Learning Objectives

This module introduces you to the course’s main features, learning plan, aims and objectives, and structure. It includes a syllabus, diagram pack, glossary, further reading and links document, and links to download essential copies of the framework publications.

It also contains some of the most frequently asked questions about CISA.

Learning Objectives

Module 1 introduces the information systems auditing process. In chapter 1, learners explore the audit planning process. This includes:

Standards and guidelines
Business process and controls
Types of audits

In chapter 2, learners look at how IS audits are executed, including:

Audit project management
Sampling and evidence collection
Reporting and quality assurance

Learning Objectives

Module 2 explores the governance and management of IT. Chapter 1 explores IT governance and strategy, including:

Enterprise governance
Information security governance
Organizational structure
Risk management
Legislation

Chapter 2 explores IT management, including:

IT resource and service provider management
Outsourcing
Performance management

Learning Objectives

Module 3 explores the acquisition, development and implementation of information systems. Chapter 1 presents IS acquisition and development, including:

Project management
Feasibility analysis
System, software and infrastructure development

Chapter 2 presents information systems implementation, including:

Testing, configuration and release management
System migration

Learning Objectives

Module 4 is concerned with IS operations and business resilience. Chapter 1 explores information systems operations, including:

Technology and IT asset management
Performance, problem and incident management
Managing IT service levels

Chapter 2 explores business resilience, including:

Impact analysis
Resiliency and recovery
Business continuity
Disaster recovery planning

Learning Objectives

Module 5 discusses the protection of information assets. Chapter 1 explores:

Information asset security and privacy controls
Access control, network security and managing security on different devices

Chapter 2 explores:

Security event management, including monitoring and testing
Incident response and evidence collection

Learning Objectives

Module 6 provides an opportunity to consolidate and practice key terms and concepts from all 5 domains. It also includes a short practice exam.

• The exam consists of 150 multiple choice questions

• There is a time limit of 240 minutes to complete the exam

• Candidates must score 450/800 to pass the exam

• Information System Auditing Process (21% of exam)

• Governance and Management of IT (17% of exam)

• Information Systems Acquisition, Development and Implementation (12% of exam)

• Information Systems Operations and Business Resilience (23% of exam)

• Protection of Information Assets (27% of exam)

Information systems auditors evaluate the effectiveness of an organization’s information system. They will seek to establish that the information system is safeguarding corporate assets and data and evaluate whether it is effectively supporting corporate objectives and operations.

Certified Information Systems Auditor (CISA) certification is the international gold standard for those who audit, control, monitor and assess an organization’s information systems. Held by over 100,000 IT professionals across the world, it is a globally recognized way to validate auditing competency.

CISA training and certification gives individuals the knowledge and confidence needed to navigate complex regulatory landscapes. It gives them credibility when offering solutions in all areas of IS auditing, and assures employers that their business assets are secure. As an internationally recognised standard, it represents a set of transferable skills that are highly valued in companies all over the world.

As a specialized systems auditor, CISA-certified professionals are able to command higher-than-average salaries in their field. Typical salaries range from $80 to $100k, depending on experience.

The CISA exam is not available through Good eLearning. It must be booked separately through ISACA.

Your CISA certification will expire after three years. To retain your qualification, you must go through a re-certification process at that time.

ISACA is the official CISA accreditation body. Previously known as the Information Systems Audit and Control Association, ISACA is an independent, non-profit association that awards certifications to IT professionals.

The CISA certification is intended for candidates with a minimum of five years of relevant work experience, and who have passed the written CISA examination.

The CISA exam consists of 150 multiple choice questions and lasts four hours. Candidates are tested on five topic domains: Information System Auditing Process, Governance and Management of IT, Information Systems Acquisition, Development and Implementation, Information Systems Operations and Business Resilience, and Protection of Information Assets.