Why CISA is essential for a senior career in IT audit

With the growth of CISM and CISSP as the pre-eminent qualifications required for securing senior positions in information security, many of our training delegates ask the question, ‘Where does CISA fit in my career plan?’ Or indeed, ‘Is CISA just for the IT auditors?’

Introduced in 1978, Certified Information Systems Auditor (CISA) is the ‘granddaddy’ of the ISACA range of certificates and is held by over 118,000 IT professionals worldwide. It is globally recognised as proof of competency and experience in providing assurance that critical business assets are secured and available.

In a nutshell, the directors and board members of major companies rely on their CISA- qualified managers to confirm that their business is adequately protected against the risks of cybercrime. CISA remains one of the top five highest-paying certifications for the second consecutive year, according to Global Knowledge’s 2015 IT Skills and Salary Survey.

CISA and its 5 domains

CISA is awarded to candidates with at least five years of relevant work experience and who pass a rigorous written examination based on the following five knowledge domains:

  • Domain 1 – The Process of Auditing Information Systems
  • Domain 2 – Governance and Management of IT
  • Domain 3 – Information Systems Acquisition, Development and Implementation
  • Domain 4 – Information Systems Operations, Maintenance and Support
  • Domain 5 – Protection of Information Assets

ISACA summarises the importance of CISA in the roles of:

Information Systems Auditors

CISA enables you to be recognized, not only domestically, but at an international level, as a professional with knowledge, skills, and the credibility to offer opinions and solutions, and to audit all areas related to information systems.

Information Security Professionals

CISA demonstrates your proven experience in helping enterprises navigate a complex and evolving regulatory landscape, leverage standards and expertise, and reducing the complexity and time necessary to manage vulnerabilities, measure security and ensure compliance. CISA is designed to be complimentary to the ISACA Certified Information Security Management (CISM) qualification.

IT Governance Professionals

From the frontline to the boardroom, CISA reassures stakeholders of your abilities to identify critical issues and recommend customised company-specific practices to support and safeguard the governance of information and related technologies.


The next CISA examination date in 2016 is on the 10 Dec, and you still have time to sign up before the Final Registration deadline of 21 October. To prepare for the exam, you will definitely need to purchase and read the CISA Review Manual , 26th Edition and CISA Review Questions, Answers & Explanations Manual, 11th Edition. I recommend that you also consider attending our CISA Exam Prep training course which is running in London on the 15-18 November.

Book your CISA exam prep training course now >>