Why CISA remains essential to developing a senior career in IT

With the growth of CISM and CISSP as the pre-eminent qualifications required for securing senior positions in information security, many of our training delegates ask the question, ‘Where does CISA fit in my career plan?’ Or, ‘Is CISA just for the IT auditors?’

Introduced in 1978, Certified Information Systems Auditor (CISA) is the ‘granddaddy’ of the ISACA range of certificates and is held by over 129,000 IT professionals worldwide. It is globally recognised as proof of competency and experience in providing assurance that critical business assets are secured and available.

In a nutshell, the directors and board members of major companies rely on their CISA-qualified managers to confirm that their business is adequately protected against cyber crime. CISA remains one of the top five highest-paying certifications for the third consecutive year, according to Global Knowledge’s 2016 IT Skills and Salary Survey.

CISA is awarded to candidates with at least five years of relevant work experience and who pass a rigorous written examination based on the following five knowledge domains:

  • Domain 1 – The Process of Auditing Information Systems
  • Domain 2 – Governance and Management of IT
  • Domain 3 – Information Systems Acquisition, Development and Implementation
  • Domain 4 – Information Systems Operations, Maintenance and Support
  • Domain 5 – Protection of Information Assets

ISACA summarises the importance of CISA in the following roles:

Information systems auditors

CISA enables you to be recognised, domestically and at an international level, as a professional with the knowledge, skills and credibility to offer opinions and solutions on, and to audit all areas related to, information systems.

Information security professionals

CISA demonstrates your proven experience in helping enterprises navigate a complex and evolving regulatory landscape, leverage standards and expertise, and reduce the complexity and time necessary to manage vulnerabilities, measure security and ensure compliance. CISA is designed to complement the ISACA Certified Information Security Management (CISM) qualification.

IT governance professionals

From the frontline to the boardroom, CISA reassures stakeholders of your abilities to identify critical issues and recommend customised company-specific practices to support and safeguard the governance of information and related technologies.


For those of you planning to take the CISA examination in the next available testing window between August and September, I recommend that you consider attending our CISA exam prep training course, which will be running in London on 8-11 August.