ISACA – CISA

by | Jan 21, 2026

Current Status
Not Enrolled
Price
$3,495.00
Get Started
or

ISACA – Certified Information Systems Auditor – CISA

Overview

The CISA certification, offered by ISACA, is considered the gold-standard for auditing, control, and assurance of information systems. It validates your ability to assess and audit IT governance, design audit strategies, evaluate internal controls, and provide recommendations for risk mitigation.

ISACA periodically updates the exam to reflect modern risk factors and emerging technologies. For example, an updated CISA exam became available on 1 August 2024, refining the focus on security, controls, and the role of disruptive technology in audit practices.

Through ISACA’s official training resources — including review manuals, question-bank databases, and self-paced or instructor-led courses — you can build the skills required to succeed.

What You’ll Learn

Domain 1 – Information Systems Auditing Process

  • Risk-based audit planning

  • Conducting audit engagements

  • Sampling and testing strategies

  • Collecting and analyzing audit evidence

  • Reporting findings and recommendations

  • Audit follow-up and continuous improvement

Domain 2 – Governance & Management of IT

  • IT governance frameworks and controls

  • Strategy alignment and performance measurement

  • Enterprise architecture and resource management

  • IT policies, standards, and procedures

  • Risk management frameworks and assessments

  • Legal and regulatory compliance

Domain 3 – Information Systems Acquisition, Development & Implementation

  • Project governance and management

  • System development life cycle (SDLC)

  • Control design and implementation

  • Configuration and change management

  • Release planning and deployment reviews

  • Post-implementation evaluations

Domain 4 – Information Systems Operations & Business Resilience

  • IT operations management and monitoring

  • Capacity and performance planning

  • Incident and problem management

  • Backup and data lifecycle management

  • Disaster recovery planning

  • Business continuity and resilience validation

Domain 5 – Protection of Information Assets

  • Information security principles and controls

  • Access and identity management

  • Network and infrastructure security

  • Mobile and cloud environment security controls

  • Data encryption and protection methods

  • Security monitoring and incident response

  • Forensics and remediation

Details

5 Years Experience

40 Hours

Audience

  • IT Auditors / IS Auditors — professionals who audit, monitor, and assess an organization’s information systems and controls.

  • Risk & Assurance Professionals — those responsible for risk assessment, control evaluation, and assurance reporting.

  • Control / Compliance Analysts — people who build, review, and validate internal IT controls.

  • IT Governance / Governance, Risk & Compliance (GRC) specialists — those aligning IT processes and strategy with business goals and regulatory requirements.

  • Security Professionals transitioning to Audit — security practitioners looking to validate their audit and assurance knowledge.