ISACA CISA Certification Prep
Welcome to the ultimate free study guide for the ISACA Certified Information Systems Auditor (CISA) certification. This site pairs every YouTube lesson with a concise written summary and an exam-focused FAQ you can scan, search and revise from. Together the 70 episodes cover the entire CISA syllabus across its five domains.
Watch the full series on the RooCloud YouTube channel and test yourself with chapter-wise multiple-choice questions and full-length practice exams at RooCloud.com.
The exam is organised into five domains: Information System Auditing Process (Episodes 1–10), Governance and Management of IT (Episodes 11–23), Information Systems Acquisition, Development & Implementation (Episodes 24–33), Information Systems Operations & Business Resilience (Episodes 34–52), Protection of Information Assets (Episodes 53–70).
📝 Notes + videos are only half the prep
The written notes and video lessons in this guide are designed to be used alongside practice. Reinforce every chapter with chapter-wise MCQs and full-length mock exams at RooCloud.com — read or watch the lesson here, then test your recall and exam-readiness there.
Domain 1: Information System Auditing Process
- Episode 1: IS Audit Standards, Guidelines, Functions & Codes of Ethics
- Episode 2: Types of Audits, Assessments & Reviews
- Episode 3: Risk-Based Audit Planning
- Episode 4: Types of Controls & Considerations
- Episode 5: Audit Project Management
- Episode 6: Audit Testing & Sampling Methodology
- Episode 7: Audit Evidence Collection Techniques
- Episode 8: Audit Data Analytics
- Episode 9: Reporting & Communication Techniques
- Episode 10: Quality Assurance & Improvement of the Audit Process
Domain 2: Governance and Management of IT
- Episode 11: Laws, Regulations & Industry Standards
- Episode 12: Organizational Structure, IT Governance & IT Strategy (Part 1 of 2)
- Episode 13: Organizational Structure, IT Governance & IT Strategy (Part 2 of 2)
- Episode 14: IT Policies, Standards, Procedures & Guidelines
- Episode 15: Enterprise Architecture & Considerations
- Episode 16: Enterprise Risk Management
- Episode 17: Data Privacy Program & Principles
- Episode 18: Data Governance & Classification
- Episode 19: IT Resource Management
- Episode 20: IT Vendor Management (Part 1 of 2)
- Episode 21: IT Vendor Management (Part 2 of 2)
- Episode 22: IT Performance Monitoring & Reporting
- Episode 23: Quality Assurance & Quality Management of IT
Domain 3: Information Systems Acquisition, Development & Implementation
- Episode 24: Project Governance & Management (Part 1 of 2)
- Episode 25: Project Governance & Management (Part 2 of 2)
- Episode 26: Business Case & Feasibility Analysis
- Episode 27: System Development Methodologies (Part 1 of 2)
- Episode 28: System Development Methodologies (Part 2 of 2)
- Episode 29: Control Identification & Design
- Episode 30: System Readiness & Implementation Testing
- Episode 31: Implementation Configuration & Release Management
- Episode 32: System Migration, Infrastructure Deployment & Data Conversion
- Episode 33: Postimplementation Review
Domain 4: Information Systems Operations & Business Resilience
- Episode 34: IT Components (Part 1 of 3)
- Episode 35: IT Components (Part 2 of 3)
- Episode 36: IT Components (Part 3 of 3)
- Episode 37: IT Asset Management
- Episode 38: Job Scheduling & Production Process Automation
- Episode 39: System Interfaces
- Episode 40: End-User Computing & Shadow IT
- Episode 41: Systems Availability & Capacity Management
- Episode 42: Problem & Incident Management
- Episode 43: IT Change, Configuration & Patch Management
- Episode 44: Operational Log Management
- Episode 45: IT Service Level Management
- Episode 46: Database Management
- Episode 47: Business Impact Analysis
- Episode 48: System & Operational Resilience
- Episode 49: Data Backup, Storage & Restoration
- Episode 50: Business Continuity Plan (Part 1 of 2)
- Episode 51: Business Continuity Plan (Part 2 of 2)
- Episode 52: Disaster Recovery Plans
Domain 5: Protection of Information Assets
- Episode 53: Information Asset Security Policies, Frameworks, Standards & Guidelines
- Episode 54: Physical & Environmental Controls
- Episode 55: Identity & Access Management (Part 1 of 2)
- Episode 56: Identity & Access Management (Part 2 of 2)
- Episode 57: Network & Endpoint Security
- Episode 58: Data Loss Prevention
- Episode 59: Data Encryption (Part 1 of 2)
- Episode 60: Data Encryption (Part 2 of 2)
- Episode 61: Public Key Infrastructure
- Episode 62: Cloud & Virtualized Environments (Part 1 of 2)
- Episode 63: Cloud & Virtualized Environments (Part 2 of 2)
- Episode 64: Mobile, Wireless & Internet of Things Devices
- Episode 65: Security Awareness Training & Programs
- Episode 66: Information System Attack Methods & Techniques
- Episode 67: Security Testing Tools & Techniques
- Episode 68: Security Monitoring Logs, Tools & Techniques
- Episode 69: Security Incident Response Management
-
Episode 70: Evidence Collection & Forensics
This study guide is produced by RooCloud. Watch the full series on YouTube, browse all courses at RooCloud @ GitHub, and practice with chapter-wise MCQs and full-length mock exams at RooCloud.com.