Certified Information Systems Auditor

Certified Information Systems Auditor (CISA) is a globally recognized certification in the field of audit, control and security of information systems. CISA gained worldwide acceptance having uniform certification criteria, the certification has a high degree of visibility and recognition in the fields of IT security, IT audit, IT risk management and governance. Vacancies in the areas of IT security management, IT audit or IT risk management often ask for a CISA certification.^[1] The exam tends to be associated with a high failure rate. CISA is awarded by ISACA.^[2]

Obtaining the certificate

The CISA ISACA certificate can be applied for if the candidate has passed the CISA exam and the following conditions are met:^[3]

Experience as an auditor of information systems
Compliance with Code of Ethics
Continuous training
Compliance with the standards for audits of information systems

Membership in ISACA

The CISA certification is not tied to membership in the worldwide umbrella organization ISACA and the local (mostly national) called Chapters.

Exam

The world unified CISA exams are conducted three times a year: in June, September and December.^[4] The exam is known to be difficult examination and having four hours in length, consists of 200 multiple choice questions and uses the format of one correct answer per question. The scoring is weighted depending on an predetermined value for each question with a passing score of 450 points and a 800-point score as the maximum. Some questions are purely for statistical purposes and do not affect the candidate's score.

CISA Review Courses are organised by various educational institutions across the globe, where students go through the CISA Review manual in the five domains which are:

The Process of Auditing Information Systems (Contains 14% of the Total Marks or 28 Questions)
Governance and Management of IT (Contains 14% of the Total Marks or 28 Questions)
Information Systems Acquisition, Development and Implementation (Contains 19% of the Total Marks or 38 Questions)
Information Systems Operations, Maintenance and Support (Contains 23% of the Total Marks or 46 Questions)
Protection of Information Assets (Contains 30% of the Total Marks or 60 Questions)

Additional requirements

As well as passing the exam, candidates must also pass the following requirements:^[5]

The candidate must provide evidence of at least five years of professional experience. Related work experience or relevant higher education programs can provide credit against this.
The candidate has to comply with the auditing standards of ISACA in the exercise of audits and adhere to the ISACA Code of Professional Ethics.
After obtaining the CISA certification 20 hours of training must be documented per year and at least 120 in a three-year period to retain certification.

References

External links

Certified Information Systems Auditor

Information security certifications

CompTIA	Security+ CASP

Cisco Systems	CCNA Security CCNP Security CCIE Security

EC-Council	CEH CNDA

EITCI	EITCA/IS

ISACA	CISA CISM CRISC

(ISC)²	CISSP ISSMP ISSEP ISSAP

Mile2	CPTE

Offensive Security	OSCP OSWP OSCE OSEE OSWE

eLearnSecurity	eCPPT

This article is issued from Wikipedia - version of the Sunday, March 20, 2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.