The Certified Information Systems Auditor or CISA is awarded to professionals who exhibit proficiency in information systems security, audit, and control. The CISA is the chief certification sponsored by the Information Systems Audit and Control Association, or ISACA.
The CISA has gained world-class recognition making it a certification that IT-inclined accountants would definitely consider.
To become a Certified Information Systems Auditor, a candidate must fulfill a series of rigid requirements.
The CISA exam is usually offered in June and September every year. The contents of the CISA Examination include areas (domains) in information systems security, audit, and control.
Domain 1 – The Process of Auditing Information Systems (14%)
Domain 2 – Governance and Management of IT (14%)
Domain 3 – IS Acquisition, Development, Implementation (19%)
Domain 4 – IS Operations, Maintenance and Support (23%)
Domain 5 – Protection of Information Assets (30%)
All successful candidates will be sent a notification of a passing mark plus information on how to apply for the CISA certification.
Successful candidates may apply for CISA certification within 5 years from passing the examination. Certification will only be awarded to candidates who meet the experience requirements.
CISA certification requires a minimum of 5 years of professional work experience in information systems auditing, control or security. Substitutes to work experience may be applied for a maximum of 3 of the 5 required years. ISACA allows the following as qualifying substitutes.
Candidates and CISA certification holders must agree to abide by the Code of Professional Ethics. Failure to adhere to it may lead to investigation and disciplinary action.
Certified Information Systems Auditors should maintain skill and proficiency and stay abreast with developments related to the professional designation. CISAs are required to complete 120 hours of CPE every three years with a minimum of 20 hours per year.
To learn more about CISA, visit the ISACA Website.