CISA (Certified Information Systems Auditor)

The CISA Training course is an intensive hands-on instructor lead course (Certified Information Systems Auditor) Certification issued by ISACA for the people in charge of ensuring that an organization's IT and business systems are monitored, managed and protected. It is designed for IT auditors, audit managers, consultants and security professionals.

CISA Training in Cape Town, Johannesburg, Pretoria & Durban

Attaining CISA certification is considered beneficial as it is accepted by employers worldwide and is often requested for IT audit and security management positions.

You will learn about the process of auditing information systems, Governance and management of IT and Information systems acquisition, development and implementation as well as Protection of information assets and Information systems operations, maintenance and service management.

  • The Process of Auditing Information Systems.
  • Governance and Management of IT.
  • Information Systems Acquisition, Development and Implementation.
  • Information Systems Operations, Maintenance and Service Management.
  • Protection of information Assets.
Course Duration Price ZAR(ex vat) Price USD
CISA  Training Summary
CISA Training 5 days R19,000 $1,096
  • Lunch, refreshments and training material included.
  • Class start at 9:00am for 9:30am
  • South Africa training locations: Johannesburg, Cape Town, Durban
  • Global training locations: USA, Candana, UK, Dubai, Europe


This course is intended for individuals who audit, control, monitor and assess information technology and business systems.  This includes information systems security professionals, internal review auditors, and other individuals who have an interest in aspects of information systems audit, controls, and security.


The CISA course is designed to prepare professionals for the Certified Information Systems Auditor (CISA) exam. The course focuses on the key points covered. Class lectures, group discussions to mention a few. The course is intended for individuals who have familiarity with and are not limited with experience in information systems auditing, control or security.  The CISA Certification is globally recognized and for IS audit control, assurance and security professionals.

CISA Course Outline

Domain 1:
Processing of Auditing Information systems

  • Execute a risk-based IS audit strategy in compliance with IS audit standards.
  • Plan specific audits.
  • Conduct audits in accordance with IS audit standards.
  • Communicate audit results and make recommendations.
  • Knowledge of reporting and communication techniques.
  • Knowledge of audit quality assurance (QA) systems and frameworks.
  • Knowledge of various types of audits. (e.g.,internal, external, financial).

Domain 2:
Governance and Management of IT

  • Evaluate the IT strategy.
  • Evaluate the effectiveness of the IT governance structure.
  • Evaluate IT organizational structure and human resources.
  • Evaluate the organization’s IT policies, standards and procedures.
  • Evaluate IT resource management.
  • Evaluate IT portfolio management.
  • Evaluate risk management practices to determine whether the organization’s IT-related risk is identified.
  • Evaluate IT management and monitoring of controls.
  • Evaluate monitoring and reporting of IT key performance indicators.
  • Evaluate the organization’s business continuity plan (BCP).

Domain 3:
Information Systems Acquisition, Development and Implementation

  • Evaluate the business case for the proposed investments in information systems acquisition.
  • Evaluate IT supplier selection and contract management processes.
  • Evaluate the project management framework and controls.
  • Conduct reviews to determine whether a project is progressing.
  • Evaluate controls for information systems.
  • Evaluate the readiness of information systems.
  • Conduct post- implementation reviews.

Domain 4:
Information Systems Operations, Maintenance and Service Management

  • Evaluate the IT service management framework and practices.
  • Conduct periodic reviews of information systems.
  • Evaluate IT operations.
  • Evaluate IT maintenance.
  • Evaluate database management practices.
  • Evaluate data quality and life cycle management.
  • Evaluate problem and incident management practices.
  • Evaluate change and release management practices.
  • Evaluate end-user computing.
  • Evaluate IT continuity and resilience (backups/restores, Disaster Recovery Plan [DRP]).

Domain 5:
Protection of
 information Assets

  • Evaluate the information security and privacy policies, standards and procedures.
  • Evaluate the design, implementation, maintenance, monitoring and reporting of physical and environmental controls.
  • Evaluate the design, implementation, maintenance, monitoring and reporting of system and logical security controls.
  • Evaluate the design, implementation and monitoring of the data classification processes and procedures.
  • Evaluate the processes and procedures used to store, retrieve, transport and dispose of assets.
  • Evaluate the information security program to determine its effectiveness and alignment with the strategies and objectives.