

Target group

The main target group for the CISA course is mid-career professionals working in the following areas:

1. IT audits: professionals who audit, control, monitor and evaluate an organisation's IT and business systems.
2. Risk management: individuals tasked with applying a risk-based approach to the planning, implementation and reporting of audit engagements.
3. IT governance: professionals tasked with evaluating the effectiveness of IT governance structures, organisational structures, HR management and policies to determine whether they support the organisation's strategies and objectives.
4. System development and implementation: individuals tasked with evaluating practices for acquiring, developing, testing and implementing information systems.
5. IT operations, maintenance and support: professionals tasked with ensuring that the processes for information systems operations maintenance and help meet the organisation's strategies and objectives.
6. Information security: individuals tasked with evaluating the organisation's security policies, standards, procedures and controls to ensure the confidentiality, integrity and availability of information assets.