Five Day Certified Information Systems Auditor (CISA) – BOOTCAMP

Course Outline:

Information technology (IT) audit pertains to the evaluation of information technology to assess compliance with an organization’s policies and processes. An IT audit wholly or partially evaluates automated information processing systems, related non-automated processes and their interfaces for compliance.

The Certified Information Systems Auditor certificate is perhaps the most prestigious certification for IT auditors. This CISA examination preparation course is an intense 5-day extensive review of CISA examination requirements and preparation for the CISA examination. It imparts the learner with strategies, techniques, and tips for taking and passing the examination.

Attendees also get value beyond passing the examination in that the training delves into IT audit knowledge and its application to internal control, including technology life cycle management, cybersecurity, and business continuity. The training focuses on how IT auditors can add value to an organization. The course has been developed in line with ISACA’s CISA certification programme.


Expose participants:

  • Understand the meaning and application of IT audit and its relationship with audit in general;
  • Comprehend the goals and objectives of IT audit in an organization, and its fit in the internal control environment;
  • Appreciate needed techniques for audit planning (scoping, etc.) and gathering information and audit evidence;
  • Grasp the core of the processes for carrying out IT audits and how to evaluate the effectiveness of IT internal controls,
  • Understand the basis of information risk management and audit of information security.
Why should you attend?
  • Comprehend strategies and techniques for passing CISA examination;
  • Understand the IT control environment and its fit within internal controls;
  • Appreciate the planning & execution of IT audits
  • Internalize the role of an IT auditor in scoping, information gathering assessment and reporting on the state of IT controls
Who is eligible to attend?
  • Management and operational personnel in IT, Audit & information security;
  •  Personnel responsible for management & audit of technology, human resource, finance, administration, facilities;
  •  Risk management, IT infrastructure and internal control personnel
Day One – 1

The Process of It Audit

  •  IT audit: definition, concepts, goals and objectives;
    Standards, tools, methods & techniques for IT audit;
  • The audit process and risk assessment;
  • Planning and management of the audit process;
  • Gathering of audit information and evidence
Day Two – 2

Governance & Management of IT

  • IT strategy, policies, standards, processes & procedures;
  • Technology  governance & organizational structure
  • IT Risk management; Maturity benchmarking and process improvement models; Information systems management practices; Business continuity planning.
Day Three – 3

IT Acquisition, Development & Implementation

  • Project management practices;
    Software development tools and methodology;
  • Configuration and releases management;
  • Data migration and information systems implementation;
  • Goals and practices of system launch quality assessment.
Day Four – 4

Info. systems operations, maintenance & support

  • IT service and operational management;

  • Planning and capacity management; 

  • Problem and incidents management;

  • Business continuity & disaster recovery planning & testing

Day Five – 5

Protection of Information Assets

  • Information security controls assessment;

  • Access management & related controls evaluation;


  • IT infrastructure security & related controls evaluation;


  • Physical security controls assessment.

Your Investment

$1200 (KES 120,000) + VAT. Covers: 5-day workshop: morning tea-break snack, lunch, afternoon tea-break snack + learning material: presentation.

Phone No. :

+254 101 915 260


Previous Participant Comments
  • Very good delivery & presentation; very energetic & good knowledge of the subject. Excellent work!
  • Complementary instructors! Superb for ease of understanding!
  • Very practical and very relevant examples given
  • Practical nature of the topics and its relevance to the business
  • Excellent practical exercise on disaster recovery and crisis communications
  • The course is important to our company