CISA Preparation Course

CISA Preparation Course prepares professionals for the CISA® certification exam through a structured review of information systems audit, control and assurance domains. The training supports the consolidation of audit concepts, methodologies and practices aligned with the exam requirements and with IT Risk and GRC contexts.

Register
Companies: request a proposal

Quick Access:   Introduction· Why this course exists· What this course enables· Frameworks and models· Value· Objectives· Target audience· Prerequisites· Programme· Exam & Certification· Other information· Benefits· Logistics· FAQs· Registration

Upcoming dates

Confirmed dates.
Synchronous, live training with interaction with the trainer and the group.

20 April 2026
Live Online • next edition
15 June 2026
Live Online • base price
Duration: 5 days / 40h
Language: available in Portuguese or English
Training: Review + hands-on exercises by domain
Exam: 4h (150 questions) • not included
PROFESSIONAL LEVEL — practical application of methods in a professional context. Practical competence

Why this course exists

To raise IS/IT audit maturity and prepare, with method, performance in the CISA exam.

Many organisations rely on critical digital systems and services, but fail to ensure consistent audits and robust evidence regarding control, governance, lifecycle and the protection of information assets.

CISA® exists to standardise professional practice, language and method and this course prepares participants to audit modern systems, including the impact of cloud, AI and other emerging technologies, while keeping the focus on the exam’s 5 domains.

What this course enables you to do

Audit

Conduct information systems audits aligned with recognised standards and best practices.

Assess governance

Assess IT governance and management, policies, control and monitoring.

Cover the lifecycle

Audit acquisition/development, testing, implementation, maintenance and system retirement.

Protect assets

Assess controls for confidentiality, integrity and availability, and support audits of modern environments.

Frameworks, models and structures covered throughout the course

CISA domains and professional practice
IS audit process
IT governance and management
Acquisition, development and implementation
Operations and business resilience
Protection of information assets (CIA)
Emerging technologies in auditing (cloud, AI, blockchain, SOAR, quantum cryptography)

Value for the organisation

  • Greater consistency and credibility in IS/IT auditing (recognised language and method).
  • Strengthened governance, control and monitoring in critical digital environments.
  • Practical capability to audit modern systems (incl. cloud and AI), reducing ambiguity.
  • Better preparation for third-party audits and assurance requirements, clients and suppliers.

Introduction

The CISA Preparation Course is a professional training course in information systems auditing, intended for auditors and information security professionals who wish to take the Certified Information Systems Auditor (CISA) exam.

Prepare for one of the most valued certifications in IS/IT auditing. CISA preparation course was designed to audit, control and assess information systems based on ISACA® best practices, while also integrating current topics that affect modern audits, including cloud, artificial intelligence, blockchain, SOAR and quantum cryptography.

The curriculum covers the exam’s five key domains: Audit Process, IT Governance and Management, Acquisition, Development and Implementation, Operations and Business Resilience and Protection of Information Assets. Consolidation is supported through guided discussion, domain-based exercises and a mock exam, aligning exam preparation with professional applicability.

Resources, topics, discussion, domain-based exercises and a final mock exam.

This Training Plan and all associated documents are protected by Copyright and registered as a literary work with IGAC.

General Objectives

At the end of the course, participants should be able to:

  • Conduct IS audits aligned with internationally recognised standards and best practices.
  • Assess IT governance and management, policies, control and monitoring.
  • Audit the systems lifecycle: development/acquisition, testing, implementation, maintenance and retirement.
  • Assess IS operations and resilience, continuity and recovery.
  • Protect information assets (confidentiality, integrity, availability).
  • Keep up with new practices and technologies to audit modern critical systems.
  • Reach the CISA exam prepared for the updated domains.

Target Audience

  • IS/IT auditors.
  • IS/IT consultants.
  • IS/IT Audit Managers.
  • Security professionals.
  • Non-IT auditors (from other areas) who need to strengthen their skills in IS auditing.
  • Candidates for the CISA® exam.

Prerequisites

To attend the CISA course, it is recommended that participants:

  • Have foundational knowledge of the CISA domains and a good command of English (exam materials and terminology).
  • Other specific requirements may apply, where relevant, depending on the quotation or proposal presented (please consult the proposal).

Programme

Domain-based review (CISA)
  1. Introduction and Course Plan
  2. The Information Systems Audit Process
  3. IT Governance and Management
  4. Acquisition, Development and Implementation of Information Systems
  5. Information Systems Operations and Business Resilience
  6. Protection of Information Assets
Exam preparation (simulation)
  • Exam preparation: Mock Exam
  • Exam-style questions, with marking and explanation of the reasoning

Exam(s) and Certification

Exam “CISA®”

The CISA® certification exam is not included in the course price. Book the exam directly on the ISACA® website.

Format: Multiple choice.
Number of questions: 150 questions.
Duration: 4 hours.
Pass mark: 450 points (scale 200 to 800).

Certification (requirements)
To achieve certification, candidates must successfully pass the CISA® exam and meet the remaining requirements defined by ISACA, including the formal certification application process.

Other Information

General Information
  • Training in Portuguese or English.
  • Online training materials with online access, in English, with domain-based exercises, in accordance with the awarded conditions.
  • Mock exam on the last day of training.
  • Behaviour digital Training Attendance Certificate with 24 CPD/CPE credits.
Trainer(s)
Learn with senior consultants and auditors, with hands-on experience in implementation, auditing and training, and certifications such as CISA, CISM, CRISC, CGEIT, COBIT, CISSP, Project Management, ISO 27001/27005/22301, among others. Some specialists participate in technical committees that evolve international standards and frameworks.

Benefits

View benefits
  • Standardisation of language, criteria and information systems auditing practices, reducing ambiguity and increasing consistency in assessment and reporting.
  • Strengthened professional and organisational credibility with clients, suppliers, external audits and governance functions.
  • Development of practical capability to audit information systems in current technological contexts, including cloud environments, AI-based solutions and modern digital architectures.
  • Solid preparation to apply the CISA domains in real audit contexts, going beyond a purely theoretical approach focused exclusively on the exam.
  • Pedagogical model oriented towards the effective acquisition of competencies, active participation and meaningful learning, with simultaneous focus on certification and professional applicability.

Logistics

Useful information
  • Live Online (synchronous time): 09h30–17h30 (Lisbon, GMT 0), with lunch break and short breaks.
  • Classroom (synchronous time): 09h30–17h30 (Lisbon, GMT 0), with lunch break and short breaks.
  • 35 hours of synchronous training, distributed across 5 consecutive days.
  • Estimated 5 hours of guided autonomous work, intended for content consolidation, carried out flexibly outside the synchronous sessions.
  • Requirements: computer with stable internet, browser, PDF reader, audio/video.
  • After-hours (PL) Live Online (synchronous time): 18h15–21h45 (Lisbon, GMT 0), with a short break.
Hotels in Lisbon
Find out where you can stay in Lisbon, near Behaviour, for classroom training.

Frequently Asked Questions

Objective answers to the most common questions about the CISA Preparation Course.

Is this course suitable for someone coming from internal or financial audit and looking to deepen IS audit?
Yes. The course helps bridge general audit experience with the specificities of information systems, technological control, IT governance and evidence in a digital context.
Does the course help identify study gaps by domain before booking the exam?
Yes. The structured review of the domains, the exercises and the mock exam help identify where the participant is stronger and where study and practice need to be reinforced.
Do information security professionals gain value from this course even when they do not perform formal audit roles?
Yes. The course strengthens the ability to understand audit criteria, controls, evidence and the assurance perspective, improving articulation with internal, external and client audits.
Is the course relevant for audits in cloud, hybrid and emerging technology environments?
Yes. The CISA course is relevant for audits in cloud, hybrid and emerging technology environments because it prepares participants to audit modern systems and frames the impact of technologies such as cloud, AI, blockchain and SOAR on risk, controls, evidence and audit assessment. For more specific depth, Behaviour provides two complementary pathways: the CCSP Preparation Course, more oriented towards cloud security, covering architecture and design, data security, platform and infrastructure, applications, operations, as well as law, risk and compliance; and the Cloud Computing Auditor course, directed at the audit of cloud environments, with a focus on service and deployment models, shared responsibility, risk assessment, contracts and SLAs, evidence, findings and professional reporting.
Does this course help improve audit reasoning and the quality of reporting beyond exam preparation?
Yes. The domain-based preparation helps structure analysis, support conclusions and communicate results with greater consistency in a professional context.

For general questions about registration, delivery modes, exams, certification and recertification, please consult the BEHAVIOUR® FAQs.

Registration

Complete the form to request your registration for the preferred edition. Check the upcoming dates.

Contact name
=

Request more information

If you would like help to frame the course within your professional or organisational context, contact us and we will indicate the most suitable pathway.
Request Information

Companies: request a proposal

For team registrations, we provide volume conditions and a proposal tailored to the organisational need.
Request Proposal