Certified Information Systems Auditor (CISA)


CISA Certification Badge   The ISACA® Certified Information Systems Auditor (CISA) is a globally recognized certification for IS
   audit control, assurance, and security professionals. The CISA certification proves skills and knowledge
   within the field and is globally recognized as the mark of excellence for the IS audit professional.

The CISA certification confirms, quantifies, and markets your experience in the field of IS Auditing, giving you a competitive advantage over your peers.  The certification covers the following domains in detail:

  • The Process of Auditing Information Systems
  • Governance and Management of IT
  • Information Systems Acquisition, Development and Implementation
  • Information Systems Operations, Maintenance and Service Management
  • Protection of Information Assets

The CISA Certification Demonstrates:

  • The ability to provide the enterprise with a certification for IT assurance that is recognized by multinational clients, lending credibility to the enterprise
  • Proficiency in technology controls
  • Competence in five domains, including standards and practices; organization and management; processes; integrity, confidentiality and availability; and software development, acquisition and maintenance
  • A commitment to providing the enterprise with trust in and value from your information systems
  • Maintenance of ongoing professional development for successful on-the-job performance
  • Certified individuals are highly qualified, experienced professionals

How to Earn the CISA Certification

In order to earn the CISA certification, you must pass a comprehensive exam based on the 5 domains mentioned above. The best way to prepare for this exam is with ASPE's CISA Exam Boot Camp. This 3-day course will thoroughly cover all of the information on the certification exam, as well as teach techniques for governance, risk management and compliance from the IT Auditor's perspective.

Work experience is also required to earn the CISA certification, a minimum of 5 years of professional IS auditing, control or security work is needed (some candidates do choose to take the exam before they have the full experience requirements, however). You can view the full list of substitutions and waivers on ISACA's® website here.

The CISM® exam is offered three times per year, over a window of dates. The window dates for 2017 are:

  1. May 1 – June 30
  2. August 1 – September 30
  3. November 1 – December 31

To find a testing location near you, please visit

Other Requirements