2 min read

How I Studied For The ISACA CISA Certification

Free resources to use when preparing for the ISACA CISA exam.
How I Studied For The ISACA CISA Certification
Photo by Scott Graham / Unsplash

Having had to deal with lots of auditing and compliance activities lately, I decided to dive into the CISA certification to better grasp the world of auditing.

I do not plan to submit the exam at the current stage but I am excited to learn about the domains it covers. CISA has 5 domains as compared to the 8 domains in the CISSP exam which I have completed.

The 5 domains with their weights and description are:

  • Domain 1: The Process of Auditing Information Systems (21%)
    • This domain covers the fundamental concepts and processes involved in auditing information systems. It includes topics such as planning and organizing audits, conducting risk assessments, and evaluating the effectiveness of internal controls
  • Domain 2: Governance and Management of IT (16%)
    • This domain focuses on the governance and management of information technology within an organization. It covers areas such as IT strategy and planning, IT policies and procedures, IT organizational structure and responsibilities, and IT performance monitoring and reporting
  • Domain 3: Information Systems Acquisition, Development, and Implementation (18%)
    • This domain deals with the processes and practices involved in acquiring, developing, and implementing information systems. It includes topics such as project management, business process reengineering, system development methodologies, and system testing and implementation.
  • Domain 4: Information Systems Operations, Maintenance, and Support (20%)
    • This domain focuses on the operational aspects of information systems, including their ongoing maintenance, support, and security. It covers topics such as IT service management, database management, data backup and recovery, and incident management.
  • Domain 5: Protection of Information Assets (25%)
    • This domain addresses the protection of information assets from potential threats and vulnerabilities. It covers topics such as information security policies, standards, and procedures, network and infrastructure security, access control systems, cryptography, and physical security.

How I Studied

I managed to find a free CISA course on Cybrary. Although I have some comments on the delivery of the course, it still was a good eye-opener.

I completed the roughly 8-hour course while taking notes for future reference.

Other Resources

During my search for free CISA courses, I came across the below YouTube resource:

Another good one: