🔍 CISA — Certified Information Systems Auditor (Exam-Prep)
Free exam-prep for CISA — Certified Information Systems Auditor with a signed certificate. Learn the modules, pass the 10-question exam, EN/FR/AR, no account.
Last updated: June 2026
An independent, free exam-preparation course that works through the publicly published ISACA CISA body of knowledge — its four audit domains — with visual lessons, original self-check questions and a final exam. It teaches how to plan, conduct and report an IS audit, not how to hack. It is awareness/prep only and is not the official ISACA course or exam, and claims no ISACA affiliation or endorsement. It maps to ISACA CISA (4 domains). The course is organized into 10 modules, ending with a final exam (pass mark 70%). It is independent, free exam-preparation training — not an official or accredited review course.
What you'll learn
- IS Audit Process I — Standards & Planning
- IS Audit Process II — Evidence, Sampling & Reporting
- Governance & Management of IT I — Strategy & Frameworks
- Governance & Management of IT II — Risk, Structure & Resilience
- IS Acquisition & Development
- IS Implementation & Migration: Testing, Conversion, Go-Live and Post-Implementation Review
- IS Operations & Business Resilience I — Operations
- IS Operations & Business Resilience II — Continuity
- Protection of Information Assets I — Frameworks & Access
- Protection of Information Assets II — Cryptography, Physical & Environmental Controls, Data Classification & Monitoring
Learning objectives
- Understand that this is independent CISA exam-prep over the public body of knowledge, not the official ISACA course or exam
- Name the four CISA domains and their approximate exam weighting, and the audit responsibility each carries
- Plan and execute a risk-based IS audit — engagement scope, sampling, evidence, working papers and reporting
- Apply the ISACA IT Audit and Assurance Standards and the Code of Professional Ethics, including independence and objectivity
- Evaluate IT governance, strategy, organisational structure and the value/risk balance of IT investments
- Audit acquisition, development, testing, implementation and post-implementation of information systems
- Audit IT operations, business resilience (BIA, RTO/RPO, BCP/DRP) and service management
- Evaluate information-asset protection — identity and access, network and endpoint security, data and physical controls
- Sit a 10-question exam-style final (80% to pass) built from original questions spanning all four domains