Next boot camp starts soon. Enroll now.

ISACA CISA Training Boot Camp

Transform your career in 5 days

This CISA Boot Camp teaches you the skills necessary to develop, manage and supervise programs to defend against unauthorized information access. You’ll gain in-depth knowledge of auditing information systems and how they apply to real-world scenarios — and leave fully prepared to pass your CISA exam.

Course essentials

Boot camp at a glance

  • Method

    Live online, in-person, team onsite

  • Duration

    5 days

  • Experience

    5+ years

  • Average salary


  • Meets 8570.1

    DoD Information Assurance requirements

What you'll learn

Training overview

exam pass guarantee logo

Infosec’s CISA Boot Camp extensively prepares you for the ISACA CISA exam, which consists of 150 multiple-choice questions that cover the five information systems auditing areas. These areas have been created from a CISA job practice analysis and reflect the work performed by information systems auditors:

  • Information systems auditing process
  • Governance and management of IT
  • Information systems acquisition, development and implementation
  • Information systems operation and business resilience
  • Protection of information assets

ISACA Accredited Training Organization (ATO)

Infosec is one of a select number of ISACA accredited Elite+ Partners in the world. When you enroll in an Infosec CISM Boot Camp, you can rest assured you are receiving the most effective and up-to-date certification prep available, including official ISACA training materials and instruction that has been independently assessed to meet ISACA’s quality standards.

Award-winning training you can trust

What's included

Everything you need to know

  • 90-day extended access to Boot Camp components, including class recordings
  • 12-Month subscription to the ISACA Official Question, Answer & Explanation (QAE) database
  • 100% Satisfaction Guarantee
  • Exam Pass Guarantee
  • Exam voucher
  • Free 90-day Infosec Skills subscription (access to 1,400+ additional courses and labs)
  • Knowledge Transfer Guarantee
  • Pre-study learning path
  • Unlimited practice exam attempts

Before your boot camp


To receive the CISA certification, you must:

  • Submit verified evidence of a minimum of five years of professional information systems auditing, control or security work experience. Up to three years can be waived if other requirements are met. You must have five years after passing the exam to gain the necessary work experience and apply for certification.

Learn more about CISA pre-requirements and waivers with our CISA overview hub.


Training schedule

Preparation (before the boot camp starts)

CISA prep course

Day 1
Morning session


The process of auditing information systems

  • Executing risk-based is audit strategy
  • Plan specific audits
  • Conduct audits in accordance with IT audit standards
Afternoon session

The process of auditing information systems continued

Evening session

Optional group & individual study

Schedule may vary from class to class

Day 2
Morning session

Governance of IT and management

  • Corporate governance
  • Governance of enterprise IT
  • Information systems strategy
  • Maturity and process improvement models
  • IT investment and allocation practices
  • Policies and procedures
  • Risk management
  • Information technology management practices
  • IT organization structure and responsibilities
  • Auditing IT governance structure and implementation
  • Business continuity planning
  • Auditing business continuity
Afternoon session

Governance of IT and management continued

Evening session

Optional group & individual study

Schedule may vary from class to class

Day 3
Morning session

Information systems acquisition, development and implementation

  • Business realization
  • Project management structure
  • Project management practices
  • Business application development
  • Virtualization and cloud computing environments
  • Business application systems
  • Development methods
  • Infrastructure development acquisition practices
  • Information systems maintenance practices
  • System development tools and productivity aids
  • Process improvement practices
  • Application controls
  • Auditing application controls
  • Auditing systems development, acquisition and maintenance
Afternoon session

Information systems acquisition, development and implementation continued

Evening session

Optional group & individual study

Schedule may vary from class to class

Day 4
Morning session

Information systems operations, maintenance and services management continued

  • Information systems operations
  • IT asset management
  • Information systems hardware
  • IS architecture and software
  • IS network infrastructure
  • Auditing infrastructure and operations
  • Disaster recovery planning
Afternoon session

Information systems operations, maintenance and services management continued

Evening session

Optional group & individual study

Schedule may vary from class to class

Day 5
Morning session

Protection of information assets

  • Information security management
  • Logical access
  • Network infrastructure security
  • Auditing information security management framework
  • Auditing network infrastructure security
  • Environmental exposures and controls
  • Physical access exposures and controls
  • Mobile computing
  • Peer-to-peer computing
  • Instant messaging
  • Social media
  • Cloud computing
  • Data leakage
  • End-user computing security risk and controls

Exam review

Afternoon session

Exam review

Schedule may vary from class to class

Guaranteed results

Our boot camp guarantees

Exam Pass Guarantee

Exam Pass Guarantee

If you don’t pass your exam on the first attempt, get a second attempt for free. Includes the ability to re-sit the course for free for up to one year (does not apply to CMMC-AB boot camps).

100% Satisfaction Guarantee

100% Satisfaction Guarantee

If you’re not 100% satisfied with your training at the end of the first day, you may withdraw and enroll in a different online or in-person course.

Knowledge Transfer Guarantee

Knowledge Transfer Guarantee

If an employee leaves within three months of obtaining certification, Infosec will train a different employee at the same organization tuition-free for up to one year.

Unlock team training discounts

If you’re like many of our clients, employee certification is more than a goal — it’s a business requirement. Connect with our team to learn more about our training discounts.


Frequently asked questions

Why is getting certified an important part of an information security auditor’s career?

Earning a highly-regarded certification like the CISA establishes the cert holder as a knowledgeable and competent auditing professional. The certification is often used as a hard requirement for employers seeking talent in the audit industry, and recruiters keep an eye out for it when reviewing resumes/CVs.

What qualifies as information security auditing experience?

Learn more how ISACA defines what qualifies as information security auditing experience on our ISACA Certifications Overview.

How is the CISA related to the DoD 8570?

The Department of Defense Directive 8570 requires anyone seeking a government job to hold specific certifications before they can be hired in a position related to information systems/security. The CISA fulfills the DoD 8570’s IAT Level III and CSSP Auditor requirements.

How is the CISA certification different from other comparable security certifications?

Due to ISACA’s emphasis on candidates possessing a breadth of work experience and professional accomplishment, the CISA (Certified Information Systems Auditor) has become the industry’s preferred certification program around the world. The CISA is specialized for high standards of information systems auditing, while other certifications — such as the CIA (Certified Internal Auditor) — are more generalized.

How does the CISA experience waiver work?

Waivers for work experience can be acquired in a number of circumstances, with a maximum of up to three years waived. For example, completing 60 to 120 university semester credit hours, equivalent to acquiring a 2-year or 4-year degree, can be substituted for 1 or 2 years of work experience, respectively. A max of 1 year of information systems experience or 1 year of non-IS auditing experience can also be substituted for 1 year of work experience.

Meets 8570.1 requirements

Attention DoD Information Assurance workers! This boot camp helps meet U.S. Department of Defense Directive 8570.1 requirements for department employees or contractors engaged in work related to information security.

You're in good company


Very impressed with Infosec. My instructor did a great job delivering the information strategically and in a way for all to understand. I would definitely take another class/certification prep course.

Sylvia Swinson, Texeltek


The instructor was able to take material that prior to the class had made no sense, and explained it in real world scenarios that were able to be understood.

Erik Heiss, United States Air Force


Excellent! Our instructor had a vast background and related the materials to real life. Much better than just teaching the materials to pass an exam ... but he did that as well. He went out of his way in class. The extra materials really benefited us when we returned to our real jobs! Great experience!

John Peck, EPA

Enroll in a boot camp

  • August 21, 2023 - August 25, 2023

    Online only

  • August 28, 2023 - September 1, 2023

    Dulles, | Available online

  • October 9, 2023 - October 13, 2023

    Online only

  • November 6, 2023 - November 10, 2023

    Online only

  • December 4, 2023 - December 8, 2023

    San Diego, California | Available online

  • February 19, 2024 - February 23, 2024

    Dulles, Virginia | Available online

  • April 15, 2024 - April 19, 2024

    San Diego, California | Available online

  • April 29, 2024 - May 3, 2024

    Online only