Modern interior of server room in datacenter. IT Engineer in Action Configuring Servers

Certificate in IT Audit Execution

Certificate in IT Audit Execution

Develop the expertise to manage the full IT Audit life cycle

Next Enrolment

February 28th




COVID-19 Updates and changes to program delivery. More information >

Gain the skills and experience you need to confidently execute an IT Audit from end-to-end while preparing for your CISA designation.

What is IT Audit Execution?

For every organization, data and IT system integrity is a top priority. Government regulations are driving organizations to invest in financial reporting controls and their effectiveness.

What you will learn

Learning from professionals in the field, this program prepares you to play a key role in protecting organizations now and in the future. You’ll gain in-depth IT audit knowledge and use current industry tools to recognize and apply appropriate IT audit best practices; recognize and review compliance with appropriate laws and regulations; and implement the full IT audit lifecycle. Through practice-oriented lessons you’ll gain the confidence and know-how to identify and assess risk; apply auditing and assurance concepts; and assess ethical predicaments relevant to an audit.

Enrolment in this program includes access to the official CISA® Review Questions, Answers & Explanations Database for the CISA Examination. You will receive a 12-month Subscription to a comprehensive, 1,000-question pool of resources that contains questions from the CISA® Review Questions, Answers & Explanations Manual.

Program Benefits

Created in collaboration with industry leaders, the Certificate in IT Audit Execution covers the five domains of the Certified Information Systems Auditor (CISA) body of knowledge. In addition, you’ll work on real-world case studies in collaboration with your peers. You’ll practice the core job skills of an IT auditor, like problem solving, negotiation and analytical thinking. You’ll also build meaningful relationships with instructors and peers over the course of the program, creating a supportive learning environment.

Format: Part-Time, blended
Delivery: Online coursework + required live-online sessions
Live Session Schedule: 3 weekends total (Sat & Sun)
Program Length: 6 months
Term Starts: Winter (Feb)


Introducing Live Online Learning

To make our programming even more accessible, and to ensure the safety of students and instructors, we are now offering the in-class course components for professional programs completely online.

Career Potential

Our program will provide you with a one-of-a-kind learning experience, designed to enhance your career and position you for success in a field that’s sure to see continued growth.

Industry Information

In our digital world, data and IT system integrity is at the top of everyone’s list of priorities. We know that the opportunities in this field are immense, with 75% of senior leaders struggling to find skilled IT auditors who can execute the thorough examinations they require to protect their business.
The learning outcomes you gain in this program, paired with your hands-on experience in IT Audit assurance, will put you ahead of the pack for your next job by proving your applied expertise to potential employers.

Professional Associations

Within the IT Auditing field, the Information Systems Audit and Control Association – ISACA® is one of the leading professional organizations. ISACA®’s Certified Information Systems Auditor® CISA® certification validates your skills and expertise in auditing, control and information security. It proves you can assess vulnerabilities, report on compliance and validate and enhance controls in an enterprise.

In order to earn the CISA designation, ISACA has additional requirements regarding application, admission, accreditation and membership.It is the responsibility of students to comply with all the requirements of ISACA for the CISA Designation. Students should contact ISACA directly for more information.

Get hired for jobs like:

IT Internal Auditor
IT Audit Specialist
IT Audit Portfolio Manager

Gain these skills:

Analytical and Critical Thinking
Ethics and Decision Making
Logic and Problem Solving

Who should take this program?

The Certificate in IT Audit Execution is ideal for anyone who currently works in IT Operations or as an Internal or External Auditor. This program can enhance the careers of people with experience in IT operations, cyber security, finance, auditing, consulting and other related fields.

Enrolment Requirements

The Certificate in IT Audit Execution is a direct registration program. No application process is required; simply enrol in the session of your choice to get started.

Learning Outcomes

By the end of the program, graduates will be able to:

  • Recognize and apply the appropriate best practices to an IT Audit as outlined in standards including ITIL, COBIT and COSO;
  • Implement the IT Audit lifecycle from planning, executing and reporting to management;
  • Apply the Certified Information Security Auditor (CISA) domains to the IT Audit Lifecycle;
  • Assess risk within the IT environment to determine if risk is being managed at an acceptable level;
  • Apply auditing and assurance concepts to real-world case studies by examining controls implemented and providing recommendations on improvements;
  • Assess various ethical predicaments as they pertain to the IT Audit profession;
  • Examine compliance with laws and regulation, including SOX, PIPEDA and PCI;
  • Develop effective internal and external relationships using influencing, communication and consultative skills;
  • Apply innovative and critical approaches to challenges faced by an IT audit.
Arif Hameed photo

“The Certificate in IT Audit Execution prepares students to not only pass their CISA exam, but to execute a full IT audit with confidence, in just 6 months. I wish a program like this existed when I was starting out in my career.”

Arif Hameed – Senior Director, Client Security, Equifax (Advisory Council Member)

Baskaran Rajamani photo

“Technology is impacting society like never before and job opportunities related to IT Audit are growing exponentially. This program will help develop competencies that match employer expectations, align with high-demand skills and maximize salary and growth potential.”

Baskaran Rajamani – Partner, Risk Advisory, Deloitte (Advisory Council Member)

“IT Audit is an evolving and growing field. The IT Audit Execution program is designed to address this challenge, and train professionals on emerging technology risks that matter, along with the real-world job skills needed to succeed in the workplace.”

Asif Mohammed – VP Risk, Performance and Technology, Richter; ISACA Toronto Chapter President; and Advisory Council Member

Delivery Format

Part-Time – Blended

Courses combine in-person learning, on campus at York (or Live Online via Zoom during COVID-19) plus online learning. The live components are typically held at a scheduled day and time (e.g. Saturday and Sunday, 9am-4pm), on campus at York (or Live Online via Zoom during COVID-19) where students and instructors gather to participate in active learning activities, share their learnings in an interactive format and hear from guest speakers. The online delivery is asynchronous, which means that while students have set deadlines to complete their work each week, they do not have any required “live” components (e.g. class at 7pm on Tuesdays). There may be optional, live sessions, via Zoom, throughout the course for the instructor to provide additional coaching and support. These optional sessions may be recorded and shared with students who cannot attend.

Students can expect to write exams/quizzes, prepare assignments (individual and group), and participate in online discussions with their peers.

In addition to any live components, students should expect to dedicate approximately 8-10 hours of effort per course each week for readings, discussions boards, practice opportunities, assignments, and so on.

Please view our Live Online video to learn more about this format.


CSIA1000 Planning the IT Audit

Learn the differences between various types of IT Audits and gain an understanding of the complete IT Audit lifecycle. Review the Information Systems Audit and Control Association (ISACA’s) CISA certification’s five (5) domains, risk-based audit planning, scoping the IT Audit engagements process, and IT Audit Standards, Guidelines, and Codes of Ethics. Develop an IT Audit Plan that includes scope, procedure, evidence required, and timeline. Learn about business processes, IT processes, internal controls, and their interconnectedness. This course will also examine detailed steps like audit evidence collection techniques, audit sampling methodology, and tests of internal controls in the context of the audit lifecycle. Discuss specialized topics like data analytics, continuous control monitoring, robotics in IT audit, specialized audits, and third-party attestation.

2 Classes

14 Hours

CSIA1010 Executing the IT Audit

Learn to confidently execute an IT Audit engagement. Develop a comprehensive list of IT Audit requirements, test the in-scope IT general controls, and create and maintain a status report which identifies the current status of the IT Audit process.

2 Classes

14 Hours

CSIA1020 Reporting on the IT Audit

Learn to clearly communicate results of an IT Audit, supporting the findings with appropriate evidence and using structured writing techniques that maximize acceptance of the audit viewpoint. The course will tackle ISACA’s recommended guidelines and standards to communicate the results upon completion of the engagement, ensuring that findings are supported by adequate evidence, and that management has planned/taken appropriate, timely action to address reported findings. Gain hands-on experience with identifying intended recipients, writing audit findings, and working with management to recommend and evaluate action plans. Apply thinking and writing strategies to maximize conciseness, precision and clarity while improving the value outcome of an IT Audit.

2 Classes

14 Hours


Eric Anastacio photo

Eric Anastacio

Manager, Cyber Security Governance, Corus Entertainment

Zain Haq photo

Zain Haq

Cyber Security Auditor, Manulife

Advisory Council

Nina Chow photo

Nina Chow

Principal Consultant, SNC Advisory Services Inc.

Gerard Francis photo

Gerard Francis

Director, Enterprise-Wide IT Audit and QA, Government Of Ontario

Arif Hameed photo

Arif Hameed

Senior Director Client Security, Equifax

Sean C. Higgins

CTO, Customer Success, Herjavec Group

Gaurav photo

Gaurav Kumar

TitleSecurity Consulting Senior Manager, Accenture

Ran Lewin photo

Ran Lewin

Assistant Vice-President Budgets and Asset Management, York University

Asif Mohammed photo

Asif Mohammed

VP Risk, Performance and Technology, Richter

Kartikeya Pandit photo

Kartikeya Pandit

Senior Consultant Risk Advisory Services, Ernst Young LLP

Baskaran Rajamani photo

Baskaran Rajamani

Partner, Risk Advisory, Deloitte

Certificate in IT Audit Execution

Winter 2022


Course Details +


Policies & More Information

Technology Requirements for Remote/Online Courses

Please review the technology and software requirements you will need to access our courses remotely.

Contact Us

Ask us anything about this program and we’ll get back to you within 2 business days.