Certified Information Systems Auditor



CISA® is a globally recognized standard of achievement among information systems (IS) audit, control and security professionals. The certification examination is designed to assess and certify individuals in the IS audit, control, assurance and security professionals.

Holder of a CISA® credential demonstrates proficiency and signifies commitment to serving an organization and the IS audit, control and security industry with distinction.

This programme is specifically designed according to the CISA® syllabus.

View Schedule

About the Certification

  • Currently, ISACA has over 140,000 members in more than 200 countries. More than 200 chapters have been established in over 80 countries that cover an array of I.T.-related professionals, including IS auditor, consultant, educator, IS security professional, regulator, chief information officer and internal auditor
  • Official Website: http://www.isaca.org/

Training Outlines

  • Domain 1 — The Process of Auditing Information Systems (21%)
  • Domain 2 — Governance and Management of IT (16%)
  • Domain 3 — Information Systems Acquisition, Development and Implementation (18%)
  • Domain 4 — Information Systems Operations, Maintenance and Service Management (20%)
  • Domain 5 — Protection of Information Assets (25%)

Training Highlights

  • 24-hour intensive workshop
  • Conducted by renowned, experienced industrial expert
  • Real case study will be adopted with experience sharing
  • Eligible for 24 units of PDU / CPE

Examination Highlights

CISA® Exam

  • Candidates are able to schedule their exam for any available date/time/location within their 365-day eligibility period
  • Consists of 150 questions in a 4-hour session

The course is not a prerequisite requirement for sitting the examination nor lead to award of any qualification

Chartered Requirements

  • Pass the CISA® examination
  • A minimum of five years of professional information systems auditing control or security work experience. Experience must have been gained within the 10-year period preceding the application date for certification or within five years from the date of initially passing the examination
  • Adherence to the Code of Professional Ethics
  • Compliance with Information Systems Auditing Standards
  • Recertification is required every three years. CISA® Chartered holders are required to earn 120 Continuing Professional Education (CPE) credits every three years, with a minimum of 20 CPEs earned each year after certification
  • CISA® Chartered holders need to pay annual maintenance fee of USD 45 for ISACA members and USD 85 for ISACA non-members
  • The course is not a criteria or a condition of the requirement
  • More details: https://www.isaca.org/credentialing/cisa/get-cisa-certified


Mr. Henry Ng

  • Former Managing Director of Cybersecurity APAC, Thales Critical Information and Cybersecurity Business Unit
  • Former Head of Professional Services for Verizon Business leading the Asia consulting practice specialized in delivering information security and other consulting services
  • Former Team Lead of HP Security Team
  • Project manager and team lead for many security assessment, governance and consultancy projects for Hong Kong Government agencies, large enterprises and major banking and financial customers within APAC region


Mr. Ray Lee, MBA

  • Microsoft Certified Trainer since 2002
  • Subject matter expert of IT security, EMC and NETAPP storage

Mr. Sang Young

  • CISA®, CISSP®, CEI, ECSA, CHFI, CEH, CIFI, ITIL(v3)F and ISO20000 Auditor
  • Convener, Internet Security and Privacy Working Group, Internet Society Hong Kong (ISOC-HK)
  • Chairman of Mobile Security SIG, Professional Information Security Association (PISA)
  • Founding Member, (ISC)²® Hong Kong Chapter
  • Founding member and Chairperson (2003 – 2004 and 2005 – 2006), PISA