Certified Information Systems Auditor



CISA® is a globally recognized standard of achievement among information systems (IS) audit, control and security professionals. The certification examination is designed to assess and certify individuals in the IS audit, control, assurance and security professionals.

Holder of a CISA® credential demonstrates proficiency and signifies commitment to serving an organization and the IS audit, control and security industry with distinction.

This programme is specifically designed according to the CISA® syllabus.

View Schedule

About the Certification

  • Currently, ISACA has over 140,000 members in more than 200 countries. More than 200 chapters have been established in over 80 countries that cover an array of I.T.-related professionals, including IS auditor, consultant, educator, IS security professional, regulator, chief information officer and internal auditor
  • Official Website: http://www.isaca.org/

Training Outlines

  • Domain 1 — The Process of Auditing Information Systems (21%)
  • Domain 2 — Governance and Management of IT (16%)
  • Domain 3 — Information Systems Acquisition, Development and Implementation (18%)
  • Domain 4 — Information Systems Operations, Maintenance and Service Management (20%)
  • Domain 5 — Protection of Information Assets (25%)

Training Highlights

  • 21-hour intensive workshop
  • Conducted by renowned, experienced industrial expert
  • Real case study will be adopted with experience sharing
  • Eligible for 21 units of PDU / CPE

Examination Highlights

CISA® Exam

  • The CISA® examination is offered in May / June, August / September and November / December
  • Consists of 150 questions in a 4-hour session

The course is not a prerequisite requirement for sitting the examination nor lead to award of any qualification

Chartered Requirements

  • Pass the CISA® examination
  • A minimum of five years of professional information systems auditing control or security work experience. Experience must have been gained within the 10-year period preceding the application date for certification or within five years from the date of initially passing the examination
  • Adherence to the Code of Professional Ethics
  • Compliance with Information Systems Auditing Standards
  • Recertification is required every three years. CISA® Chartered holders are required to earn 120 Continuing Professional Education (CPE) credits every three years, with a minimum of 20 CPEs earned each year after certification
  • CISA® Chartered holders need to pay annual maintenance fee of USD 45 for ISACA members and USD 85 for ISACA non-members
  • The course is not a criteria or a condition of the requirement


Mr. Ray Lee, MBA

  • Microsoft Certified Trainer since 2002
  • Subject matter expert of IT security, EMC and NETAPP storage

Mr. Sang Young

  • CISA®, CISSP®, CEI, ECSA, CHFI, CEH, CIFI, ITIL(v3)F and ISO20000 Auditor
  • Convener, Internet Security and Privacy Working Group, Internet Society Hong Kong (ISOC-HK)
  • Chairman of Mobile Security SIG, Professional Information Security Association (PISA)
  • Founding Member, (ISC)²® Hong Kong Chapter
  • Founding member and Chairperson (2003 – 2004 and 2005 – 2006), PISA