Certified Information Systems Auditor (CISA)
The Certified Information Systems Auditor (CISA) is a certification issued by the Information Systems Audit and Control Association (ISACA). The purpose of the certification is to assist employers in hiring auditors who are skilled in measuring and assessing IT controls by affirming that a candidate possesses a baseline set of auditing skills.
In order to receive the certification, applicants must pass an examination that includes sections on the following topics, among others:
- auditing practices and techniques
- gathering and preserving evidence in forensic investigations
- control objectives and reporting techniques
Before an applicant is allowed to sit for the exam, he or she must already have a minimum of five years experience in one of six information systems of expertise, as well as be willing to sign and comply with ISACA's Code of Professional Ethics.
The six areas of expertise are:
- Information Systems (IS) audit process
- IT Governance
- Systems and Infrastructure Lifecycle Management
- IT Service Delivery and Support
- Protection of Information Assets
- Business Continuity and Disaster Recovery
If the candidate has enough related experience, passes the exam and signs the code, he or she will receive the certification; maintenance of the certification, however, requires that practitioners gain Continuing Professional Education credits so that their skills remain relevant to their field.
This was last updated in October 2010
Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy