Ufundi Plaza, Moi Avenue Nairobi, Kenya

CISA Bootcamp

Five Day Certified Information Systems Auditor (CISA) – BOOTCAMP

Information technology (IT) audit pertains to the evaluation of information technology to assess compliance with an organization’s policies and processes. An IT audit wholly or partially evaluates automated information processing systems, related non-automated processes and their interfaces for compliance.

The Certified Information Systems Auditor certificate is perhaps the most prestigious certification for IT auditors.  This CISA examination preparation course is an intense 5-day extensive review of CISA examination requirements and preparation for the CISA examination. It imparts the learner with strategies, techniques, and tips for taking and passing the examination.

Attendees also get value beyond passing the examination in that the training delves into IT audit knowledge and its application to internal control, including technology life cycle management, cybersecurity, and business continuity. The training focuses on how IT auditors can add value to an organization.  The course has been developed in line with ISACA’s CISA certification programme.


  • Understand the meaning and application of IT audit and its relationship with audit in general;
  • Comprehend the goals and objectives of IT audit in an organization, and its fit in the internal control environment;
  • Appreciate needed techniques for audit planning (scoping, etc.) and gathering information and audit evidence;
  • Grasp the core of the processes for carrying out IT audits and how to evaluate the effectiveness of IT internal controls,
  • Understand the basis of information risk management and audit of information security.

Why should you attend?

Who should attend?

·         Comprehend strategies and techniques for passing CISA examination;

·         Understand the IT control environment and its fit within internal controls;

·         Appreciate the planning & execution of IT audits

·         Internalize the role of an IT auditor in scoping, information gathering assessment and reporting on the state of IT controls

·         Management and operational personnel in IT, Audit & information security;

·         Personnel responsible for management & audit of technology, human resource, finance, administration, facilities;

·         Risk management, IT infrastructure and internal control personnel



Day One – The Process of It Audit

Day Two – Governance & Management of IT

·         IT audit: definition, concepts, goals and objectives;

·         Standards, tools, methods & techniques for IT audit;

·         The audit process and risk assessment;

·         Planning and management of the audit process;

·         Gathering of audit information and evidence

·         IT strategy, policies, standards, processes & procedures;

·         Technology  governance & organizational structure

·         IT Risk management; Maturity benchmarking and process improvement models; Information systems management practices; Business continuity planning.


Day three – IT Acquisition, Development & Implementation Day Four – Info. systems operations, maintenance & support
·         Project management practices;

·         Software development tools and methodology;

·         Configuration and releases management;

·         Data migration and information systems implementation;

·         Goals and practices of system launch quality assessment.

·         IT service and operational management;

·         planning and capacity management;

·         Problem and incidents management;

·         Business continuity & disaster recovery planning & testing




Day Five – Protection of Information Assets
·         Information security controls assessment;

·         Access management & related controls evaluation;

·         IT infrastructure security & related controls evaluation;

·         Physical security controls assessment.




$1200 (KES 120,000) + VAT. Covers:  5-day workshop: morning tea-break snack, lunch, afternoon tea-break snack + learning material: presentation. ·         info@aganoconsulting.com

·         training@aganoconsulting.com

·         Phone: +254 20 267 0743

Agano Consulting (K) Ltd Scope of Consulting Services


  1. Consulting in IT Governance, Information Security, and Technology Risk Management

We offer ICT strategic advice, policy review and policy development, ICT program design and implementation; IT Governance & Strategy; Policy, Standards & Guidelines, Education & Awareness, Security Risk & Compliance Assessments, Vulnerability Management & Pen-Testing, PCI and ISO27001 certification readiness, Digital Forensics.

  1. Information Security & Risk Management Training

Training is based on customer needs and can be turnkey or specific for your needs. Training spans a whole starting with top management to the shop floor. A key focus area is IT Governance, Security & Risk Management.

  1. ICT Market Research

Our market research yields deep insights on specifics issues affecting ICTs including industry trends, policy impacts, benchmarking, investments, key market indicators and program evaluation.

  1. Staff Augmentation with focus on IT and Information Risk Management Professionals

We can augment skills in a company where the need arises. Often companies may not have the resources to meet specific needs that may be required for a time. Our staff and associates are qualified for such positions as Chief Information Security Officer (CISO), Information Security Managers, and Information Security Analysts.

  1. International Business Outsourcing with focus on African Markets

We work with outsourcing clients to march their needs with outsourcing partners and ensure successful deal implementation.

  1. Intellectual Property (IP) Advisory Services

We advise inventors, artists, writers, among others, on matters of intellectual property (IP) processes and how they can benefit from the world IP regime. We help demystify the IP registration process and, in partnership with a team of lawyers, register related IP as sought by our clients.

  1. ISO Certification Readiness: (ISO 27001 and 9001)

Our consultants work with your staff to realize ISO certification. We start with a readiness assessment, identify the gaps and establish a clear roadmap towards certification. We then embark on certification readiness by addressing the identified gaps.