Along with articleship

Certified Information Systems Auditor (CISA) is a globally recognized certification in the field of audit, control and security of information systems. CISA gained worldwide acceptance having uniform certification criteria, the certification a high degree of visibility and recognition in the fields of IT security, IT audit, IT risk management and governance. Vacancies in the areas of IT security management, IT audit or IT risk management often ask for a CISA certification.[1] The certification is extremely challenging and is associated with a high failure rate[citation needed]. CISA is awarded by ISACA.[2]

Obtaining the certificate[edit]

The CISA ISACA certificate can be applied for if the following conditions are met [3] and passed the CISA exam

• Experience as an auditor of information systems
• Compliance with Code of Ethics
• Continuous training
• Compliance with the standards for audits of information systems

Membership in ISACA[edit]

The CISA certification is not tied to membership in the worldwide umbrella organization ISACA and the local (mostly national) called Chapters.

Exam[edit]

The world unified CISA exams are conducted three times a year: in June, September and December.[4] The exam is known to be difficult examination and having four hours in length, consists of 200 multiple choice questions and uses the format of one correct answer per question. The scoring is weighted depending on an predetermined value for each question with a passing score of 450 points and a 800 point score as the maximum. Some questions are purely for statistical purposes and do not affect the candidates score.
CISA Review Courses are organised by various educational institutions across the globe, where student go through the CISA Review manual in the 5 Domains which are ;

1. Domain 1 — The Process of Auditing Information Systems
2. Domain 2 — Governance and Management of IT
3. Domain 3 — Information Systems Acquisition, Development and Implementation
4. Domain 4 — Information Systems Operations, Maintenance and Support
5. Domain 5 — Protection of Information Assets

Additional Requirements[edit]

As well as passing the exam, candidates must also pass the following requirements:[5]

• The candidate must provide evidence of at least five years of professional experience. Related work experience or relevant higher education programs can provide credit against this.
• The candidate has to comply with the auditing standards of ISACA in the exercise of audits and adhere to the ISACA Code of Professional Ethics.
• After obtaining the CISA certification 20 hours of training must be documented per year and at least 120 in a three-year period to retain certification.

Frequently asked Questions - FAQ : https://isacabangalore.org

Link : https://isacabangalore.org/isacabc/main/index.php?option=com_content&task=view&id=43&Itemid=61

Submit an Application for CISA Certification

Once a CISA candidate has passed the CISA certification exam and has met the work experience requirements, the final step is to complete and submit a CISA Application for Certification. A minimum of 5 years of professional information systems auditing, control or security work experience (as described in the CISA job practice areas) is required for certification. Substitutions and waivers of such experience, to a maximum of 3 years, may be obtained as follows:

• A maximum of 1 year of information systems experience OR 1 year of non-IS auditing experience can be substituted for 1 year of experience.
• 60 to 120 completed university semester credit hours (the equivalent of an 2-year or 4-year degree) not limited by the 10-year preceding restriction, can be substituted for 1 or 2 years, respectively, of experience.
• A bachelor's or master's degree from a university that enforces the ISACA-sponsored Model Curricula can be substituted for 1 year of experience. To view a list of these schools, please visit www.isaca.org/modeluniversities. This option cannot be used if 3 years of experience substitution and educational waiver have already been claimed.
• A master's degree in information security or information technology from an accredited university can be substituted for 1 year of experience.

Exception: 2 years as a full-time university instructor in a related field (e.g., computer science, accounting, information systems auditing) can be substituted for 1 year of experience.

As an example, at a minimum (assuming a 2-year waiver of experience by substituting 120 university credits), an applicant must have 3 years of actual work experience. This experience can by completed by:

• 3 years of IS audit, control, assurance or security experience

OR

• 2 years of IS audit, control assurance or security experience and 1 full year non-IS audit or IS experience or 2 years as a full-time university instructor.

It is important to note that many individuals choose to take the CISA exam prior to meeting the experience requirements.

This practice is acceptable and encouraged although the CISA designation will not be awarded until all requirements are met.

The work experience for CISA certification must be gained within the 10-year period preceding the application date for certification or within 5 years from the date of originally passing the exam. The CISA Application for Certification is available atwww.isaca.org/cisaapp. Note that candidates have 5 years from the passing date to apply for certification.