CISA® Preparation Course

Intensive CISA® training with ISACA-accredited trainers
EnrollBook as in-company

What will you learn?

  • 9Develop a risk-based information systems audit strategy;
  • 9Plan and conduct information system audits according to audit standards;
  • 9 Provide conclusions on the state of an organisation’s information and IT security, including risk and control solutions;


  • 5 course days
  • 40-60 hours of self-study
  • R 1 CPE credit per study hour

ISACA  about
Security Academy

CISA® Preparation Course – Intensive CISA® training with ISACA-accredited trainers

Our CISA® Preparation Course will help you master the skills you need to pass the ISACA Certified Information Systems Auditor (CISA)® certification exam and advance your  career as an IT or information security auditor. In this intensive CISA® training, you will learn how to provide audit services in accordance with industry standards to assist organisations in protecting and controlling information systems. You will learn how to assess the state of an organisation’s information and IT security, identify critical issues, and recommend specific practices to safeguard the governance of information. You will cover the five domains of the CISA® certification exam with ISACA-accredited trainers who are also active in the IT security industry and up to date with current practices, which will help you excel at your CISA® certification exam as well as your career in IT or information security auditing. To fully prepare for your CISA® certification exam and future career, the course will challenge you to practice with exam-style questions as well as authentic case studies.

The Security Academy is an Accredited ISACA Training Partner, which means you will study with official ISACA CISA® courseware.

After completing this course, you will have a thorough understanding of the five CISA® domains (Information Systems Audit Process, IT Governance and Management, Information Systems Acquisition, Development, and Implementation, Information Systems Operations, Maintenance, and Support, and Protection of Information Assets). You will be well-equipped to pass your CISA® certification exam and apply your CISA® knowledge and skills in your daily work.

What makes this CISA® Preparation Course unique?

  • ISACA-accredited trainers with specific expertise in the CISA® domains
  • Authentic use cases and practice exam questions for each domain
  • Extensive CISA® practice exam on the last day, including evaluation and follow-up discussion
  • Success guarantee: Pass the CISA® exam on your first try or retake (parts of) the course for free!

Prerequisites to joining this CISA® Preparation Course

The CISA® training is not a technical course, but basic knowledge of IT security is strongly recommended. Unsure if you know enough of IT security to follow CISA®? Cover the basics first in our IT Security Foundation course.

Is this CISA® Preparation Course for you?

The CISA® certification is for (aspiring) IT and information security auditors and control, assurance and information security professionals who would like to advance their career with the CISA® certification. Our CISA® Preparation Course is typically attended by IT auditors, IT managers, information security officers, security architects and security consultants.

What is included in this CISA® Preparation Course?

  • Official ISACA CISA® course materials
  • Additional course materials (slides, use cases, exam questions)
  • Practice exam, evaluation and discussion on the last day

CISA® Preparation Course Modules

Module 1: The Process of Auditing Information Systems

This module covers how IT auditors provide their services in accordance to the IT audit standards to assist organisations in the protection and control of information systems. This module also addresses the development and implementation of risk-based IT audit strategies, audit planning and reporting the findings.

Topics covered:

  • Risk-based IS audit strategy
  • Planning and conducting audits
  • Control self-assessments
  • Communicating audit results and follow-up

Module 2: Governance and Management of IT

This module covers how auditors provide assurance of an organisation’s information governance and risk management structure and processes.

Topics covered:

  • Evaluate organizational IT strategy; IT governance structure; organisational structure and HR management; IT policies, standards and procedures
  • Evaluate IT resource management and IT portfolio management
  • Evaluate risk management practices and IT management
  • Evaluate controls and KPIs
  • Evaluate the organisation’s business continuity planning

Module 3: Information Systems Acquisition, Development and Implementation

This module covers how IT auditors provide assurance that the acquisition, development, testing and implementation of information systems meet the organisation’s objectives.

Topics covered:

  • Evaluate business cases for proposed investments
  • Evaluate IT supplier selection and contract management processes
  • Evaluate the project management framework and conduct reviews
  • Virtualisation and CSP (Cloud service provider) architecture
  • Evaluate readiness for implementation
  • Conduct post implementation reviews

Module 4: Information Systems Operations, Maintenance and Support

This domain explains how to provide assurance that the processes governing the operation, maintenance and support of an organisation’s information systems are aligned with the organisation’s objectives.

Topics covered:

  • Evaluate IT service management framework and practices
  • Conduct periodic reviews of IS
  • Evaluate IT operations and IT maintenance, evaluate database management practices and data quality
  • Evaluate problem and incident management
  • Change and release management practices
  • Evaluate end-user computing, and IT continuity and resilience
  • Disaster recovery testing

Module 5: Protection of information assets

This module explains how to ensure that security policies, standards and procedures protect the integrity, confidentiality and availability of the organisation’s information assets.

Topics covered:

  • Evaluate information security and privacy
  • Evaluate physical and environmental controls
  • Evaluate the system and logical security controls
  • Evaluate classification of data and information asset safeguards
  • Evaluate information security programs

Practice Exam

On your last course day, you will take an extensive CISA practice exam, so that you can judge for yourself to what extent you are ready for the official ISACA CISA® certification exam and to which domains you should pay more attention. After taking the practice exam, you will have the opportunity to discuss answers or potential issues with your trainer and the group.

ISACA CISA® Certification Exam

Because we are an Accredited Training Partner, you can purchase an ISACA® exam voucher from us for €595 ex VAT. Would you rather arrange this yourself through ISACA®? You can do so via the ISACA® website. In this case the exam fee is $575 for ISACA® members and $760 for non-ISACA® members.

When you register for an exam, you are given one year to successfully complete the exam. Any possible retakes have to be done during this year as well. The time between two consecutive exam attempts is set at a minimum of 48 hours.

Upon successful completion of the CISA exam, you can apply for your ISACA CISA® certification title. Note that in addition to passing the exam, you need to have at least five years of experience in IS/IT audit, control, assurance, or security to earn your ISACA CISA® certificate (experience waivers are available for a maximum of three years).

The CISA ® exam requires in-depth theoretical knowledge. As a Certified Information Systems Auditor, you must understand all the domains covered – not just to pass your exam, but also to bring value to your organisation’s IT and information security auditing process. In addition to attending this (or any other) CISA® training, you will need to invest a good portion of your time in self-study to excel at your exam and your career in information security management. The recommended self-study time is a minimum. You may need significantly more self-study time depending on your personal situation.

Authors & Lead Trainers

Dr. Rob van der Staaij
IAM & IT-Infrastructure specialist

Marcel Feenstra
Senior Instructor / Senior Consultant

Register now

In-company training tailored to your needs

Schedule this training as in-company. Upskill your entire team in the most cost-effective way!