Certified Information Systems Auditor (CISA® ) Certification Training

Available Live In-Person or Live Online

"He provided good examples relative to the questions being studied and facilitated well by incorporating the input/experience of the class members."

ISACA®'s CISA designation is a globally recognized certification for IS audit control, assurance and security professionals. Being CISA-certified showcases your audit experience, skills and knowledge, and demonstrates you are capable to assess vulnerabilities, report on compliance and institute controls within the enterprise.  In this course attendees will evaluate organizational policies, procedures, and processes to ensure that an organization's information systems align with its overall business goals and objectives.


Testimonials on the benefits of being a CISA. Certified Information Systems Auditor.

To be eligible for the CISA credential, you must have five (5) or more years of experience in IS audit, control, assurance, or security. Waivers are available for a maximum of three (3) years.  Check the ISACA CISA page for more information.

OVERVIEW and OBjectives

  • Implement information systems audit services in accordance with information systems audit standards, guidelines, and best practices.
  • Evaluate an organization's structure, policies, accountability, mechanisms, and monitoring practices.
  • Evaluate information systems acquisition, development, and implementation.
  • Evaluate the information systems operations, maintenance, and support of an organization; and evaluate the business continuity and disaster recovery processes used to provide assurance that in the event of a disruption, IT services are maintained.
  • Define the protection policies used to promote the confidentiality, integrity, and availability of information assets.

Course Content

Lesson 1: The Process of Auditing Information Systems

  • ISACA Information Systems Auditing Standards and Guidelines
  • Fundamental Business Processes
  • Develop and Implement an Information Systems Audit Strategy
  • Plan an Audit
  • Conduct an Audit
  • The Evidence Life Cycle
  • Communicate Issues, Risks, and Audit Results
  • Support the Implementation of Risk Management and Control Practices

Lesson 2: IT Governance and Management

  • Evaluate the Effectiveness of IT Governance
  • Evaluate the IT Organizational Structure and HR Management
  • Evaluate the IT Strategy and Direction
  • Evaluate IT Policies, Standards, and Procedures
  • Evaluate the Effectiveness of Quality Management Systems
  • Evaluate IT Management and Monitoring of Controls
  • IT Resource Investment, Use, and Allocation Practices
  • Evaluate IT Contracting Strategies and Policies
  • Evaluate Risk Management Practices
  • Performance Monitoring and Assurance Practices
  • Evaluate the Organization's Business Continuity Plan

Lesson 3: Information Systems Acquisition, Development, and Implementation

  • Evaluate the Business Case for Change
  • Evaluate Project Management Frameworks and Governance Practices
  • Development Life Cycle Management
  • Perform Periodic Project Reviews
  • Evaluate Control Mechanisms for Systems
  • Evaluate Development and Testing Processes
  • Evaluate Implementation Readiness
  • Evaluate a System Migration
  • Perform a Post-Implementation System Review

Lesson 4: Information Systems Operations, Maintenance, and Support

  • Perform Periodic System Reviews
  • Evaluate Service Level Management Practices
  • Evaluate Third-Party Management Practices
  • Evaluate Operations and End User Management Practices
  • Evaluate the Maintenance Process
  • Evaluate Data Administration Practices
  • Evaluate the Use of Capacity and Performance Monitoring Methods
  • Evaluate Change, Configuration, and Release Management Practices
  • Evaluate Problem and Incident Management Practices
  • Evaluate the Adequacy of Backup and Restore Provisions

Lesson 5: Protection of Information Assets

  • Information Security Design
  • Encryption Basics
  • Evaluate the Functionality of the IT Infrastructure
  • Evaluate Network Infrastructure Security
  • Evaluate the Design, Implementation, and Monitoring of Logical Access Controls
  • Risks and Controls of Virtualization
  • Evaluate the Design, Implementation, and Monitoring of Data Classification Process
  • Evaluate the Design, Implementation, and Monitoring of Physical Access Controls
  • Evaluate the Design, Implementation, and Monitoring of Environmental Controls

Certification Exam

  • The CISA Exam is now (finally!) a computer-based exam, offered 3 "testing windows" a year. 
  • The Exam is 150 questions.  You have 4 hours to complete the exam.
  • ISACA 2017 Exam Testing Windows:

ISACA 2017 Exam Testing Windows


5 days

Continuing Education Credits



Photo by RudyBalasko/iStock / Getty Images

Our CISA course is offered less than 15 minutes from downtown St. Louis at our O'Fallon, Illinois training facility, located at:

7 Eagle Center
Suite B-5
O'Fallon, IL 62269


We also offer private onsite courses, at your location.  We love to travel and will gladly send a trainer to your location. Please Contact Us for more information.


Live, Instructor-Led Training with a dynamic CISA certified trainer that is a cyber security professional.  Instructors have real-world audit experience with the material covered in the CISA course.


This course is delivered in a "hybrid" format, where we have both In-Person and Live Online attendees. This provides a fun, interactive environment where In-Person and Live Online students can easily interact both with each other and the instructor. When you register for the course, you can choose which delivery option works best for you:

  • Live In-Person
  • Live Online