CISA Certification Masterclass IS Audit & ISACA Exam Prep

IT Governance · BCP & DRP · Access Controls · COBIT 2019 · Domains 1-5 · All ISACA 2024 Updates
What you'll learn
Apply the ISACA IS audit methodology across all five CISA domains - from audit planning and execution through reporting and follow-up
Perform risk-based audit planning, select appropriate audit techniques, evaluate audit evidence, and classify control deficiencies using the audit risk model
Evaluate IT governance structures using COBIT 2019, assess IT risk management frameworks, and identify segregation of duties failures in IT organisations
Audit the SDLC at each phase - from Requirements through post-implementation review - and identify control gaps in change management and test environments
Apply BIA methodology to determine RTO, RPO, and MTD; evaluate BCP and DRP strategies; and assess BCP test adequacy - Domains 4 and 5 are 52% of the exam
Evaluate access control models (DAC, MAC, RBAC, ABAC), IAM lifecycle controls, privileged access management, and MFA implementations as an IS auditor
Assess cryptographic controls, network security architecture, SIEM and incident response programmes, and third-party/supply chain security risk management
Answer CISA exam scenario questions using the ISACA mindset - four full worked scenarios with model answers and distractor analysis across all five domains
Requirements
IT or business background with basic familiarity with IT concepts (networks, applications, databases, operating systems) - this is a professional certification course, not an IT fundamentals course
No prior IS audit or ISACA knowledge is assumed - the ISACA audit framework, professional standards, and key terminology are all established from first principles in Section 1
No CISA official study materials are required - all exam-relevant content is self-contained within the course. A copy of COBIT 2019 is useful for Domain 2 depth but not mandatory to follow the course
Prior work experience in IT, audit, compliance, or information security is useful but not required - the course is structured for both experienced practitioners and those new to IS audit
Description
CISA is the world's most recognised certification for information systems audit, control, and assurance. Held by more than 151,000 active professionals globally, it validates the ability to assess IT risk, evaluate controls, and provide independent assurance to boards and senior management. This course prepares you for every question on the CISA exam - and teaches you to think like an IS auditor, not just answer exam questions.
What You Will Learn•Apply the ISACA IS audit methodology end to end - from risk-based audit planning and fieldwork through reporting, findings communication, and follow-up - using the audit risk model and ISACA professional standards
•Evaluate IT governance structures using COBIT 2019, assess IT strategic alignment, and identify segregation of duties failures - Domain 2 covers 18% of the 2024 exam
•Audit the full systems development lifecycle (SDLC) from Requirements through post-implementation review, and assess change management, test environment segregation, and application controls
•Apply BIA methodology to determine Recovery Time Objective (RTO), Recovery Point Objective (RPO), and Maximum Tolerable Downtime (MTD) - then evaluate BCP and DRP strategies and test programmes against ISACA standards
•Evaluate access control models (DAC, MAC, RBAC, ABAC), IAM lifecycle controls, privileged access management (PAM), and MFA implementations from an IS audit perspective
•Assess cryptographic controls, network security architecture (segmentation, firewalls, IDS/IPS), SIEM and incident response programmes, and third-party/supply chain security risk
•Apply the ISACA mindset to exam scenario questions - the skill that separates high scorers from those who know the content but choose the wrong answer under ISACA's judgment-based question format
•Answer all four worked exam scenarios across Domains 1 through 5 with model answers and full distractor analysis - understand why each wrong answer is wrong, not just why the right answer is right
Who this course is for
IT auditors and internal auditors seeking ISACA CISA certification to validate IS audit expertise and qualify for senior and lead auditor roles
Information security professionals and GRC analysts who need to understand the IS audit framework to support audit engagements, respond to auditor requests, and design auditable controls
Compliance officers and risk managers in financial services, healthcare, government, and critical infrastructure - sectors where CISA-qualified auditors are most in demand
Graduate IT professionals entering audit, compliance, or information security roles who want a structured, exam-aligned foundation that maps directly to ISACA professional standards
CISA re-sitters and candidates who have used official ISACA study materials but struggle with the scenario-based ISACA mindset questions - the primary reason candidates fail with sufficient knowledge
Homepage