Certified Information Systems Auditor (CISA)


CISA Certification Badge   The ISACA® Certified Information Systems Auditor (CISA) is a globally recognized certification for IS
   audit control, assurance, and security professionals. The CISA certification proves skills and knowledge
   within the field and is globally recognized as the mark of excellence for the IS audit professional.

The CISA certification confirms, quantifies, and markets your experience in the field of IS Auditing, giving you a competitive advantage over your peers.  The certification covers the following domains in detail:

  • The Process of Auditing Information Systems
  • Governance and Management of IT
  • Information Systems Acquisition, Development and Implementation
  • Information Systems Operations, Maintenance and Service Management
  • Protection of Information Assets

The CISA Certification Demonstrates:

  • The ability to provide the enterprise with a certification for IT assurance that is recognized by multinational clients, lending credibility to the enterprise
  • Proficiency in technology controls
  • Competence in five domains, including standards and practices; organization and management; processes; integrity, confidentiality and availability; and software development, acquisition and maintenance
  • A commitment to providing the enterprise with trust in and value from your information systems
  • Maintenance of ongoing professional development for successful on-the-job performance
  • Certified individuals are highly qualified, experienced professionals

How to Earn the CISA Certification

In order to earn the CISA certification, you must pass a comprehensive exam based on the 5 domains mentioned above. The best way to prepare for this exam is with ASPE's CISA Exam Boot Camp. This 3-day course will thoroughly cover all of the information on the certification exam, as well as teach techniques for governance, risk management and compliance from the IT Auditor's perspective.

Work experience is also required to earn the CISA certification, a minimum of 5 years of professional IS auditing, control or security work is needed (some candidates do choose to take the exam before they have the full experience requirements, however). You can view the full list of substitutions and waivers on ISACA's® website here.

The CISM® exam is offered three times per year, over a window of dates. The window dates for 2017 are:

  1. May 1 – June 30
  2. August 1 – September 30
  3. November 1 – December 31

To find a testing location near you, please visit

Courses related to this certification:
  • Exam
  • Code of Professional Ethics
  • Experience

ISACA Members: $465
ISACA Non-Members: $595

A $50 discount is available for individuals who schedule their exam early

Exam Details

150 multiple choice questions over 4 hours proctored at PSI testing facility

Required Certification
  • *Relevant certifications may reduce experience requirement

Required Education

*Relevant education may reduce experience requirement

Required Experience

Minimum 5 years of professional information systems auditing, control or security work experience

ISACA may allow substitutions for experience to candidates with relevant certifications or education

Other Requirement Details

Agree to Code of Professional Ethics (


ISACA Member: $45/year
ISACA Non-Member: $80/year

20 ISACA approved contact hours (CPEs)/year and 120 CPEs/3 years