CISA® Boot Camp

Approved courseware

Industry expert trainers

28 study hours

Quizzes & workshops

Practice exams

CISA-Logo

Overview

The Certified Information Systems Auditor® (CISA) certification by ISACA is one of the important credentials practitioners can pursue to advance their IT career. Designed for entry-level and mid-career professionals, this qualification testifies to their ability to plan, execute, and report on audit engagements while applying a risk-based approach. This, in turn, makes them valuable assets while assessing vulnerabilities, reporting on compliance, and validating controls.

The CISA® Boot Camp will prepare you for the certification examination as well as develop your knowledge and skill on Information Systems Auditing Process, Governance and Management of IT, Information Systems Acquisition, Development and Implementation, Information Systems Operations and Business Resilience, and Protection Of Information Assets.

Learning Objectives

In addition to preparing you for the CISA certification examination, this bootcamp course will help you achieve the following learning outcomes as defined by ISACA:

  • Gain a better understanding of Information System (IS) audit and assurance guidelines and standards 
  • Develop a working knowledge of the five domains of CISA 

Who Should Attend this Training

  • CISA certification candidates 
  • Financial auditors and IT generalists making the transition to IT audit
  • Mid-level career change
  • Students or recent graduates

Prerequisites

There are no prerequisites for attending the CISA® boot camp or attempting the certification examination. That said, you will need to meet certain requirements to achieve the certification. Please check the FAQs for those.

Examination Format

  • 150 multiple choice questions
  • 4 hours duration
  • Passing criteria is 450 points from 800 (scaled results)
  • Closed book exam

What’s Next?

The CISA certification is a standalone qualification. You can, however, expand your knowledge on risk and audit with other certifications such CRISC.

Talk to our Training Advisor?


Training Delivery Options

Self-Paced Training

Features include

  • Study anywhere, anytime, on any device
  • Enjoy lifetime access to accredited courseware
  • Test your knowledge with quizzes and practice exams

Coming Soon!

Instructor-Led Training

Features include

  • Train with the best instructors wherever you are
  • Gain access to quizzes, exams, and valuable resources
  • Interact with instructors in real-time for maximum learning
View Schedule
Corporate Training

Features include

  • Flexible pricing and schedule at your ease
  • Self-paced and instructor-led training options
  • Comprehensive learner assistance and support
Contact us

Syllabus

  • Evaluate the IT strategy for alignment with the organization’s strategies and objectives
  • Evaluate the effectiveness of IT governance structure and IT organizational structure
  • Evaluate the organization’s management of IT policies and practices
  • Evaluate the organization’s IT policies and practices for compliance with regulatory and legal requirements
  • Evaluate IT resource and portfolio management for alignment with the organization’s strategies and objectives
  • Evaluate the organization’s risk management policies and practices
  • Evaluate IT management and monitoring of controls
  • Evaluate the monitoring and reporting of IT key performance indicators (KPIs)
  • Evaluate whether IT supplier selection and contract management processes align with business requirements
  • Evaluate whether IT service management practices align with business requirements
  • Conduct periodic review of information systems and enterprise architecture
  • Evaluate data governance policies and practices
  • Evaluate the information security program to determine its effectiveness and alignment with the organization’s strategies and objectives
  • Evaluate potential opportunities and threats associated with emerging technologies, regulations, and industry practices

  • Evaluate whether the business case for proposed changes to information systems meet business objectives
  • Evaluate the organization’s project management policies and practices
  • Evaluate controls at all stages of the information systems development life cycle
  • Evaluate the readiness of information systems for implementation and migration into production
  • Conduct post-implementation review of systems to determine whether project deliverables, controls and requirements are met
  • Evaluate change, configuration, release, and patch management policies and practices

  • Evaluate the organization’s ability to continue business operations
  • Evaluate whether IT service management practices align with business requirements
  • Conduct periodic review of information systems and enterprise architecture
  • Evaluate IT operations to determine whether they are controlled effectively and continue to support the organization’s objectives
  • Evaluate IT maintenance practices to determine whether they are controlled effectively and continue to support the organization’s objectives
  • Evaluate database management practices
  • Evaluate data governance policies and practices
  • Evaluate problem and incident management policies and practices
  • Evaluate change, configuration, release, and patch management policies and practices
  • Evaluate end-user computing to determine whether the processes are effectively controlled

  • Conduct audit in accordance with IS audit standards and a risk-based IS audit strategy
  • Evaluate problem and incident management policies and practices
  • Evaluate the organization’s information security and privacy policies and practices
  • Evaluate physical and environmental controls to determine whether information assets are adequately safeguarded
  • Evaluate logical security controls to verify the confidentiality, integrity, and availability of information
  • Evaluate data classification practices for alignment with the organization’s policies and applicable external requirements
  • Evaluate policies and practices related to asset life cycle management
  • Evaluate the information security program to determine its effectiveness and alignment with the organization’s strategies and objectives
  • Perform technical security testing to identify potential threats and vulnerabilities
  • Evaluate potential opportunities and threats associated with emerging technologies, regulations, and industry practices

Exam & Certification FAQs

Does ISACA have any substitutions or waivers for its certification requirements?

Yes, it does. The following are substitutions and waivers which you may obtain:

    • A maximum of one year of experience in information experience OR one year of non-IS auditing experience can be used to substitute one year of experience.
    • 60 to 120 completed university credit hours (the equivalent of a two-year or four-year degree) can be substituted for one or two years of experience respectively.
    • A master’s degree in information security or information technology can be substituted for one year of experience.

Instructors who have taught full-time in a related field (e.g. computer science) can substitute two years for one year of experience.

 

What does the CISA certification exam cover?

The certification exam covers the five domains below, which are shown with their weights:

    • Domain 1 – Information System Auditing Process (21%)
    • Domain 2 – Governance and Management of IT (17%)
    • Domain 3 – Information Systems Acquisition, Development and implementation (12%)
    • Domain 4 – Information Systems Operations and Business Resilience (23%)
    • Domain 5 – Protection of Information Assets (27%)

 

What are the certification pre-requisites?

In addition to passing the exam, you will need to fulfil the requirements listed below to earn the CISA® credential:

    • Demonstrate a minimum of five (5) years of professional information systems auditing, control, or security work experience; this experience should be within the 10-year period preceding the date you applied for the certification
    • Adhere to the Code of Professional Ethics
    • Adhere to ISACA’s Continuing Professional Education (CPE) Policy
    • Adhere to the Information Systems Auditing Standards as adopted by ISACA

 

How can I maintain my certification?

CISA® credential holders will need to do the following to maintain their certification:

    • Earn and report a minimum of 20 CPE hours every year, starting from the year after they were certified
    • Earn and report a minimum of 120 CPE hours over the span of three years
    • Pay the annual maintenance fee
    • Comply with the CPE audit if selected 
    • Comply with ISACA’s Code of Professional Ethics
    • Comply with ISACA’s IT auditing standards

 

When will I receive my exam results?

You will get your preliminary results immediately after submitting your exam. You will receive your official score via email within 10 working days. Alternatively, your score will be available online within 10 working days.

 

What other languages can I attempt the examination in?

In addition to English, you can choose to take the CISA examination in Simplified Chinese, Traditional Chinese, German, French, Japanese, Italian, Spanish, Korean, or Turkish.

 

What will happen to my certification status if I no longer practice or decide to retire?

ISACA offers a Non-Practicing and a Retired status for professionals as long as they meet certain requirements. 

The Non Practicing status is provided to active certification holders who have short- or long-term unemployment or disability, no longer work in the field but wish to retain their certification, or have extenuating circumstances which have been approved by the Certification Working Group. Non-practicing CRISC professionals will need to pay the annual maintenance fee even if they do not earn CPEs. 

As for the Retired status, this is provided to professionals who are above 55 years of age and have retired from their profession, or those unable to perform specific job functions due to permanent disability. Unlike the Non-Practicing status, practitioners cannot return to Active once they retire. They will need to re-take and pass the certification exam before re-applying for the certification.

Talk to our Training Advisor?


Upcoming Training Events

[ameliaevents tag=’Risk & Audit’]

Why Choose LearningCert As Your Training Partner?

Accredited course material

Our training materials received approval by relevant accreditation bodies to assure learners of high quality and consistency.

Accredited Training Organization

LearningCert has been approved by relevant accreditation bodies, and has been licensed to deliver each of the courses offered.

Excellent feedback

From high levels of engagement to quality materials, our courses have received an ‘Excellent’ rating from trainees.

At your premises

Get more from your training and achieve learning objectives faster at your preferred location, at your preferred time.

User Registration



Reset Password