Certified Information Systems Auditor (CISA)

Price
Net €
VAT €

Price
Price on Request

Duration
5 days

For companies and job seekers:
this course is 100% fundable!

Location

Course Language
English

Training Solutions
Online Live

Request a consultation Add to favorites Print as PDF

IT systems, processes, and risks are the focus of modern corporate management. This continuing education program provides in-depth knowledge of IT auditing, governance, and information security—in a practical, up-to-date, and clearly structured manner. Relevant standards and auditing approaches are explained in an understandable way and placed in the context of modern IT landscapes.

Key topics

IT auditing and risk-oriented auditing methods.
Governance, compliance, and internal controls.
Information security and data protection.
Evaluation of IT processes and system landscapes.
Dealing with regulatory requirements.
Technological developments and automation in auditing.

Prerequisites
Basic knowledge of IT, information systems, or business processes, as well as initial experience in an IT-related environment.

Target group
Specialists from IT, auditing, compliance, risk management, and consulting with an interest in structured auditing and control approaches.

A clear focus on quality, transparency, and security creates a solid foundation for responsible tasks in a digitally driven business world.

Print as PDF

Course content

Audit process

ISAAS
Governance of procedures
KGI, CSF, KPI, KRI
ALE, RTO, RPO, SDO, MTO, MTD, AIW
Risk appetite, tolerance, capacity
Threats to control mechanisms
Risk management
Spot checks
Duties of the IS auditor for the process

Administration and management

Human resources (HR)
Outsourcing
Cloud computing
Capital Expenditures & Operating Expenses
BCP, DRP & BIA
Plan testing
Enterprise architecture
Corporate governance
Information security policy
IT management practices
IT organizational structure – roles and responsibilities
Tasks of the IS auditor for control & management

Procurement, development, and implementation

Define roles and responsibilities (including RACI matrix)
Human resources (HR) and security strategy
Outsourcing: Consider security aspects
Cloud computing and security measures
Difference between CAPEX (capital expenditure) and OPEX (operating expenditure)
Business continuity plan (BCP), disaster recovery plan (DRP), business impact analysis (BIA)
Testing emergency plans (plan tests)
Enterprise architecture: significance for the security strategy
Corporate governance and its role in security
Developing and implementing an information security policy
IT management practices for security
IT organizational structure: roles and responsibilities
Tasks of the IS auditor in security monitoring and management

Operation, maintenance, and service management

Administration and operation of information systems
Structure and design of hardware architectures
Use and administration of operating systems
Administration and organization of databases
Use and integration of third-party software
Development and maintenance of network infrastructure
Basic concepts and technologies of the Internet
Telecommunications systems and their applications
Responsibilities and tasks of the IS auditor in the areas of operation, maintenance, and service management

Information values

Asset classification
Security awareness and training
Cooperation with external parties
Combating computer crime
Access control and management
Remote access regulations
Procedures for dealing with media
Securing the network infrastructure
Use of firewalls
Intrusion detection systems
Encryption technologies
Penetration tests
Consideration of environmental factors
Data leak prevention (DLP) mechanisms
Access controls to physical areas
Role of the IS auditor in protecting information assets

Your training will be 100% funded

Our funding schemes are available exclusively to participants who live or work in Germany. Funding is not available outside Germany.

For career starters, job seekers, career changers, startups, experienced professionals, those looking to advance their careers, specialists, etc.

The QCG program for everyone in the company

Further information

The education voucher for all job seekers

Further information

Frequently asked questions

What is CISA certification?

CISA is an internationally recognized certification for IT auditing, IT governance, risk management, and information security.

For whom is CISA particularly relevant?

Suitable for professionals in IT auditing, IT security, risk management, compliance, and IT governance.

What are the requirements for CISA?

Several years of professional experience in IT auditing or related fields are required. Certain degrees may be credited.

How widely recognized is CISA worldwide?

CISA is considered a global standard and is valued internationally by companies, government agencies, and auditing organizations.

How long is CISA valid?

The certification remains valid through regular continuing education and proof of Continuing Professional Education (CPE).

What career opportunities does CISA open up?

Possible roles include IT auditor, IT risk manager, security manager, compliance manager, or IT consultant.

Is CISA also suitable for non-technicians?

Yes, the focus is on processes, controls, and governance, not on in-depth technical implementation.

Why is CISA important for companies?

Companies benefit from improved IT transparency, reduced risks, and tested, reliable IT structures.

Do you have any further questions? Please contact us.

Select your nearest center: *

0800 258 258 055

website@newhorizons.de

First Name *

Surname *

Telephone Number *

Postcode *

E-Mail *

I would like to receive funding for further training – I am currently: *

Company Name

Your message

I hereby confirm that I have taken note of the privacy notice. *