The Certified Information Systems Auditor (CISA) is a certification issued by the Information Systems Audit and Control Association (ISACA). The purpose of the certification is to assist employers in hiring auditors who are skilled in measuring and assessing IT controls by affirming that a candidate possesses a baseline set of auditing skills. In order to receive the certification, applicants must pass an examination that includes sections on the following topics, among others:
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
Before an applicant is allowed to sit for the exam, he or she must already have a minimum of five years experience in one of six information systems of expertise, as well as be willing to sign and comply with ISACA's Code of Professional Ethics.
- auditing practices and techniques
- gathering and preserving evidence in forensic investigations
- control objectives and reporting techniques
The six areas of expertise are:
If the candidate has enough related experience, passes the exam and signs the code, he or she will receive the certification; maintenance of the certification, however, requires that practitioners gain Continuing Professional Education credits so that their skills remain relevant to their field.
- Information Systems (IS) audit process
- IT Governance
- Systems and Infrastructure Lifecycle Management
- IT Service Delivery and Support
- Protection of Information Assets
- Business Continuity and Disaster Recovery