pds-it
['Product detail page','no']
IT security / IT security management
'
All trainings
/
IT Security
/
IT security management
The illustrations were created in cooperation between humans and artificial intelligence. They show a future in which technology is omnipresent, but people remain at the center.
AI-generated illustration

ISACA Certified Information Systems Auditor (CISA®)

Training including examination and certification

Online
4 days
German
Download PDF
€ 3.790,-
plus VAT.
€ 4.510,10
incl. VAT.
Booking number
42332
Venue
Online
4 dates
€ 3.790,-
plus VAT.
€ 4.510,10
incl. VAT.
Booking number
42332
Venue
Online
4 dates
Become a certified
Machine Learning Engineer
This course is part of the certified Master Class "Machine Learning Engineer". If you book the entire Master Class, you save over 15 percent compared to booking this individual module.
To the Master Class
In-house training
In-house training just for your employees - exclusive and effective.
Inquiries
In cooperation with
Gain practical know-how in IT auditing, governance, risk management, system development and operations. The CISA® training prepares you specifically for certification and the effective use of control and audit procedures.
Contents

Area 1: Information System Auditing Process

  • IS audit standards, guidelines, functions and code of ethics
  • Types of audits, assessments and reviews
  • Risk-based audit planning
  • Types of controls and considerations
  • Audit project management
  • Audit testing and sampling methodology
  • Techniques for collecting audit evidence
  • Audit data analysis
  • Reporting and communication techniques
  • Quality assurance and improvement of the audit process

 

Area 2: Governance and Management of IT

  • Laws, regulations and industry standards
  • Organizational structure, IT governance and IT strategy
  • IT policies, standards, procedures and guidelines
  • Enterprise architecture and considerations
  • Enterprise Risk Management (ERM)
  • Data protection program and principles
  • Data management and classification
  • IT resource management
  • IT supplier management
  • IT performance monitoring and reporting
  • IT quality assurance and quality management

 

Area 3: Information Systems Acquisition, Development and Implementation

  • Project control and management
  • Business case and feasibility analysis
  • Methods for system development
  • Identification and design of control mechanisms
  • System readiness and implementation tests
  • Implementation configuration and release management
  • System migration, infrastructure provision and data conversion
  • Review after implementation

 

Area 4: Information Systems Operations and Business Resilience

  • IT components
  • IT asset management
  • Order planning and automation of production processes
  • System interfaces
  • End-user computing and shadow IT
  • System availability and capacity management
  • Problem and incident management
  • IT change, configuration and patch management
  • Operating log management
  • IT service level management
  • Database management
  • Business impact analysis
  • System and operational resilience
  • Data backup, storage and recovery
  • Business Continuity Plan
  • Disaster Recovery Plans

 

Area 5: Protection of Information Assets

  • Policies, frameworks, standards and guidelines on the security of information resources
  • Physical and environmental controls
  • Identity and access management
  • Network and endpoint security
  • Protection against data loss
  • Data encryption
  • Public key infrastructure (PKI)
  • Cloud and virtualized environments
  • Mobile, wireless and Internet-of-Things devices
  • Training and programs to raise awareness of security issues
  • Attack methods and techniques on information systems
  • Tools and techniques for security testing
  • Protocols, tools and techniques for security monitoring
  • Management of security incidents
  • Preservation of evidence and forensics

 

Requirements:

There is no formal admission for attending the course.

The requirements for official ISACA® certification are:

 

1. passing the CISA® exam

The examination can also be taken without professional experience.

After passing the test, certification must be applied for within 5 years.

 

2. proof of at least five years of professional experience in IS/IT audit, control or security

The professional experience must have been acquired within the last ten years before submitting the application or within five years of passing the examination.

 

3. coverage of at least one or more CISA® domains

The professional experience must relate to activities that can be assigned to relevant content from the following five CISA® domains:

  • Information System Auditing
  • Governance and Management of IT
  • IS Acquisition, Development and Implementation
  • IS Operations and Business Resilience
  • Protection of Information Assets

 

4. possibility of crediting alternative qualifications

Up to three years of professional experience can be replaced by certain qualifications or degrees (e.g. university degree, other certifications - details on the ISACA® website).

 

5. verifiability of professional experience

The professional experience must be confirmed by a superior or authorized body.

 

6. submitting the application for certification to ISACA®

Online application or PDF form

Payment of an application fee of currently USD 50

 

7. agreement to the ISACA® Code of Professional Ethics

Obligation to comply with professional ethical principles and standards of conduct

 

8. compliance with Continuing Professional Education (CPE) requirements

After certification: annual training obligation and proof of maintenance of certification

 

Additional info: 

© ISACA®. All rights reserved.

CISM® is a registered trademark of ISACA®.

The training is conducted by the ISACA® accredited partner Digicomp Academy AG.

Your benefit
  • Learn to plan and conduct audits according to ISACA® guidelines and standards and to communicate results convincingly
  • Development of a risk-based audit strategy, systematic collection of evidence and targeted use of data analysis
  • Reflecting on audit quality and carrying out follow-ups to check the implementation of own recommendations
  • Understanding IT governance structures, frameworks (COBIT®, COSO, etc.) and role-based responsibilities
  • Evaluate business processes, policies and organization in terms of maturity, resource management and IT QA
  • Develop recommendations to improve IT governance in line with business objectives
  • Assess how IT systems are acquired, developed and implemented and whether they fulfill the company strategy and requirements
  • Analyzing project management methods (e.g. SDLC, Agile), outsourcing/sourcing decisions and test strategies
  • Supporting the organization with feasibility analyses, system tests and post-implementation checks
  • Review IT operating processes, infrastructure and service management and their impact on business continuity
  • Designing and auditing emergency and disaster recovery plans and business impact analyses
  • Supporting the organization in responding quickly and effectively in the event of a crisis
  • Evaluate security policies, standards and controls to ensure confidentiality, integrity and availability
  • Developing measures for the final audit of information security (e.g. access controls, encryption or logging)
  • Supporting the organization in establishing effective protection of critical information assets
trainers
Umberto Annino
Methods

Depending on the type of learner, exam preparation requires at least 10-20 hours of additional time outside the classroom.

Certification

Exam format:

  • 150 multiple-choice questions
  • Duration: 4 hours (240 minutes)
  • Implementation: Online with remote proctoring or in an authorized test center
  • Language: Available in several languages (you specify the language when registering for the exam)
  • Aids: none
Recommended for

The course is aimed at professionals and executives from IT management, IT security, IT operations, security consulting, auditing, project management and compliance who are concerned with the compliance of information systems and are looking for sound preparation for the CISA® certification exam.

It is ideal for IT auditors, reviewers, security managers, risk managers and specialists specialists who want to systematically assess IT systems and controls. The CISA® certification underpins their professional competence and strengthens their professional position.

Start dates and details

Form of learning

Learning form

9.12.2025
Online
Places free
Implementation secured
Book
Online
Places free
Implementation secured
Book
9.3.2026
Online
Places free
Implementation secured
Book
Online
Places free
Implementation secured
Book
8.6.2026
Online
Places free
Implementation secured
Book
Online
Places free
Implementation secured
Book
26.10.2026
Online
Places free
Implementation secured
Book
Online
Places free
Implementation secured
Book

The training is carried out in cooperation with an authorized training partner. This partner collects and processes data under its own responsibility. Please take note of the corresponding privacy policy.

*Mandatory fields

Do you have questions about training?

Call us on +49 761 595 33900 or write to us at service@haufe-akademie.de or use the contact form.

The illustrations were created in cooperation between humans and artificial intelligence. They show a future in which technology is omnipresent, but people remain at the center.
AI-generated illustration
skill it logo
where tech professionals grow
Terms and conditions
Legal notice
Data Protection
Cookie settings