CISA® Preparation Course

Register nowBook as incompany

What will you learn?

  • 9Develop a Risk-based IS audit strategy;
  • 9Plan and conduct audits according to Audit standards;
  • 9Provide assurance the structure and processes of an organization are in place;
  • 9Provide assurance that the acquisition, development, testing and implementation of the Information Systems (IS) meet the objectives of the organization;
  • 9Provide assurance the processes for operations, maintenance and support of the IS are aligned to the objectives of the organization;
  • 9Ensure the security policies, standards and procedures protect the integrity, confidentiality and availability of information asset;


  • 5 course days
  • 20 hours of self study
  • €3.450,- excluding VAT

Your trainers

Geert Vandenbranden
Information Security,
Data Protection

& Business Continuity

About Geert

Geert Vandenbranden has extensive experience in ICT (23 years), Information Security (18 years) and Business Continuity (14 years), at strategic, tactical and technical level. In ’93 he started as an IT analyst, distributed service architect and middleware release manager at a large bank. When he started working for a major system integrator, he took on the role of network administrator and Windows security specialist. After a successful Y2K transition, he took advantage of his Windows and network security experience and started working as a Security Engineer and Consultant, rapidly evolving into Information Security Consultancy, providing information on security management and management, business continuity and risk management services.
In addition to these advisory activities, he managed corresponding competence centers, providing tools, reference information, knowledge, training and educational support to colleagues and customers.

Rob van der Staaij
Cybersecurity &
Identity & Access Management

About Rob

Rob has more than twenty years of experience in many organizations and sectors. Rob is also affiliated with the University of Groningen, Faculty of Law, Department of Criminal Law and Criminology, where he focuses on cyber crime and cyber security. He gives presentations at international conferences and has published dozens of articles and various books.

Rob is analytical and has a broad knowledge of cyber security. He finds it a challenge to explain complex subjects in clear and simple language.

Theo Heinsbroek
Security Officer

About Theo

Theo Heinsbroek has over 10 years of experience in the field of information security, identity and access management, risk management and IT audit. In these areas, Theo advises clients on compliance with laws and regulations, risk management and operational effectiveness. Larger organizations in various branches in the Netherlands belong to the clientele. SeKuRiGo helps organizations make strategic and tactical choices in the areas of information security, identity and access management, risk management and IT audit.

About the CISA® Preparation course

During the CISA® Preparation Course you will be prepared as a broadly trained specialist in the field of IT Auditing. After completing the course, you’ll have thorough knowledge and understanding of the 5 CISA® domains, you’ll be able to apply them in your work and you’re fully prepared to take the international CISA® exam.

There are many CISA® training providers today, most of them mainly focused on the exam. We believe that both the CISA® exam and its content should not be underestimated. Just practicing exam questions and studying your book is insufficient to truly grasp its’ coverage and utilize its’ full potential in the real world.

Therefore, the Security Academy has chosen to:

  • Offer a 5 – day CISA® training spread over a period of 5 weeks
  • allocate multiple trainers that are each an expert in a specific domain covered
  • create extensive use cases and practice exam questions per each domain covered
  • provide special direction of CISA® domains in the European, Dutch and Belgian context
  • deliver an extensive CISA®-practice exam on the last day, including an evaluation and discussion afterwards


The CISA® training is not a technical course, but basic knowledge of IT- security is assumed. Students who lack experience in one of these areas could consider taking the IT Security Foundation course prior to attending CISA®.

In doubt which course is right for you? Contact us for more information.

Who should attend?

The CISA® certification is for those who are involved in information systems (IS) audit, control and information security. Typical attendees of this training include IT Auditors, IT Managers, information security officers, security architects and consultants

Classroom training or Online Live?

  • Classroom Training: You’re our guest and threated as such

When you take our Classroom Training you are our guest, and that’s how we’ll threat you! You’ll train in an inspiring training environment handpicked based on the highest quality standards. All trainings include a delicious lunch, when you register to your training you can indicate any dietary requirements that we should consider.

  • Online Live Training: Prepare, train and certify from the comfort of your home or work

For those of you preferring an online experience, we offer Online Live Training through the SECO – Institute Online Learning Platform based on BigBlueButton, a secure platform specifically designed for Online Training that requires collaboration and (hands on) exercises. Course materials are delivered via a designated Student Portal prior to your training. For the SECO – Institute trainings, the examination is also conducted online via a certified Proctor. Everything you need to prepare, train and certify from the comfort of your home or work.

* Our classroom trainings are delivered in Dutch or English, depending on the composition of the student group
* Our Online Live Trainings are delivered either in Dutch or in English. Make sure that you register for the right class!

The following is included:

  • The official ISACA CISA® course materials
  • Additional course materials (slides, use cases, exam questions)
  • Practice exam, evaluation and discussion on the last day
  • A delicious lunch

Course modules


Module 1: The proces of auditing information systems

This module covers how IT auditors provide their services in accordance to the IT audit standards to assist organizations in the protection and control of information systems. It also includes development and implementation of risk-based IT audit strategy, planning and reporting the findings.

Topics covered:

  • Risk-based IS audit strategy
  • Planning and conducting audits
  • Control self – assessments
  • Communicating audit results and follow up

Module 2: Governance and management of IT

This module covers how auditors provide assurance the structure and processes of an organization are in place.

Topics covered:

  • Evaluate the IT strategy; IT governance structure; organization structure and HR management; IT policies; and standards and procedures
  • Evaluate IT resource management and IT portfolio management
  • Evaluate risk management practices and IT management
  • Evaluate controls and KPIs
  • Evaluate the business continuity planning of the organization

Module 3: Information systems acquisition, development and implementation

This module covers how IT auditors provide assurance that the acquisition, development, testing and implementation of the IS meet the objectives of the organization

Topics covered:

  • Evaluate the business case for proposed investments
  • Evaluate the IT supplier selection and contract management processes
  • Evaluate the project management framework and conduct reviews
  • Virtualization and CSP (Cloud service provider) architecture
  • Evaluate the readiness for implementation
  • Conduct post implementation reviews

Module 4: Information systems operations, maintenance and support

This domain explains how to provide assurance the processes for operations, maintenance and support of the IS are aligned to the objectives of the organization.

Topics covered:

  • Evaluate IT service management framework and practices
  • Conduct periodic reviews of IS
  • Evaluate IT operations and IT maintenance, evaluate database management practices and data quality
  • Evaluate problem and incident management
  • Change and release management practices
  • Evaluate end-user computing, and IT continuity and resilience
  • Disaster recovery testing

Module 5: Protection of information assets

This module explains how to ensure the security policies, standards and procedures protect the integrity, confidentiality and availability of information assets of the organization.

Topics covered:

  • Evaluate Information Security and privacy
  • Evaluate physical and environmental controls
  • Evaluate the system and logical security controls
  • Evaluate classification of data and information asset safeguards
  • Evaluate Information Security programs

Practice Exam

On the last day of training you’ll take an extensive test exam, so that you can judge for yourself to what extent you are ready for the official CISA® exam and which domains need some more attention. The test exam is followed up with an evaluation and interactive discussion.

About the Exam

The CISA® exam is conducted by ISACA® and is not included in the course. From the moment that you first register for an exam, you have one year to successfully complete it (including second attempts). The minimum time in between two consecutive attempts is set at 48 hours. After successful completion of the CISA® exam (and if you have the required working experience) you can apply for your CISA® title at ISACA®. Although there are no prerequisites for attending the CISA course and sitting the exam; in order to become CISA certified you must be able to demonstrate 5 years of professional information systems auditing, control or security work experience.

It’s important as an IT Auditor to understand the domains covered (not just to pass the exam, but to provide value to the IT Audit process). The CISA® is a theoretical exam that requires a lot of detailed knowledge. You’ll need to spend a good portion of your time on self – study after the training towards exam preparation. The stated amount of self-study is a minimum. This may very well be higher and varies greatly from person to person.

Practical Information

  • Course times: 9 am to approximately 4:30 pm. The coffee is ready at 8:30.
  • Lunch is included and consists of a buffet with, among other things, fresh sandwiches. Do you have allergies or dietary requirements? Please communicate this in time.
  • Training location:
    Quinten Matsijslei 25
    2018 Antwerp
  • By participating in a course or training you agree with our terms and conditions

Register now

Book as incompany or stay up to date