Information Systems Auditor Training Course

This course is designed to help attendees build organisational resilience against a range of threats, enabling organisations to respond effectively to incidents, maintain the availability of business operations, and safeguard their interests.

Description:

CISA® is a world-renowned and highly sought-after certification for professionals working in the field of IS audit and IT risk consulting.

Our CISA course is an intensive, highly competitive, and exam-focused training programme. With experience delivering over 150 CISA trainings across Europe and globally, and having trained more than 1,200 CISA delegates, Net Security has developed its CISA training materials in-house. The top priority is ensuring delegates pass the ISACA CISA® Exam. Our training methodology emphasises a deep understanding of CISA IS auditing concepts and extensive practice using large question banks released by ISACA over the last three years. Over time, CISA holders have been in high demand within renowned accounting firms, global banks, advisory and assurance practices, and internal audit departments.

While delegates may have years of IT auditing experience, their ability to tackle CISA exam questions depends entirely on their understanding of globally accepted IT assurance practices. The CISA exam is particularly challenging, often presenting closely matched answer options that test a candidate's grasp of global IT auditing standards. To address these challenges, we provide expert trainers with extensive experience delivering CISA training worldwide.

The Net Security CISA manual covers all exam-relevant concepts, case studies, and Q&A across the five CISA domains. Additionally, the trainer provides key supporting materials throughout the course, including relevant CISA notes, question banks, a CISA glossary, videos, revision documents, exam tips, and CISA mind maps.

Goal:

The ultimate goal is to pass your CISA examination on the first attempt.

Objectives:

• Apply knowledge gained in a practical manner to benefit your organisation
• Deliver audit services in accordance with IT audit standards
• Provide assurance on leadership, organisational structure, and processes
• Provide assurance on the acquisition, development, testing, and implementation of IT assets
• Provide assurance on IT operations, including service operations and third-party services
• Provide assurance on the organisation's security policies, standards, procedures, and controls to ensure the confidentiality, integrity, and availability of information assets.

Target Audience:

Finance and CPA professionals, IT professionals, internal and external auditors, information security specialists, and risk consulting professionals.

This training is delivered as a workshop enriched with substantive knowledge. Sessions are grounded in the official CISA certification framework. During the workshop, case studies will be examined to explore specific issues. Classes will be conducted in English (Polish available on request) using the ISACA handbook in English.
 

CISA Exam Material Scope:

• Information System Auditing Process (21%)
• Governance and Management of IT (17%)
• Information Systems Acquisition, Development and Implementation (12%)
• Information Systems Operation and Business Resilience (23%)
• Protection of Information Assets (27%)

Exam Duration: 4 hours
Type: Multiple choice test
Volume: 200 questions

To be eligible to claim the CISA qualification, you must meet the following requirements:

1. Pass the CISA exam. The passing score is 450 or higher.
2. Adhere to the ISACA Code of Professional Ethics.
3. Commit to complying with the CISA Continuing Professional Education Policy.
4. Acquire at least five years of professional experience in information systems auditing, control, or security.
5. Comply with Information Systems Auditing Standards.

If you have passed the exam and believe you meet these requirements, you may begin the certification application process via this page.
An application fee of $50 applies.

There is also an annual fee required to maintain your certification once granted. The fee is $40 per annum for ISACA members and $75 for non-members.

The Certified Information Systems Security Professional (CISSP) certification, issued by (ISC)², is a globally recognised credential for senior information security professionals. It validates mastery across eight security domains and establishes credibility in roles such as chief information security officer (CISO), security engineer, and senior security manager.

This instructor-led, live training (delivered online or on-site) is designed for intermediate to advanced-level security practitioners seeking both conceptual mastery and practical readiness to successfully pass the CISSP certification exam on the first attempt, while applying these principles within real-world organisational contexts.

By the end of this training, participants will be able to:

• Understand and apply the eight CISSP domains in security governance and practice.
• Develop, assess, and strengthen organisational security policies, architectures, and controls.
• Design and implement security solutions aligned with legal, compliance, and business objectives.
• Interpret and answer exam-style CISSP questions with confidence and strategic insight.

Course Format

• Lectures and guided walkthroughs of each domain.
• Practice questions, scenario-based discussions, and quizzes.
• Hands-on labs, case studies, and group exercises.

Course Customisation Options

• To request a customised focus on specific domains or extended exam review sessions, please contact us to arrange.

A CISSP is an information assurance professional who defines the architecture, design, management and/or controls that assure the security of business environments. The vast breadth of knowledge and the experience it takes to pass the exam is what sets a CISSP apart. The credential demonstrates a globally recognised level of competence provided by the (ISC)²® CBK®, which covers critical topics in security today, including cloud computing, mobile security, application development security, risk management and more.

This course helps you review the 10 domains of information security practices. It also serves as a robust learning tool for mastering concepts and topics related to all aspects of information systems security.

Objectives:

• To review the main topics of the CISSP CBK (Common Body of Knowledge).
• To prepare for the CISSP examination.

This instructor-led, live training in New Zealand (available online or on-site) is designed for beginner to intermediate-level system administrators and security professionals who want to learn how to implement Cloudflare for content delivery and cloud security, as well as how to mitigate DDoS attacks.

By the end of this training, participants will be able to:

• Configure Cloudflare for their websites.
• Set up DNS records and SSL certificates.
• Implement Cloudflare for content delivery and caching.
• Protect their websites from DDoS attacks.
• Implement firewall rules to restrict traffic to their websites.

Description:

This course is designed as rigorous, intensive preparation for the ISACA Certified in Risk and Information Systems Control (CRISC) examination. All four (4) current domains of the ISACA CRISC syllabus will be covered with a strong emphasis on exam readiness. Attendees will also receive the official ISACA CRISC Review Manual and the Question, Answer, and Explanation (Q,A&E) supplement. The Q,A&E resource is particularly valuable in helping participants understand the ISACA question style, the type of responses ISACA expects, and in facilitating rapid retention of key concepts.

The technical skills and practices promoted and assessed through the CRISC certification form the foundation of success in the profession. Holding the CRISC credential demonstrates your expertise and commitment to the field. With increasing demand for professionals skilled in risk and control, ISACA’s CRISC has become the preferred certification for individuals and organisations worldwide. Achieving CRISC signifies a dedicated commitment to serving an enterprise and upholding professional standards with distinction.

Objectives:

• To support you in passing the CRISC examination on your first attempt.
• Attaining this certification demonstrates your commitment to delivering exceptional value to your enterprise.
• As demand grows for professionals with risk and control expertise, CRISC holders will be better positioned to secure advanced roles and competitive remuneration.

You will learn:

• How to help organisations achieve their business objectives by designing, implementing, monitoring, and maintaining efficient, effective, risk-based information systems (IS) controls.
• The technical skills and practices championed by the CRISC certification, which form the core of success in the field.

This instructor-led, live training in New Zealand (available online or on-site) is designed for intermediate-level IT professionals seeking to strengthen their skills in identifying and managing IT risk, implementing information systems controls, and preparing for the CRISC certification examination.

Upon completion of this training, participants will be able to:

• Grasp the governance and risk management dimensions of IT.
• Conduct IT risk assessments and implement appropriate risk responses.
• Design and deploy effective information systems controls.
• Prepare confidently for the CRISC certification exam.

This instructor-led, live training in New Zealand (online or onsite) is designed for supply chain professionals seeking to establish robust control and oversight of their supply chain, particularly in relation to cybersecurity.

By the conclusion of this training, participants will be able to:

• Identify security oversights that could cause significant damage and disruption to a supply chain.
• Break down complex security challenges into manageable and actionable components.
• Address common supply chain vulnerabilities by analysing high-risk areas and engaging effectively with stakeholders.
• Adopt best practices for securing a supply chain.
• Significantly reduce or eliminate the most critical risks to an organisation's supply chain.

This instructor-led, live training in New Zealand (online or on-site) is designed for intermediate to advanced-level IT professionals and business leaders who wish to develop a structured approach to handling data breaches.

By the end of this training, participants will be able to:

• Understand the causes and consequences of data breaches.
• Develop and implement data breach prevention strategies.
• Establish an incident response plan to contain and mitigate breaches.
• Conduct forensic investigations and assess the impact of breaches.
• Comply with legal and regulatory requirements for breach notification.
• Recover from data breaches and strengthen security postures.

This instructor-led, live training in New Zealand (online or onsite) is designed for developers and administrators aiming to develop software and products that comply with HiTrust standards.

Upon completion of this training, participants will be able to:

• Grasp the core concepts of the HiTrust CSF (Common Security Framework).
• Identify the administrative and security control domains within the HITRUST CSF.
• Explore the various types of HiTrust assessments and scoring methods.
• Understand the certification process and requirements for achieving HiTrust compliance.
• Apply best practices and tips for adopting the HiTrust approach.

Description:

This is a 'Practitioner' course, heavily reliant on practical exercises designed to reinforce the concepts being taught and to build delegates' confidence in implementing business continuity management. The course also encourages debate and the sharing of knowledge and experience among participants.
Delegates will benefit from the practical and extensive experience of our trainers, who are active practitioners in business continuity management and specialists in ISO 22301:2019.

Delegates will learn how to:

• Explain the need for business continuity management (BCM) across all organisations
• Define the business continuity lifecycle
• Conduct business continuity programme management
• Understand their organisation well enough to identify mission-critical impact areas
• Determine their organisation's business continuity strategy
• Establish a business continuity response
• Exercise, maintain and review plans
• Embed business continuity within an organisation
• Define terms and definitions appropriate to business continuity

By the end of the course, delegates will have a detailed understanding of all key components of business continuity management and be able to return to their workplaces, making a significant contribution to the business continuity management process.

This instructor-led, live training in New Zealand (online or on-site) is designed for security engineers who wish to use IBM Qradar SIEM to address pressing security use cases.

By the end of this training, participants will be able to:

• Gain visibility into enterprise data across on-premises and cloud environments.
• Automate security intelligence to hunt threats and contain risks.
• Detect, identify, and prioritise threats.

This instructor-led, live training in New Zealand (online or on-site) is designed for developers who want to integrate Snyk into their development workflows to identify and fix security issues in their code.

By the end of this training, participants will be able to:

• Understand the features and structure of Snyk.
• Use Snyk to detect and resolve code security vulnerabilities.
• Integrate Snyk into the software development lifecycle.

This course covers the fundamental concepts of security and IT security, with a focus on defending against network attacks. Participants will gain an understanding of essential security protocols and the security principles underpinning web services. Recent attacks targeting cryptosystems and associated vulnerabilities will be referenced.