CISA - Certified Information Systems Auditor Training Course

AAISM is a sophisticated framework designed for assessing, governing, and managing security risks within artificial intelligence systems.

Delivered by an instructor in a live format (available online or onsite), this training targets advanced professionals aiming to implement robust security controls and governance practices for enterprise AI environments.

Upon completing this programme, participants will be equipped to:

• Evaluate AI security risks using industry-recognized methodologies.
• Implement governance models for responsible AI deployment.
• Align AI security policies with organizational goals and regulatory expectations.
• Enhance resilience and accountability within AI-driven operations.

Format of the Course

• Facilitated lectures supported by expert analysis.
• Practical workshops and assessment-based activities.
• Applied exercises using real-world AI governance scenarios.

Course Customization Options

• For tailored training aligned to your organizational AI strategy, please contact us to customize the course.

Target Audience:

This certification is designed for professionals engaged in the fields of information security and information assurance.

Learning Outcomes:

Upon completion, candidates will demonstrate the ability to:

• Articulate how effective information risk management delivers significant business value.
• Utilize and explain information risk management terminology with clarity.
• Perform threat and vulnerability assessments, business impact analyses, and risk assessments.
• Apply the fundamental principles of controls and risk treatment.
• Present findings in a structured format suitable for developing a risk treatment plan.
• Implement information classification schemes effectively.

Description:

This intensive four-day event (CGEIT training) serves as the definitive preparation for the examination, meticulously designed to ensure you pass the rigorous CGEIT exam on your first attempt.
The CGEIT qualification is an internationally recognised symbol of excellence in IT governance, awarded by ISACA. It is tailored for professionals responsible for managing IT governance or holding significant advisory or assurance responsibilities in this field.
Attaining CGEIT status will enhance your recognition within the marketplace and increase your influence at the executive level.

Objectives:

This seminar is designed to prepare delegates for the CGEIT examination by enabling them to supplement their existing knowledge and understanding, thereby better equipping them to pass the exam as defined by ISACA.

Target Audience:

Our training course is intended for IT and business professionals with substantial IT governance experience who are undertaking the CGEIT exam.

This training is delivered as a workshop enriched with substantial theoretical knowledge. The curriculum aligns with the official CISA certification framework. Throughout the workshop, case studies will be analyzed to address specific issues in depth. Instruction is conducted in English (with Polish available upon request), utilizing the ISACA handbook as the primary resource.
 

Scope of CISA Exam Content:

• Information System Auditing Process (21%)
• Governance and Management of IT (17%)
• Information Systems Acquisition, Development, and Implementation (12%)
• Information Systems Operation and Business Resilience (23%)
• Protection of Information Assets (27%)

Exam Duration: 4 hours
Format: Multiple-choice test
Number of Questions: 200

To claim the CISA qualification, you must fulfill the following requirements: 

1. Successfully pass the CISA exam, achieving a score of 450 or higher.
2. Adhere to the ISACA Code of Professional Ethics
3. Commit to complying with the CISA Continuing Professional Education Policy
4. Acquire at least five years of professional work experience in information systems auditing, control, or security.
5. Comply with Information Systems Auditing Standards

If you have passed the exam and believe you meet these criteria, you may begin the certification application process via this page.
A processing fee of $50 applies to the application.

Additionally, there is an annual fee required to maintain your certification. The cost is $40 per year for ISACA members and $75 for non-members.

Description:

Note: Please note that this updated CISM exam content outline applies to examinations commencing from 1 June 2022.

CISM® stands as the most prestigious and rigorous qualification for Information Security Managers worldwide. This certification offers you a pathway to join an elite network of peers who continuously learn and adapt to the evolving opportunities and challenges within Information Security Management.

Our CISM training methodology delivers comprehensive coverage of the four CISM domains, focusing on building core concepts and mastering the resolution of CISM exam questions released by ISACA. This course serves as intensive training and rigorous exam preparation for ISACA’s Certified Information Security Manager (CISM®) Examination.

Our instructors recommend that all delegates thoroughly review the ISACA-released CISM QA&E (Questions, Answers, and Explanations) as part of their exam preparation. The QA&E is invaluable in helping delegates grasp the ISACA question style, the approach to solving these questions, and facilitating rapid assimilation of CISM concepts during live classroom sessions.
All our trainers possess extensive experience in delivering CISM training. We will ensure you are fully prepared for the CISM examination.

Goal:

The primary objective is to pass your CISM examination on the first attempt.

Objectives:

• Apply the knowledge acquired in a practical manner that benefits your organisation
• Establish and maintain an information security governance framework to achieve your organisation’s goals and objectives
• Manage information risk to an acceptable level to meet business and compliance requirements
• Establish and maintain information security architectures (people, process, technology)
• Integrate information security requirements into the contracts and activities of third parties/suppliers
• Plan, establish, and manage the capability to detect, investigate, respond to, and recover from information security incidents to minimise business impact

Target Audience:

• Security professionals with 3-5 years of front-line experience
• Information security managers or individuals with management responsibilities
• Information security staff and assurance providers requiring an in-depth understanding of information security management, including: CISOs, CIOs, CSOs, privacy officers, risk managers, security auditors, compliance personnel, BCP/DR personnel, and executive and operational managers responsible for assurance functions

This instructor-led, live training in Portugal (online or onsite) is designed for beginner to intermediate system administrators and security professionals who wish to learn how to implement Cloudflare for content delivery and cloud security, as well as mitigate DDoS attacks.

By the end of this training, participants will be able to:

• Configure Cloudflare for their websites.
• Set up DNS records and SSL certificates.
• Implement Cloudflare for content delivery and caching.
• Protect their websites from DDoS attacks.
• Implement firewall rules to restrict traffic to their websites.

Description:

This course is designed as an intensive and rigorous exam preparation for ISACA’s Certified in Risk and Information Systems Control (CRISC) examination. The syllabus covers the latest four domains of the CRISC framework, with a strong emphasis on exam success. Participants attending the course will also receive copies of the official ISACA CRISC Review Manual and the Question, Answer & Explanation (Q&A&E) supplements. The Q&A&E material is particularly valuable for helping candidates understand ISACA’s question format, the type of responses expected, and for accelerating the assimilation of key concepts.

The technical skills and practices promoted and evaluated by ISACA for the CRISC certification form the foundation for success in this profession. Holding the CRISC certification attests to your professional competence and expertise. As demand grows for professionals with risk and control expertise, ISACA’s CRISC has become the preferred certification for individuals and organisations worldwide. The CRISC credential signals a distinguished commitment to serving both an enterprise and one’s chosen profession.

Objectives:

• To assist you in passing the CRISC examination on your first attempt.
• To demonstrate your commitment to delivering exceptional service to an enterprise.
• To leverage the increasing demand for risk and control expertise, enabling certification holders to secure better career positions and higher salaries.

You will learn:

• How to help enterprises achieve their business objectives by designing, implementing, monitoring, and maintaining risk-based, efficient, and effective IT controls.
• The technical skills and practices promoted by CRISC, which serve as the building blocks for success in the field.

This instructor-led, live training in Portugal (online or onsite) is aimed at intermediate-level IT professionals who wish to enhance their skills in identifying and managing IT risk and implementing information systems controls, and prepare for the CRISC certification exam.

By the end of this training, participants will be able to:

• Understand the governance and risk management aspects of IT.
• Conduct IT risk assessments and implement risk responses.
• Design and implement information systems controls.
• Prepare effectively for the CRISC certification exam.

This instructor-led, live training in Portugal (online or onsite) is aimed at supply chain professionals who wish to establish effective control and oversight of their supply chain, especially as it relates to cybersecurity.

By the end of this training, participants will be able to:

• Understand the security oversights that can bring about significant damage and disruption to a supply chain.
• Break down a complex security problem into manageable and actionable parts.
• Address common supply chain vulnerabilities by analyzing high risk areas and engaging with stakeholders.
• Adopt best practices in securing a supply chain.
• Noticeably reduce or eliminate the biggest risks to an organization's supply chain.

This instructor-led, live training in Portugal (online or onsite) is designed for intermediate to advanced IT professionals and business leaders seeking to develop a structured approach to managing data breaches.

Upon completion of this training, participants will be able to:

• Comprehend the causes and consequences of data breaches.
• Develop and implement strategies to prevent data breaches.
• Establish an incident response plan to contain and mitigate breaches.
• Conduct forensic investigations and assess the impact of breaches.
• Meet legal and regulatory requirements for breach notification.
• Recover from data breaches and enhance security postures.

This instructor-led live training in Portugal (online or onsite) is targeted at developers and administrators seeking to develop software and products that are HiTRUST compliant.

By the end of this training, participants will be able to:

• Understand the core concepts of the HiTrust CSF (Common Security Framework).
• Identify the HITRUST CSF administrative and security control domains.
• Learn about the different types of HiTrust assessments and scoring.
• Understand the certification process and requirements for HiTrust compliance.
• Know the best practices and tips for adopting the HiTrust approach.

This training course demonstrates how risk assessment for information security is conducted by integrating information from ISO/IEC 27005:2022 and ISO/IEC 27001. Alongside theoretical knowledge, the course includes practical exercises, quizzes, and case studies, making it a highly engaging learning experience.

Description:

Designed as a 'Practitioner' level course, this programme places significant emphasis on practical exercises intended to reinforce theoretical concepts and build delegates' confidence in executing business continuity management. The curriculum is also crafted to stimulate debate and facilitate the exchange of knowledge and experience among participants.
Participants will gain invaluable insights from our trainers, who are practicing business continuity management experts and ISO 22301:2019 specialists with extensive practical experience.

Delegates will learn how to:

• Articulate the necessity of business continuity management (BCM) across all types of organisations
• Define the business continuity lifecycle
• Manage a business continuity programme
• Gain a thorough understanding of their organisation to identify mission-critical impact areas
• Determine the organisation's business continuity strategy
• Establish a business continuity response
• Exercise, maintain, and review plans
• Embed business continuity within an organisation
• Define terms and definitions specific to business continuity

Upon completion of the course, delegates will possess a comprehensive understanding of all key components of business continuity management. They will be equipped to return to their professional roles and make a substantial contribution to their organisation's business continuity management process.

This instructor-led live training in Portugal (online or onsite) is designed for security engineers who aim to utilize IBM Qradar SIEM to address pressing security use cases.

Upon completing this training, participants will be capable of:

• Monitoring enterprise data across both on-premise and cloud environments.
• Automating security intelligence to proactively hunt threats and mitigate risks.
• Effectively detecting, identifying, and prioritizing threats.

This instructor-led, live training in Portugal (online or onsite) is aimed at developers who wish to integrate Snyk into their development tools to find and fix security issues in their code.

By the end of this training, participants will be able to:

• Understand the features and structure of Snyk.
• Use Snyk to find and fix code security issues.
• Integrate Snyk in a software development lifecycle.