Prepare to pass the CISA exam by attending our CISA Prep course with ISACA Accredited Trainers and full training-exam package offerings
Attend the official CISA Prep Course offered live online by ES Learning, an ISACA Accredited Training Organization (ATO) in association with the Hellenic American Union, and prepare to ace the CISA exam. This CISA Prep course is presented by ISACA accredited trainers in accordance with ISACA’s Accredited Training Program.
The CISA Prep course provides an in-depth knowledge on the following five CISA domains that are covered on the CISA exam.
- Information Systems Auditing Process
- Governance and Management of IT
- Information Systems Acquisition, Development and Implementation
- Information Systems Operations and Business Resilience
- Protection of Information Assets
New dates: 6-7-10-11-13-14-17-18-20-21/02, 18:00-21:00
Disclaimer: Our next CISA Prep course will be aligned with the updated CISA Exam Content which will be valid as of August 1st, 2024. More information on this update will be announced soon.
Why CISA
CISA is ranked among the top IT-related professional certifications in the world. CISA stands for Certified Information Systems Auditor and is ISACA’s flagship professional certification for IT professionals who audit, control, monitor and assess information technology and business systems.
With more than 145,000 members in over 180 countries, ISACA™ is a globally recognized leader in IT governance, control and assurance. Since 1978, the Certified Information Systems Auditor (CISA®) program has been the globally accepted standard of achievement in the IS audit, control and security field. CISA now counts more than 151,000 certified professionals worldwide.
Starting August 1, 2024, the CISA exam undergoes significant updates.
As of August 1, 2024, ISACA's Certified Information Systems Auditor (CISA) certification is undergoing important changes in its job practice areas. The certification will feature updated content outlined in the Exam Content Outline (ECO). It's imperative for candidates who wish to take test after August 1st, to be aware of these modifications to adequately prepare for the examination.
What is changing
While the five domain headings remain as is, there are adjustments in the percentage distribution across domains in the 2024 ECO compared to the 2019 ECO, as well as some extra material added.
Domains | ECO 2019 | ECO 2024 |
Domain 1: Information |
21% | 18% |
Domain 2: Governance & Management of IT |
17% | 18% |
Domain 3: IS Acquisition, Development & Implementation |
12% | 12% |
Domain 4: IS Operations and Business Resilience |
23% | 26% |
Domain 5: Protection of Information Assets |
27% | 26% |
100% | 100% |
Premium Package
€1780 - What's included:
- ISACA membership fee*
- CISA eManual - 28th Edition
- CISA Q&A Database Annual Subscription* - updated
- Exam Fee*
- CISA Prep Course (30 hours Live Online)
Prepayment is required at least 7 working days before the start of each preparation seminar.
*Valid for 1 year from date of voucher purchase.
Basic Package
€1210 - No exam fees included. This package includes:
- ISACA membership fee*
- CISA eManual - 28th Edition
- CISA Q&A Database Annual Subscription* - updated
- CISA Prep Course (30 training hours Live Online)
Prepayment is required at least 7 working days before the start of each preparation seminar
*Valid for 1 year from date of voucher purchase.
Please contact us at 210-3680911, 210-3680907 to receive your discount coupon for the final fee of 1210 Euros.
This course is offered in co-operation with ES Learning, an international consulting and training services company based in Riyadh, which is an Authorized Training Organization (ATO) of ISACA International.
ES-Learning is a Saudi company based in Riyadh, specializing in capacity building and professionalization, by providing specialized workshops and programs in the following areas: Business Process Management, Facilitation through Trainings, Quality & Performance Management, Services Design, Strategy.
As ISACA'S ATOs, our partners meet ISACA's high training standards. Courses are taughted by accredited and certified trainers, follow ethical practices, and use ISACA's designated materials to make sure you get the most up to date training.
CISA Prep course offers you the following:
- 30 hours with a thorough overview and key points of the 5 domain areas of the CISA Exam
- ISACA training material
- Post-training access to the instructor for advice and support
- Analysis of particular topics which are popular exam questions
- Practice on the “Philosophy” of the examinations’ questions and testing conditions
- Reference tools
- 28 CPEs
Following each section, you will work through a series of sample questions to give you a "feel" for the format and the types of questions you will encounter.
The instructor will provide you with many reference tools and study guides, together with the official ISACA training material.
CISA is an exam that tests experience and experience cannot be taught. This course will give you specific guidelines in your study by providing an overview of the core knowledge bases included in the CISA examination ‘Common Body of Knowledge’.
Participants should continue to study the course materials and rehearse the sample questions after the course until the exam date.
Important: If you do not have an IT knowledge background - i.e. you are an Internal Auditor, or a Business Executive - you may want to review our 6-hour fast track course "IT Essentials for non IT Auditors". This course will quickly walk you through basic IT knowledge and best practices of IT Systems and IT Audit principles, to help you better understand all CISA domains.
The CISA certification is ideal for entry-level to mid-career professionals who are planning, executing and reporting on IT audit projects and tasks. Typical participants of this course are:
- IT Auditors, or experienced professionals working in audit projects
- IT managers
- Information Security professionals
- System Analysts
- IT consultants
- Experienced IT Professionals
CISA Certification pre-requisites
To certify with CISA, you must pass the CISA exam and also meet the following prerequisites:
A minimum of 5 years of experience in information systems auditing, control or security (as described in the CISA job practice areas), within the past 10 years from the date you submit your application.. This experience must be in at least one CISA Job Practice Area. Substitutions and waivers may apply for up to 3 years of experience, as follows:
- 1 year of generic information systems experience or 1 year of non-IS auditing experience can be substituted for 1 year of experience
- A 2-year or 4-year university degree can be substituted for 1 or 2 years of experience respectively
- A master’s degree in information security or information technology from an ISACA accredited university can be substituted for 1 year of experience
Introduction to CISA: Approaching the CISA Examination
- About the exam
- About CISA Certifiction
- Basis of the CISA Exam
- Percentage of test questions and survey results
- Exam scoring
- Preparing for the exam
Domain 1: The Process of Auditing Information Systems (18%)
- Plan an audit to determine whether information systems are protected, controlled, and provide value to the enterprise.
- Conduct an audit following IS audit standards and a risk-based IS audit strategy.
- Communicate audit progress, findings, results, and recommendations to stakeholders.
- Conduct audit follow-up to evaluate whether risks have been sufficiently addressed.
- Evaluate IT management and monitoring of controls.
- Utilize data analytics tools to streamline audit processes.
- Provide consulting services and guidance to the enterprise to improve the quality and control of information systems.
- Identify opportunities for process improvement in the enterprise's IT policies and practices.
Domain 2: Governance and Management of IT (18%)
- Evaluate the IT strategy for alignment with the enterprise’s strategies and objectives.
- Evaluate the effectiveness of IT governance structure and IT organizational structure.
- Evaluate the enterprise’s management of IT policies and practices.
- Evaluate the enterprise’s IT policies and practices for compliance with regulatory and legal requirements.
- Evaluate IT resource and portfolio management for alignment with the enterprise’s strategies and objectives.
- Evaluate the enterprise’s risk management policies and practices.
- Evaluate IT management and monitoring of controls.
- Evaluate the monitoring and reporting of IT key performance indicators (KPIs).
- Evaluate whether IT supplier selection and contract management processes align with business requirements.
- Evaluate whether IT service management practices align with business requirements.
- Conduct periodic review of information systems and enterprise architecture. Evaluate data governance policies and practices.
- Evaluate the information security program to determine its effectiveness and alignment with the enterprise’s strategies and objectives.
- Evaluate potential opportunities and threats associated with emerging technologies, regulations, and industry practices.
Domain 3: Information Systems Acquisition, Development and Implementation (12%)
- Evaluate whether the business case for proposed changes to information systems meet business objectives.
- Evaluate the enterprise's project management policies and practices.
- Evaluate controls at all stages of the information systems development lifecycle.
- Evaluate the readiness of information systems for implementation and migration into production.
- Conduct post-implementation review of systems to determine whether project deliverables, controls, and requirements are met.
- Evaluate change, configuration, release, and patch management policies and practices.
Domain 4: Information Systems Operations, and Business Resilience (26%)
- Evaluate the enterprise’s ability to continue business operations.
- Evaluate whether IT service management practices align with business requirements.
- Conduct periodic review of information systems and enterprise architecture.
- Evaluate IT operations to determine whether they are controlled effectively and continue to support the enterprise’s objectives.
- Evaluate IT maintenance practices to determine whether they are controlled effectively and continue to support the enterprise’s objectives.
- Evaluate database management practices.
- Evaluate data governance policies and practices.
- Evaluate problem and incident management policies and practices.
- Evaluate change, configuration, release, and patch management policies and practices.
- Evaluate end-user computing to determine whether the processes are effectively controlled.
- Evaluate policies and practices related to asset lifecycle management.
Domain 5: Protection of Information Assets (26%)
- Conduct audit in accordance with IS audit standards and a risk-based IS audit strategy.
- Evaluate problem and incident management policies and practices.
- Evaluate the enterprise's information security and privacy policies and practices.
- Evaluate physical and environmental controls to determine whether information assets are adequately safeguarded.
- Evaluate logical security controls to verify the confidentiality, integrity, and availability of information.
- Evaluate data classification practices for alignment with the enterprise’s policies and applicable external requirements.
- Evaluate policies and practices related to asset lifecycle management.
- Evaluate the information security program to determine its effectiveness and alignment with the enterprise’s strategies and objectives.
- Perform technical security testing to identify potential threats and vulnerabilities.
- Evaluate potential opportunities and threats associated with emerging technologies, regulations, and industry practices.
The Anatomy of a CISA Question
How CISA questions are written
The best approach to the CISA Exam
CISA Exam application & logistics
Nikolaos is an ISACA Accredited Trainer and member of ISACA Athens Chapter, authorized to offer ISACA's Certification prep courses for CISA, CISM and CRISC. Nikolaos works in the field ...
Learn moreYou can register, or have your employer register you up to one day before the start date of the program if there are still available places. Add the program to the shopping basket. The first time you place an order you need to register. For company registrations please check the box “I am booking on behalf of my company”. Then, you fill out your personal details and you select an invoice or receipt to be issued. Then you must pay the tuition fee. Payment is available by: a) debit, prepaid, or credit card (interest-free installments will be visible if available), b) Bank payment ID, that you can use to pay at the bank or via ebanking, or c) IRIS and direct debiting your bank account.
Please note that once you successfully place your order you will receive an automated confirmation message. This does not mean that your registration is complete. Your place is reserved once you pay the relevant tuition fee. When payment is visible, we will contact you to confirm your registration.
Important: You can proceed directly with your order through our eshop for the Premium Package of 1780 Euros which provides you with everything you need for your preparation and exam fees.
If you choose the Basic Package, please contact us at 210-3680911, or 210-3680907, or send an email to training@hau.gr to receive the corresponding discount coupon, so that you can forward your order through our eshop.
Blackboard is a web-based video conferencing tool, compatible with Mac, Windows, Linux, iOS, and Android, that allows users to meet and attend classes online. You can use Blackboard from your PC or laptop, but also from your iPad or smartphone. You don't have to download anythhing to your devices to be able to attend this program. We will send you a step-by-step guide once you register. If you use your PC or laptop you will also need a webcam, microphone, and speaker. Most computers have a microphone and speaker, but you can also use a headset with a microphone for better sound quality.
The seminar can be organized exclusively for your company, if there is a group of people who wishes to attend. The content, dates, and schedule will be tailored to your employees' needs.
Get certified with CISA
Being CISA-certified showcases your audit experience, skills and knowledge, and demonstrates your ability to manage vulnerabilities, ensure compliance and institute controls within the enterprise.
How is this course different from others?
This is an ISACA ATO Accredited Course. It includes ISACA Training Material. The Syllabus is designed according to ISACA standards and the trainers have following ISACA Training process.
The course also offers 28 CPEs. CPEs are not required for getting the CISA Certification. CPEs of this course cannot be used after you certify with CISA for maintaining the certification. However they can count for any other ISACA Certification you may already have.
You are in good hands: This course is offered by an ISACA Accredited Training Organization and an ISACA Accredited Trainer. That only guarantees you get exacty the kind of preparation ISACA requires for its CISA candidates.
How difficult is the CISA exam? How long would it take to study?
CISA® is quite a challenging exam. CISA is a professional certification, therefore experience is critical. Experience can be a good judge since you must have already been exposed to a lot of theory and processes, but can also be a tricky advisor and mislead you away from the “by the book” approach of ISACA. Therefore you need to study hard on the theory and the CISA Review Manual and then practice with as many sample questions as you can.
We recommend that you dedicate at least 2 to 3 months after the CISA prep Course and study every day from 1 to 3 hours.
Why certify with CISA
Being CISA-certified showcases your audit experience, skills and knowledge, and demonstrates your ability to manage vulnerabilities, ensure compliance and institute controls within the enterprise. The certification also assists employers in hiring auditors who are skilled in measuring and assessing IT controls by affirming that a candidate possesses a baseline set of auditing skills.
How to apply for CISA
One must first pass the CISA exam and then proceed with the CISA certification application which includes information on:
- At least 5 years of IS auditing, control or security experience (substitutions and waivers apply)
- Adherence to the Code of Professional Ethics
- Compliance with the CISA Continuing Professional Education Policy
Those who pass the test but do not have the experience required, have up to 5 years to meet the experience requirements.
You apply online via the ISACA website at www.isaca.org.
You apply directly to ISACA. Only CISA candidates themselves can apply for the test and the certification. There are no corporate packages, neither can an employer apply on behalf of their employees.
You initially apply for the CISA exam, and if you pass you can continue with submitting your CISA application form with a non-refundable $50 application fee. After submitting your CISA application, you will receive your CISA certification within 3 to 4 weeks.
What are the eligibility criteria for taking the test
There are no eligibility criteria for taking the test. However in order to certify with CISA, you must first pass the test and then meet the CISA certification requirements.
The application form and the experience verification form are very straightforward. Either you check the boxes for the experience you have and verifiers back you up, or you don’t meet the requirements and take advantage of the next 5 years that ISACA allows you to gather experience.
How do I report my experience and who verifies this?
To qualify for CISA, you must have 5 years of information systems auditing, control, assurance or security experience within the past 10 years of the application submission date. This experience must be in at least one CISA Job Practice Area. This experience is independently verified in the Experience Verification Form by a supervisor, manager or client with whom you have worked. Verifiers fill out this form independently and return it to the candidate to include this in their certification application.
The CISA Exam Format
Domain 1 - The process of Auditing Information Systems (21%)
Domain 2 - Governance and Management of IT (16%)
Domain 3 – Information Systems Acquisition, Development, and Implementation (18%)
Domain 4 - Information Systems Operation, and Business Resilience (20%)
Domain 5 – Protection of Information Assets (25%)
- 150 questions
- 4 hours to complete the exam
- Questions format: multiple-choice
- Passing marks: 450 out of 800. (The exam is graded on a scale of 200 to 800 points
- Online exam availability at a Pearson-Vue Center
- Online exam availability from home (online proctoring)
- You may take the test anytime, anywhere
When can I take the test?
There are no specific exam dates. You can take the test online from anywhere, even at the comfort of your home, or you can take it in a designated computer lab. There is one designated lab in Athens and one in Thessaloniki. Contact us for more information.
How much does it cost?
Cost varies whether you are an ISACA member or not. Members get more competitive prices.
For further information please visit www.isaca.org
To maintain your certification you must also pay a CISA certification maintenance fee per every year.
I took the test and passed - how do I maintain the certification?
To renew your CISA certification you must attain 120 CPE hours every 3 year with a minimum of 20 CPE hours per year. You must also pay a re-certification fee. See more at www.isaca.org