0345 4506120

Information Security Auditing Practitioner Certificate

This 5 day Practitioner Certificate in Information Security Auditing (PCISA) course is aimed at individuals who are looking to become information security auditors or those who are seeking to enhance their auditing skills with the ability to apply a more formal approach to the planning and execution of audits and the overall audit programme. This PCISA course is the only information security auditing course in the UK to have been accredited by the Institute of Information Security Professionals (IISP).

We don't currently have any courses listed for Information Security Auditing Practitioner Certificate, would you like to view all courses for Information & Cyber Security?

Learning Objectives

The objective of the PCISA course is to provide clear and practical guidance on planning and conducting information security audits. The course is a combination of PowerPoint presentations, class discussions and practical exercises. The focus is on providing an informal and interactive environment conductive to learning.

By the end of the 5 days, delegates will be able to plan and document an overall audit programme as well as plan, conduct and report on information security audits which meet business, regulatory and legislative requirements.

On completion of the PCISA course, delegates will be able to: 

  • Describe what the different types of audit are and why they are required 
  • Describe how audit enables organisations to demonstrate they are meeting their regulatory, contractual and legislative obligations
  • Describe and apply different auditing techniques 
  • Develop, plan and maintain an audit programme 
  • Plan individual audits and determine the skills and techniques required to conduct them
  • Communicate effectively the audit requirements to interested parties 
  • Conduct effective audits using multiple auditing techniques 
  • Conduct opening and closing meetings 
  • Conduct effective interviews and record suitable objective evidence 
  • Interpret evidence and determine the significance of any findings 
  • Evaluate proposed corrective actions and assess the need to conduct follow-ups
  • Determine whether or not corrective action has been effective

Course Content

Information Security Overview:

  • Language and Definitions
  • Key Information Security Terms 
  • Confidentiality, Integrity and Availability Standards 
  • ISO 27001:2013 
  • PCI DSS Legal Framework 
  • Sector Specific Regulations 
  • National and International Legislation What is an Audit 
  • Objectives of Information Security Audit 
  • 1st, 2nd, 3rd Party Audits 
  • Why Conduct Audits What are we Auditing 
  • Process Audits 
  • Control Audits 
  • Departmental Audits 
  • IT/Systems Audits 
  • Vertical and Horizontal Processes Auditing Techniques 
  • Subjective/Objective Evidence 
  • Document and Research Review 
  • Triangulation of Evidence Developing an Audit Programme 
  • Considerations 
  • ISO 27001 Programme Competencies, Skills and Attributes 
  • Selecting an Auditor Planning an Audit 
  • Initiating an Audit 
  • Conducting Document Review 
  • Preparing for an Onsite Audit The Opening Meeting 
  • Objectives and Guides Interviews 
  • Sampling 
  • Questioning Techniques The Closing Meeting 
  • Objectives and Guides Audit Reporting 
  • Types of Reports 
  • Checklist of Contents 
  • Corrective Actions Review

Exams & Certification

The CISA Course has been successfully accredited by the Institute in Information Security Professionals (IISP) at the level 1+. Areas covered from the skills framework are as follows: A2, A3, A4, A6, B1, B2, D1, G1, H1, H2.

After taking the course, delegates will be able to sit a formal examination which has been assessed and approved by the IISP. The written, closed book examination comprises a combination of multiple choice, short answer and scenario based essay style questions. Students will need to obtain a pass mark of at least 65% to pass the examination.

Privacy Notice

In order to provide you with the service requested we will need to retain and use your contact information in accordance with our Privacy Notice. If you choose to provide us with this information you explicitly consent to us using the information as necessary to provide the request service to you. If you do not agree please do not proceed to request the service from us.

Marketing Permissions

Would you like to receive our newsletter and other information on products and services which we think will be of interest to you by email. We will always treat your information with care and in accordance with our Privacy Notice. You are free to withdraw this permission at any time.


Online Courses

You may prefer an online course if you are looking for a flexible and cost-effective solution. Online courses allow you to study at your own pace, at a time that suits you.

We have the following eLearning options available:

Our Customers Include