The CISA qualification
Established in 1978, the Certified Information Systems Auditor (CISA) qualification awarded by ISACA® is the globally accepted standard of achievement among information systems (IS) audit, control and security professionals.
This page offers an introduction to the concepts and topics covered by CISA, as well as information about the products offered by IT Governance that will help you pass the CISA exam first time.
What are the requirements for CISA qualification?
The CISA certification is awarded to candidates with at least five years of relevant work experience who pass a rigorous written examination.
ISACA defines five CISA domains on which you will be examined:
- Domain 1 - The Process of Auditing Information Systems (21% of exam)
- Domain 2 - Governance and Management of IT (16% of exam)
- Domain 3 - Information Systems Acquisition, Development and Imp. (18% of exam)
- Domain 4 - Information Systems Operations, Maintenance and Support (20% of exam)
- Domain 5 - Protection of Information Assets (25% of exam)
For more information, please see the official ISACA 'How to Become CISA Certified' web page.
How do you pass the CISA exam at the first attempt?
We recommend the following:
- Check that you have the relevant five years of work experience to qualify.
- Register and schedule your exam direct with ISACA.
- Purchase the official ISACA study guides and third-party textbooks.
- Plan a self-study programme that covers all of the key knowledge domains.
- Attend an exam preparation training course a few days before you sit the exam.
How to register and schedule the CISA exam
Since 2017, the CISA exam has been offered via a computer-based testing (CBT) sessions, which are available during three testing windows per year. All candidates must first register online direct with ISACA and pay for the examination in advance. They will then receive email instructions on how to schedule an exam appointment at a local PSI exam centre.
For further information, please review the ISACA Exam Candidate Information Guides.
Continuing professional education
There is a continuing professional education (CPE) policy in respect of qualified CISA professionals. The goal of this policy is to ensure that all CISAs maintain an adequate level of current knowledge and proficiency in the field of information systems audit, control and security.
CISAs who successfully comply with the “continuing professional education policy will be better trained to assess information systems and technology and provide leadership and value to their organisations.” The responsibility for setting the continuing professional education requirements rests with the CISA Certification Board, which oversees the process and requirements to ensure their applicability.
Maintenance fees and a minimum of 20 contact hours of CPE are required annually. In addition, a minimum of 120 contact hours are required during a fixed three-year period.
See the Maintain Your CISA page on the ISACA website for further details.
"Any ISACA programme when followed through from study, to exams, to actual certification, provides greater recognition in the marketplace and influence at the executive level. It is not just about attending a course and passing the exam, it is about being able to demonstrate application of that knowledge and recognition of your work, management and educational experience."
- Paula Kench, Delegate on the CISA Exam Preparation Course
Study for the Certified Information Systems Auditor (CISA) examination
Our complete range of CISA study guides and training services:
Essential CISA books and study guides
As preparation is essential to passing the CISA examination, we strongly recommend that all delegates purchase the CISA exam study guides before taking the relevant course. IT Governance is the exclusive approved reseller of ISACA publications in the UK and all titles are available from our dedicated ISACA Certification Bookstore.
We particularly recommend that you purchase the Official CISA Exam Passport package, which contains copies of the CISA Review Manual, 26th Edition and the CISA Review Questions, Answers and Explanations Manual, 11th Edition.