About
The Certified Information Systems Auditor (CISA®) certification is the globally recognized standard for professionals auditing, monitoring, and assessing IT and business systems. The CISA® credential validates expertise in applying a risk-based approach to audit engagements, ensuring IT audit professionals stay current with emerging technologies like AI and block chain.
Certification Body: ISACA® (Information Systems Audit and Control Association – USA)
Learning Objectives
- Understand and apply globally accepted IT audit practices and standards.
- Develop risk-based audit plans for IT systems.
- Assess the effectiveness of IT governance and management frameworks.
- Evaluate IT acquisition, development, and implementation processes.
- Ensure business resilience and protection of information assets.
Exam Information
- Duration: 4 hours
- Number of Questions: 150 (Multiple Choice)
- Passing Score: 450 out of 800
- Languages: English, French, German, Hebrew, Italian, Japanese, Korean, Spanish, Turkish, Chinese
Recertification
- Earn CPE credits annually to maintain certification.
- Stay current with industry trends and auditing practices.
- Report CPEs annually to retain certification status.
Curriculum
- 1 Section
- 5 Lessons
- 40 Hours
Expand all sectionsCollapse all sections
Requirements
- 5 years of professional experience in information systems auditing, control, or security.
- Experience substitutions allowed:
Up to 1 year of information systems or non-security auditing experience.
University credits or degrees in relevant fields.
A master's degree in information security or IT can substitute for 1 year of experience.
Target audiences
- IT audit professionals
- IT managers and security managers
- System analysts
- Consultants and professionals seeking a career in IS auditing