ISACA CISA Certification Prep
Welcome to the ultimate free study guide for the ISACA Certified Information Systems Auditor (CISA) certification. Every chapter of the syllabus pairs a YouTube video lesson with a concise written summary and an exam-focused FAQ — designed for quick scanning, search and last-minute revision. The 70 episodes below cover all five CISA exam domains.
New episodes are published on the RooCloud YouTube channel, and you can test yourself with chapter-wise multiple-choice questions and full-length practice exams at RooCloud.com.
The CISA exam is organised into five domains:
- Information System Auditing Process — Episodes 1–10
- Governance and Management of IT — Episodes 11–23
- Information Systems Acquisition, Development & Implementation — Episodes 24–33
- Information Systems Operations & Business Resilience — Episodes 34–52
- Protection of Information Assets — Episodes 53–70
📝 Notes + videos are only half the prep
The written notes and video lessons in this guide are designed to be used alongside practice. Reinforce every chapter with chapter-wise MCQs and full-length mock exams at RooCloud.com — read or watch the lesson here, then test your recall and exam-readiness there.
Table of Contents
Domain 1: Information System Auditing Process
- Episode 1: IS Audit Standards, Guidelines, Functions & Codes of Ethics
- Episode 2: Types of Audits, Assessments & Reviews
- Episode 3: Risk-Based Audit Planning
- Episode 4: Types of Controls & Considerations
- Episode 5: Audit Project Management
- Episode 6: Audit Testing & Sampling Methodology
- Episode 7: Audit Evidence Collection Techniques
- Episode 8: Audit Data Analytics
- Episode 9: Reporting & Communication Techniques
- Episode 10: Quality Assurance & Improvement of the Audit Process
Domain 2: Governance and Management of IT
- Episode 11: Laws, Regulations & Industry Standards
- Episode 12: Organizational Structure, IT Governance & IT Strategy (Part 1 of 2)
- Episode 13: Organizational Structure, IT Governance & IT Strategy (Part 2 of 2)
- Episode 14: IT Policies, Standards, Procedures & Guidelines
- Episode 15: Enterprise Architecture & Considerations
- Episode 16: Enterprise Risk Management
- Episode 17: Data Privacy Program & Principles
- Episode 18: Data Governance & Classification
- Episode 19: IT Resource Management
- Episode 20: IT Vendor Management (Part 1 of 2)
- Episode 21: IT Vendor Management (Part 2 of 2)
- Episode 22: IT Performance Monitoring & Reporting
- Episode 23: Quality Assurance & Quality Management of IT
Domain 3: Information Systems Acquisition, Development & Implementation
- Episode 24: Project Governance & Management (Part 1 of 2)
- Episode 25: Project Governance & Management (Part 2 of 2)
- Episode 26: Business Case & Feasibility Analysis
- Episode 27: System Development Methodologies (Part 1 of 2)
- Episode 28: System Development Methodologies (Part 2 of 2)
- Episode 29: Control Identification & Design
- Episode 30: System Readiness & Implementation Testing
- Episode 31: Implementation Configuration & Release Management
- Episode 32: System Migration, Infrastructure Deployment & Data Conversion
- Episode 33: Postimplementation Review
Domain 4: Information Systems Operations & Business Resilience
- Episode 34: IT Components (Part 1 of 3)
- Episode 35: IT Components (Part 2 of 3)
- Episode 36: IT Components (Part 3 of 3)
- Episode 37: IT Asset Management
- Episode 38: Job Scheduling & Production Process Automation
- Episode 39: System Interfaces
- Episode 40: End-User Computing & Shadow IT
- Episode 41: Systems Availability & Capacity Management
- Episode 42: Problem & Incident Management
- Episode 43: IT Change, Configuration & Patch Management
- Episode 44: Operational Log Management
- Episode 45: IT Service Level Management
- Episode 46: Database Management
- Episode 47: Business Impact Analysis
- Episode 48: System & Operational Resilience
- Episode 49: Data Backup, Storage & Restoration
- Episode 50: Business Continuity Plan (Part 1 of 2)
- Episode 51: Business Continuity Plan (Part 2 of 2)
- Episode 52: Disaster Recovery Plans
Domain 5: Protection of Information Assets
- Episode 53: Information Asset Security Policies, Frameworks, Standards & Guidelines
- Episode 54: Physical & Environmental Controls
- Episode 55: Identity & Access Management (Part 1 of 2)
- Episode 56: Identity & Access Management (Part 2 of 2)
- Episode 57: Network & Endpoint Security
- Episode 58: Data Loss Prevention
- Episode 59: Data Encryption (Part 1 of 2)
- Episode 60: Data Encryption (Part 2 of 2)
- Episode 61: Public Key Infrastructure
- Episode 62: Cloud & Virtualized Environments (Part 1 of 2)
- Episode 63: Cloud & Virtualized Environments (Part 2 of 2)
- Episode 64: Mobile, Wireless & Internet of Things Devices
- Episode 65: Security Awareness Training & Programs
- Episode 66: Information System Attack Methods & Techniques
- Episode 67: Security Testing Tools & Techniques
- Episode 68: Security Monitoring Logs, Tools & Techniques
- Episode 69: Security Incident Response Management
-
Episode 70: Evidence Collection & Forensics
This study guide is produced by RooCloud. Watch the full series on YouTube, browse all courses at RooCloud @ GitHub, and practice with chapter-wise MCQs and full-length mock exams at RooCloud.com.