If you want to be taken seriously as an IT auditor, you’ll need an ISACA® qualification. The independent organisation’s certification scheme is the most well-respected in the industry, and those with an ISACA qualification can demonstrate that they are among the IT governance elite.
ISACA offers several qualifications for IT professionals. We’ve listed three of the most common, along with key information.
The CISA® (Certified Information Systems Auditor) qualification is the globally accepted standard of achievement among information systems audit, control and security professionals. It’s currently held by 118,000 IT and accountancy professionals worldwide.
The CISA certificate is awarded to candidates with at least five years of relevant work experience who pass a rigorous written examination that covers:
- Domain 1: The Process of Auditing Information Systems
- Domain 2: Governance and Management of IT
- Domain 3: Information Systems Acquisition, Development and Implementation
- Domain 4: Information Systems Operations, Maintenance and Support
- Domain 5: Protection of Information Assets
The average salary for those with a CISA qualification in the UK has grown rapidly in the past two years. According to ITJobsWatch, CISA-qualified professionals can expect to earn £65,000 annually.
The CISM® (Certified Information Security Manager) qualification is the globally accepted standard of achievement among information security, information systems audit and IT governance professionals. It supports those who manage, design, oversee and assess an organisation’s information security, and is currently held by 28,000 IT professionals worldwide.
The CISM certificate is awarded to candidates with at least five years of relevant work experience who pass a rigorous written examination that covers:
- Domain 1: Information Security Governance
- Domain 2: Information Risk Management and Compliance
- Domain 3: Information Security Program Development and Management
- Domain 4: Information Security Incident Management
According to ITJobsWatch, the average salary for those with a CISM qualification is £65,000 annually.
The CRISC™ (Certified Risk and Information Systems Control) qualification is awarded to those who identify and manage risks through the development, implementation and maintenance of information systems controls. It’s currently held by more than 17,000 IT professionals worldwide.
The CRISC certificate is awarded to candidates with at least three years of relevant work experience who pass a rigorous written examination that covers:
- Domain 1: IT Risk Identification
- Domain 2: IT Risk Assessment
- Domain 3: Risk Response and Mitigation
- Domain 4: Risk and Control Monitoring and Reporting
According to ITJobsWatch, the average salary for those with a CRISC qualification is £75,000 annually, making it one of the highest-paying jobs in information security.
Preparing for the exams
All three exams are offered via a computer-based testing session, which are available during three windows per year. The 2018 deadline for registration is 18 September. The next available window closes on 18 January 2019.