CISA Exam Preparation Course


The Certified Information Systems Auditor (CISA) is ISACA's cornerstone certification. CISA has grown to be globally recognized and adopted worldwide as a symbol of achievement. The CISA certification has been earned by more than 40,000 professionals since inception, and more than 20,000 individuals registered for the June 2006 CISA exam. It is so clear that many people agree: earning the CISA is a good career move.

To pass the exam, IT audit experience is extremely helpful. It is important to have an experienced facilitator Danny Ha to share with you the audit experience and turn your mindset as an auditor for answering the exam questions. From an IT auditor's perspective you need to choose the solution that adequately falls within the scope of the audit and meets audit objectives for reviewing controls. "Over-thinking" is one of the issues when taking the exam. Learning about the practical experience within the IT audit field will help your preparation, whether it’s auditing live IT systems at your organization or simply creating a sample audit framework or methodology. Learning the IT audit process is essential for preparing for the CISA exam. A little learning is a dangerous thing. Our facilitator Danny Ha will share with you the live cases and the audit experience at this two-day refresher workshop.

On top of an overall review of concepts, in our workshop, you will have the opportunity to ask the facilitator a significant number of questions and obtain advice to maximize your learning experience to increase your chance of passing the exam. Our facilitator Danny Ha is known to have led course participants in invaluable discussion and thus have received praises from the past attendees (please see the Praises at the bottom).


This workshop not only recognizes the vital requirements of passing the CISA exam, but also share directly with the integration of audit concepts, live audit experience, audit cases, and CISA exam techniques across different areas of IS audit in preparing the CISA exam with the goal “Pass the exam for sure”. The facilitator Danny Ha will go through all concepts, questions and cases that are frequently asked and will explain many hard-to-remember audit theories and techniques.

Designed for

This course is mainly for CISA examination candidates who want to pass the examination, and also for in-house control managers, information security officers, risk planners, accountants, CEO, SMB owner, and those people who are interested to understand the requirements of information systems audit, security and controls.

Feature of the workshop

  • Experienced and qualified trainer, Danny Ha, with 27-year practical industrial experience in the IT, information systems audit, security and business risk management industry, holding designations of CISA, CISM, CISSP, CPM, FCRP, CRT, PMP, MBA, ISLA ISC2. For his bio, please visit

  • Comprehensive coverage of course material and past exam questions discussion

  • Precise and clear presentation slides with live audit experience sharing

  • In depth revision and explanation to help students passing the examination

  • Exam techniques sharing


4-Day Workshop Outlines

  • IS Audit Process

  • IT Governance

  • System and Infrastructure Life Cycle

  • Protection of Information Assets

  • IT Services Delivery Support

  • Disaster Recovery and Business Continuity

  • Class work: MC and cases chosen from the above areas and live audit examples

  • Exam questions drill

  • Exam techniques sharing



Mr. Danny Ha

Holder of CISA, CISM, CISSP, CPM, CRT, FCRP, Co-Founder PISA

Lectures of universities, Quality Reviewer of audit projects and CEF courses

Director/Chief Consultant/Auditor – CDS Consulting Ltd

Danny Ha has extensive experience and proven record in information systems audit, security, risk and crisis management. He has been an information technology practitioner for more than 23 years covering area in application system development, systems integration, information systems security and audit, and project management for banking, financial, government, retail and servicing, logistics, warehouse, trading, manufacturing, garment, property agencies, health-care, and hospital industries. Danny is now the Director/ Chief Consultant and Auditor for information systems, security assessment, and risk/crisis management of many multinational enterprises, vendors, banks and HKSAR government departments. He is a Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Information System Security Professional (CISSP), a Certified Fraud Examiner (CFE), a Fellow Certified Risk Planner (FCRP), and a CRT (Certified Risk Trainer) of CRP. He is also the designation holder of MICRM, M@PISA, MHKCS, MHKLA, MPMI, MIAPPM, MIEEE, MACM, and APSNY.

Danny is active in promoting awareness of information system audit, security and risk assessment for business. He is one of the founding members of the Professional Information Security Association (PISA), one of the founding members of Information Security Special Interest Group (ISSIG) of Hong Kong Computer Society (HKCS), and one of the founding members of the Professional Manufacturing Mentorship Association (PMMA).

Danny has been actively participating in training activities to contribute his knowledge or to share his experience with clients, friends and students through in depth discussion. He has delivers a numerous courses at professional certification level, in graduate diploma courses, degree courses in social science, and executive management certificate courses at different universities, professional bodies and institutes in Hong Kong and China. He has conducted the CISA Exam Preparation Courses with over 800 lecturing hours for over 300 audiences since 2002. Also, the CISSP Exam Preparation Courses for over 500 audiences with over 1,200 lecturing hours since 2001.

He is a frequent speaker at various conferences and seminars. He has been interviewed by number newspapers on subjects relating to his professional knowledge, skills and experiences. He also writes articles on related specialized subjects for Career Times, ICRM, and newspapers in Hong Kong.


Attendee’s Praises

"Danny built into our minds the essence of IS auditing, related it to the CISA syllabus, and exemplified it with real-life cases drawn from various literature, current issues and his practice as a security consultant, which not only helped us to tackle CISA exam questions of increasingly scenario-based nature but also prepared us to become a competent IS auditor.  His tips and teaching skills obviously shortened our time to prepare for the CISA examination. – Mr. Johnny, CISA, MACS, BSc(Hons), MBA, MBusSys, Senior Consultant, 2004.

 “Had it not been for my encounter with Danny, I wouldn't have scored 86 at my first CISA attempt. Despite my 8 years of information systems experience, I still found the examination tricky and demanding. Danny's vivid portrait of his security and IS audit experience has dramatically shortened the time I spent on examination preparation. Not only is Danny's training good value and enjoyable, he is also a role model for people serious in the IS auditing field. – Mr. David, MBA, CISA, Senior Lecturer, Oct 2004.

"Archiving CISA certification is one of most remarkable steps in my IT career. Danny was my lecturer of this course. He presented not only his expertise in Information Security but also his strength in delivering what he knows and what he wants you to know. Security never means easy things but Danny makes this topic easy to understand by living examples. He may not be teaching you but he leads you to thoroughly understand the topic." – Mr. Samson, CISA, PMP, Project Manager, Aug 2005.

"The CISA exam demands its candidates possess well rounded IT knowledge from project management, IS security, database management concept down to software development model. To pass the exam, one has to be able to apply these knowledge in auditing situation. Danny Ha has done an excellent job in helping me switch my mentality from an experienced IT practitioner who worked in the IT industries for 10 years into an IS auditor’s mindset. Once the mindset is changed, all I need to do to pass the exam is scanning through the auditor's manual and familiarize myself to the
question CD." –
Mr. Hugh, BSc.(Hons) London, MSc, MIEEE, IT Manager, Aug 2005


Back to the top