Preparing for the CISA Examination - ITG231


In this four-day seminar you will focus exclusively on the essential areas covered in the CISA exam. You will cover the CISA content areas you need to know for the exam, including IS audit process, IT governance, systems and infrastructure life cycle management, IT service delivery and support, information asset protection, and business continuity and disaster recovery. Following each section, you will work through a series of sample exam questions to give you a "feel" for the format and the types of questions you will encounter. You will then review the correct answers for a better understanding of what the ISACA Certification Board expects. This intensive prep course is an ideal way to prepare for the exam. You will gain valuable experience answering sample exam questions while strengthening the skills you need to approach accreditation with confidence.


Tuition cost


NASBA Certified CPE

32 Credits


Why you should attend

You should attend because CISA certification shows your proficiency in a broad range of fundamentals for IT audit roles that open many job opportunities. This course helps you prepare so you can approach the exam with confidence.

Who should attend

Auditors and security professionals with 2+ years of IT audit experience who want to learn more about information systems auditing or those planning to sit for the CISA certification exam.

What You'll learn

IT governance, systems and infrastructure life cycle management, IT service delivery and support, information asset protection, and business continuity and disaster recovery


  • IT Auditing and Controls – ITG101
  • IT Audit School – ITG121

Process of Auditing Information Systems

  • CISA® objectives
  • IS audit function
  • risk analysis
  • internal control definitions
  • types of controls

Governance and Management of IT

  • audit’s role in IT governance
  • defining IT governance
  • strategy and steering committees
  • strategic planning
  • HR policies and procedures
  • outsourcing
  • quality management
  • separation of duties

Systems Life Cycle Management

  • project management practices
  • business application development processes
  • systems development risks
  • roles and responsibilities
  • traditional waterfall model
  • alternative software development strategies
  • change management

Business Application Controls

  • application transactions
  • input controls
  • processing controls
  • output controls
  • auditing application systems

IS Operations and Hardware/Software

  • information systems operations
  • IS operations management
  • IT service management
  • incident handling/problem management
  • information systems hardware
  • information systems software risks
  • operating systems
  • virtualization
  • Database Management Systems (DBMS)

Protection of Information Assets

  • information security management
  • data classification
  • privacy impact analysis
  • identification and authentication
  • authorization
  • security administration
  • privileged access
  • remote access
  • log management
  • social media
  • social engineering
  • physical access risks, exposures and controls
  • environmental risks, exposures and controls

Network Infrastructure

  • network terminology
  • Open Systems Interconnection (OSI)
  • Local Area Networks (LANs)
  • Wide Area Networks (WANs)
  • client/server technology
  • cloud computing

Network Infrastructure Security

  • network risk analysis and threats
  • network control functions
  • firewalls
  • Demilitarized Zone (DMZ)
  • Intrusion Detection Systems (IDS)
  • virus protection
  • Private Branch Exchange (PBX)
  • Voice-Over IP
  • auditing the network


  • symmetric encryption
  • asymmetric encryption
  • digital signatures
  • certification authority certificates
  • Public Key Infrastructure (PKI)
  • key management

Business Continuity and Disaster Recovery

  • Business Continuity Planning (BCP)
  • Disaster Recovery Planning (DRP)
  • disasters and disruptive events
  • BCP/DRP Planning Steps
  • Business Impact Analysis (BIA)
  • disaster recovery strategies
  • contract requirements
  • network recovery
  • testing the recovery plan

Schedule your course

Use the table below to select the time and location that works best for you.

Timezone: America/Chicago

September 2021

Sep 20th, 2021-Sep 23rd, 2021

ACI Learning is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: