The CISA qualification
Established in 1978, the Certified Information Systems Auditor (CISA) qualification awarded by ISACA® is the globally accepted standard of achievement among information systems (IS) audit, control and security professionals.
"Any ISACA programme when followed through from study, to exams, to actual certification, provides greater recognition in the marketplace and influence at the executive level. It is not just about attending a course and passing the exam, it is about being able to demonstrate application of that knowledge and recognition of your work, management and educational experience."
- Paula Kench, Delegate on the CISA Exam Preparation Course
What are the requirements for CISA qualification?
The CISA certification is awarded to candidates with at least five years of relevant work experience who pass a rigorous written examination.
ISACA defines five CISA domains on which you will be examined:
- Domain 1 - Information System Auditing Process (21% of exam)
- Domain 2 - Governance and Management of IT (17% of exam)
- Domain 3 - Information Systems Acquisition, Development and Imp. (12% of exam)
- Domain 4 - Information Systems Operations and Business Resilience (23% of exam)
- Domain 5 - Protection of Information Assets (27% of exam)
For more information, please see the official ISACA 'How to Become CISA Certified' web page.
How do you pass the CISA exam at the first attempt?
We recommend the following:
- Check that you have the relevant five years of work experience to qualify, or you are able to gain this experience within the next five years.
- Purchase your CISA exam directly from IT Governance.
- Register and schedule your exam with ISACA.
- Plan a self-study programme that covers all the key knowledge domains.
- Attend our CISA exam preparation training course 2-4 weeks before you sit the exam.
How to register and schedule the CISA exam
The CISA exam is offered via a computer-based testing (CBT) session, which is available online or at a PSI exam centre all year round. All candidates must first register online directly with ISACA. They will then receive email instructions on how to schedule an exam appointment.
For further information, please review the ISACA Certification Exam Candidate Guide.
Continuing professional education
There is a continuing professional education (CPE) policy in respect of qualified CISA professionals. The goal of this policy is to ensure that all CISAs maintain an adequate level of current knowledge and proficiency in the field of information systems audit, control and security.
CISAs who successfully comply with the “continuing professional education policy will be better trained to assess information systems and technology and provide leadership and value to their organisations.” The responsibility for setting the continuing professional education requirements rests with the CISA Certification Board, which oversees the process and requirements to ensure their applicability.
Maintenance fees and a minimum of 20 contact hours of CPE are required annually. In addition, a minimum of 120 contact hours are required during a fixed three-year period.
See the Maintain CISA Certification page on the ISACA website for further details.
Get in touch
If you are an IT professional looking to advance your career with the CISA qualification but have some questions, call our training team on 44 1474 556685, or request a call back using the form below. Our experts are ready and waiting with practical advice.